Linux Server

hye all... 1st of all merry Christmas...

i'm degree student.. and now i have to do final year project..
my project is proxy server.. my problem is i want to connect config file from squid to database server...
i must install squid on fedora and database on difference PC... anyone can help me...

hye everyone... i newbie here..
how can i placing all ACL line in "squid.conf" into database...
so i can manage blocking website only in databse...

I have setup proxy server as squid Now i would like to enable High Availability between two squid proxy servers acting as one.

I am experiencing a strange issue where squid asks me to authenticate twice. Here is how it goes:

I have my Firefox browser set to go out my squid proxy. Whenever I open the browser I am prompted for my username and password, which I enter. Immediately the browser fetches my homepage, however, at almost the exact same time I am prompted to enter my username and password again.

Clearly the I entered the correct information the first time or the browser would never load my homepage. The odd part is that sometimes I can just cancel the second request for a username and password without issue. Other times I MUST enter it to continue browsing.

Here is a copy of my config: http://pastebin.com/mdM7gfLf

Any ideas on what is going on here? Thanks in advance to anyone who has some thoughts on this.

Hello
I am working on Red Hat 6.4 Enterprise Server.Here commands systemctl and systemd are not working.Error comes command not found.I am using service command in place of systemctl to start,stop,enable and disable service etc.
example service httpd start
Also I am not able to install any software or package by using yum command.Whenever I try to install a package through yum the below error comes
Loaded plugins: product-id, refresh-packagekit, security, subscription-manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
Repository 'repository_url': Error parsing config: Error parsing "baseurl = 'repository_url'": URL must be http, ftp, file or https not ""
Setting up Install Process
Nothing to do
Please advice some other commands or what to do.Regards Najam

Hi, I am using a XML file in server location which contains some attributes and value.I just want to replace the attribute value inside the tag keeping the complete line and xml file intact. I am looking for Regular expression which can search for attribute name and replace the attribute value with the provided one. Please find below property details.

<server>
<mbean code="com.xyz.domain.wsmq.WSMQConnectionFactory"
name="xyz.qps:service=MQQueueConnectionFactory">
<attribute name="QueueManagerName">QMSTR01</attribute>
<attribute name="HostName">xx.yy.zz.ww</attribute>
<attribute name="Channel">channel01</attribute>
<depends>jboss:service=Naming</depends>
</mbean>
</server>

We have 20 systems and I installed SQUID proxy on CENTOS to limit internet access but I'm unable to configure LAN and WAN. We have got one router in the network with 192.168.1.1 as default gateway. I installed squid successfully but unable to configure it in client systems as I'm unable to configure LAN and WAN ips in CentOS.
Please suggest me correct configuration of LAN and WAN for my network. We don't have any static IP with us. What series of IPs do I have to configure in Linux server? After that, what would be my Proxy IP?

I have basic knowledge about Linux...

Please suggest me Conf file accordlingly.

SIR

I HAVE RECENTLY INSTALLED CENTOS7 AND CONFIGURED SQUID ON IT . I AM FACING A TYPICAL PROBLEM I AM ABLE TO BROWSE THE NORMAL PAGES BUT WHEN ANY PAGE THAT STARTS WITH HTTPS:\\ IS NOT ALLOWED TO BROWSE.
I HAVE CHECKED MY SQUID.CONF FILE BUT AM UNABLE TO FIND THE PROBLEM.
I HAVE DISABLE SELINEX AND THERE ARE NO RULES IN IPTABLES ALSO.

KINDLY HELP

PASTING MY SQUID.CONF FILE

#
# Recommended minimum configuration:
#

# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
#acl all src all
#acl manager proto cache_object
#acl localhost 127.0.0.1/32
#acl to_localhost dst 127.0.0.0/8 0.0.0.0/32

acl localnet src 191.254.178.0/24 191.254.28.0/24 10.0.43.0/24 10.0.42.0/24
http_access allow localnet
icp_access allow all

acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

#
# Recommended minimum Access Permission configuration:
#
# Deny requests to certain unsafe ports
http_access deny !Safe_ports

# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports

# Only allow cachemgr access from localhost
#http_access allow localhost manager
http_access allow localnet manager
http_access deny manager

# We strongly recommend the following be uncommented to protect innocent
# web applications running on the proxy server who think the only
# one who can access services on "localhost" is a local user
#http_access deny to_localhost

#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#

# Example rule allowing access from your local networks.
# Adapt localnet in the ACL section to list your (internal) IP networks
# from where browsing should be allowed
#http_access allow localhost

# And finally deny all other access to this proxy
http_access deny all


# Squid normally listens to port 3128
http_port 8899

# Uncomment and adjust the following to add a disk cache directory.
#cache_dir ufs /var/spool/squid 100 16 256

# Leave coredumps in the first cache dir
coredump_dir /var/spool/squid

cache_peer 191.254.178.76 parent 3128 0 no-query no-digest
#icp_access allow all

#
# Add any of your own refresh_pattern entries above these.
#
refresh_pattern ^ftp: 1440 20 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320

I recently changed from Debian 7 to 8 which now uses systemd as the default init.
I had a init file that worked fine (see below) and works fine when directly invoked
Code:

$ sudo /etc/init.d/iptables start

however fails when indirectly invoked
Code:

$ sudo service iptables start
Job for iptables.service failed. See 'systemctl status iptables.service' and 'journalctl -xn' for details.

Code:

$ systemctl status iptables.service
 iptables.service - LSB: Iptable setup
   Loaded: loaded (/etc/init.d/iptables)
   Active: failed (Result: exit-code) since Mon 2015-05-25 17:18:37 PDT; 5s ago
  Process: 4825 ExecStart=/etc/init.d/iptables start (code=exited, status=203/EXEC)

Code:

$ journalctl -xn
No journal files were found.

I don't understand the error except that it "failed" and is loaded.
I have disabled and re-enabled the service with these commands:

Code:

sudo systemctl disable iptables
sudo systemctl enable iptables

which completes successfully but did not fix the problem.


INIT file
Code:

### BEGIN INIT INFO
# Provides:          iptables
# Required-Start:    $network $remote_fs $syslog
# Required-Stop:     $network $remote_fs $syslog
# Should-Start:      $portmap
# Should-Stop:       $portmap
# X-Start-Befo     nis
# X-Stop-After:      nis
# Default-Start:     2 
# Default-Stop:      1
# X-Interactive:     false
# Short-Description: Iptable setup
# Description:       Sets iptable rules
#                    
### END INIT INFO

ipt=/sbin/iptables

loadrules() {

if [ -e /etc/iptables_ruleset ]; then iptables-restore < /etc/iptables_ruleset && exit 0; fi

$ipt -F
$ipt -X

# Policies and Chains
$ipt -P INPUT DROP
$ipt -P FORWARD DROP
$ipt -P OUTPUT ACCEPT
$ipt -N SSH
$ipt -N WEBSERVER

$ipt -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
$ipt -A INPUT -i lo -j ACCEPT # Allow loopback

# Services
$ipt -A INPUT -p tcp -m multiport --dport 443,80 -j WEBSERVER # WEBSERVER chain 
$ipt -A INPUT -p tcp --dport 22 -m conntrack --ctstate NEW -j SSH # Jump to SSH chain
$ipt -A INPUT -p tcp -s 192.168.1.1/24 --dport 445 -j ACCEPT # samba

# Reject message for LAN
$ipt -A INPUT -s 192.168.1.1/24 -j REJECT

# WEBSERVER chain
$ipt -A WEBSERVER -p tcp -m multiport --dport 443,80 -m conntrack --ctstate NEW -j LOG
$ipt -A WEBSERVER -p tcp -m multiport --dport 443,80 -j ACCEPT

# SSH chain
$ipt -A SSH -p tcp --dport 22 -m recent --set --name SSH # Set SSH recent
$ipt -A SSH -p tcp --dport 22 -m recent --name SSH --update --seconds 10 --hitcount 2 --rttl -j LOG # Log if over counter
$ipt -A SSH -p tcp --dport 22 -s 192.168.1.1/24 -m recent --name SSH --update --seconds 10 --hitcount 10 --rttl -j REJECT # Reject from lan if over counter
$ipt -A SSH -p tcp --dport 22 ! -s 192.168.1.1/24 -m recent --name SSH --update --seconds 10 --hitcount 2 --rttl -j DROP # Drop if over counter
$ipt -A SSH -p tcp --dport 22 -j ACCEPT

iptables-save > /etc/iptables_ruleset
}

removerules() {
$ipt -P INPUT ACCEPT
$ipt -P FORWARD ACCEPT
$ipt -P OUTPUT ACCEPT
$ipt -F
$ipt -X
}

restartrules() {
rm /etc/iptables_ruleset
loadrules
}

case "$1" in
	start)
		loadrules
		;;
	stop)
		removerules
		;;
        restart)
                restartrules
                ;;
    	*)
        	echo "Usage: $0 start|stop|restart" >&2
        	exit 3
        	;;
esac

Edit:
Checking /var/log/daemon.log gives me this info:
Code:

May 25 19:13:29 hostname systemd[6004]: Failed at step EXEC spawning /etc/init.d/iptables: Exec format error
May 25 19:13:29 hostname systemd[1]: iptables.service: control process exited, code=exited status=203
May 25 19:13:29 hostname systemd[1]: Failed to start LSB: Iptable setup.
May 25 19:13:29 hostname systemd[1]: Unit iptables.service entered failed state.

I have installed vsftp to the server , the status is running now , but when use the command "ftp localhost" , it pops the "421 Service not available." , would advise what is wrong ? thanks

bash-3.2# /etc/rc.d/init.d/vsftpd status
vsftpd (pid 580) is running...
bash-3.2# ps -ef |grep vsftpd
root 580 1 0 15:44 ? 00:00:00 /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf
root 607 467 0 15:45 pts/0 00:00:00 grep vsftpd
bash-3.2# ftp localhost
Connected to localhost (127.0.0.1).
421 Service not available.