hola un favorsaso instale el raptor2 https, parece que se instalo bien, lo raro es que la maquina cliente no se conecta a internet pero el server si tiene intenert
mi configuracion es esta
Interface IP Netmask Network Broadcast Gateway
eth0 10.0.2.15 255.0.0.0 10.0.2.0 10.0.2.255 10.0.2.2 X
eth1 192.168.2.1 255.255.255.0 192.168.2.0 192.168.2.255 X
IP Cache
192.168.2.1
es lo que aparece en la pestaña network
y la configuracion del squid es esta
#=====================================================================#
# Squid 3.x Conf #
#=====================================================================#
http_port 3128 intercept
http_port 3126
visible_hostname raptor.os
icp_port 0
#----------------------------------------------------------------------
acl google url_regex -i (googlevideo\.com|www\.youtube\.com)
acl mobile browser -i regexp (iPhone|iPad|Windows.*Phone|BlackBerry|PlayBook|Trident|IEMobile)
request_header_access User-Agent deny google !mobile
request_header_replace User-Agent Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
#----------------------------------------------------------------------
#error_directory /usr/share/squid3/errors/Spanish/
#----------------------------------------------------------------------
acl blacklist url_regex -i "/etc/squid3/blacklist.lst"
#----------------------------------------------------------------------
# Servidor DNS y Politica de Cambios
#----------------------------------------------------------------------
dns_nameservers 192.168.42.129 8.8.4.4
dns_retransmit_interval 5 seconds
dns_timeout 2 minutes
#----------------------------------------------------------------------
acl built-in proto cache_object
acl localnet src 10.0.0.0/8 # RFC 1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC 1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC 1918 possible internal network
acl localnet src 192.168.2.0/24
acl localnet src fc00::/7 # RFC 4193 local private network range
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
acl CONNECT method CONNECT
acl Safe_ports port 80 # http
acl Safe_ports port 443 # https
acl SSL_ports port 443 # https
http_access deny blacklist
http_access allow localhost built-in
http_access deny built-in
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow localnet
#----------------------------------------------------------------------
coredump_dir /var/spool/squid3
include /etc/raptor/peers
cache_mgr raptor.os
shutdown_lifetime 2 seconds
half_closed_clients off
server_persistent_connections off
client_persistent_connections off
quick_abort_min 0 KB
quick_abort_max 0 KB
quick_abort_pct 95
max_filedescriptors 819200
qos_flows local-hit=0x48
#----------------------------------------------------------------------
#cache deny all
#----------------------------------------------------------------------
acl sys_lst url_regex -i "/etc/raptor/sys.lst"
acl raptor_lst url_regex -i "/etc/raptor/raptor.lst"
acl wth_lst url_regex -i "/etc/raptor/whitelist.lst"
acl host_lst req_header Host -i "/etc/raptor/host.lst"
acl exts url_regex -i \.(cab|exe|msi|msu|zip|deb|rpm|bz|bz2|gz|tgz|rar|bin|7z|mp3|mp4|flv)$
acl head_html req_header Accept -i text/html.+
cache deny raptor_lst
cache_peer 192.168.2.1 parent 8080 0 proxy-only no-digest
dead_peer_timeout 2 seconds
cache_peer_access 192.168.2.1 allow host_lst
cache_peer_access 192.168.2.1 allow exts
cache_peer_access 192.168.2.1 deny head_html
cache_peer_access 192.168.2.1 deny wth_lst
cache_peer_access 192.168.2.1 allow raptor_lst
cache_peer_access 192.168.2.1 allow sys_lst
cache_peer_access 192.168.2.1 deny all
cache deny all !google !str1
#----------------------------------------------------------------------
al hacer ping puedo llegar hasta el 10.0.2.15 pero al gaterway 10.0.2.2 no, solo aparece tiempo de espera agotado po lo que pienso que otra cosilla mas hay que anadirle, algo mas donde descarga el cerificado raptor2 gracias
PD: mi configuracion es modo gateway
mi configuracion es esta
Interface IP Netmask Network Broadcast Gateway
eth0 10.0.2.15 255.0.0.0 10.0.2.0 10.0.2.255 10.0.2.2 X
eth1 192.168.2.1 255.255.255.0 192.168.2.0 192.168.2.255 X
IP Cache
192.168.2.1
es lo que aparece en la pestaña network
y la configuracion del squid es esta
#=====================================================================#
# Squid 3.x Conf #
#=====================================================================#
http_port 3128 intercept
http_port 3126
visible_hostname raptor.os
icp_port 0
#----------------------------------------------------------------------
acl google url_regex -i (googlevideo\.com|www\.youtube\.com)
acl mobile browser -i regexp (iPhone|iPad|Windows.*Phone|BlackBerry|PlayBook|Trident|IEMobile)
request_header_access User-Agent deny google !mobile
request_header_replace User-Agent Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
#----------------------------------------------------------------------
#error_directory /usr/share/squid3/errors/Spanish/
#----------------------------------------------------------------------
acl blacklist url_regex -i "/etc/squid3/blacklist.lst"
#----------------------------------------------------------------------
# Servidor DNS y Politica de Cambios
#----------------------------------------------------------------------
dns_nameservers 192.168.42.129 8.8.4.4
dns_retransmit_interval 5 seconds
dns_timeout 2 minutes
#----------------------------------------------------------------------
acl built-in proto cache_object
acl localnet src 10.0.0.0/8 # RFC 1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC 1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC 1918 possible internal network
acl localnet src 192.168.2.0/24
acl localnet src fc00::/7 # RFC 4193 local private network range
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
acl CONNECT method CONNECT
acl Safe_ports port 80 # http
acl Safe_ports port 443 # https
acl SSL_ports port 443 # https
http_access deny blacklist
http_access allow localhost built-in
http_access deny built-in
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow localnet
#----------------------------------------------------------------------
coredump_dir /var/spool/squid3
include /etc/raptor/peers
cache_mgr raptor.os
shutdown_lifetime 2 seconds
half_closed_clients off
server_persistent_connections off
client_persistent_connections off
quick_abort_min 0 KB
quick_abort_max 0 KB
quick_abort_pct 95
max_filedescriptors 819200
qos_flows local-hit=0x48
#----------------------------------------------------------------------
#cache deny all
#----------------------------------------------------------------------
acl sys_lst url_regex -i "/etc/raptor/sys.lst"
acl raptor_lst url_regex -i "/etc/raptor/raptor.lst"
acl wth_lst url_regex -i "/etc/raptor/whitelist.lst"
acl host_lst req_header Host -i "/etc/raptor/host.lst"
acl exts url_regex -i \.(cab|exe|msi|msu|zip|deb|rpm|bz|bz2|gz|tgz|rar|bin|7z|mp3|mp4|flv)$
acl head_html req_header Accept -i text/html.+
cache deny raptor_lst
cache_peer 192.168.2.1 parent 8080 0 proxy-only no-digest
dead_peer_timeout 2 seconds
cache_peer_access 192.168.2.1 allow host_lst
cache_peer_access 192.168.2.1 allow exts
cache_peer_access 192.168.2.1 deny head_html
cache_peer_access 192.168.2.1 deny wth_lst
cache_peer_access 192.168.2.1 allow raptor_lst
cache_peer_access 192.168.2.1 allow sys_lst
cache_peer_access 192.168.2.1 deny all
cache deny all !google !str1
#----------------------------------------------------------------------
al hacer ping puedo llegar hasta el 10.0.2.15 pero al gaterway 10.0.2.2 no, solo aparece tiempo de espera agotado po lo que pienso que otra cosilla mas hay que anadirle, algo mas donde descarga el cerificado raptor2 gracias
PD: mi configuracion es modo gateway