Koozali.org: home of the SME Server
Legacy Forums => Experienced User Forum => Topic started by: Wesley on December 25, 2002, 03:40:00 AM
-
I just switched my 5.5 box from server to server & gateway.
I have had in the past an SME 4.x.x setup as server&gateway.
All is working just fine. My question is this. When I had the 4.x.x box setup and I also had the DNS server settings on my windows machines pointing at the SME box, if I entered an URL that did not exist I received a screen from the SME box stating that "Cannot find server" with some information, and at the bottom it had the mitel1.mydomain.com tag. With that tag I knew this was something that BIND on the SME box was producing. Now with my 5.5 box setup the same I receive the standard Internet Explorer "Cannot find server screen" Understand I can also surf without any problem so I know that pointing my DNS server to the IP of the SME box works.
In short the custom screen that I was given with the 4.x.x box was really cool. I would like to get that back if I could. Is this something that can be controlled by BIND? or is this a feature of the 4.x.x SME boxes that no longer exists.
I was wondering if any of the SME gurus here could shed some light on this. I mean I could live w/o the feature but it sure was cool and impressed the friends.
Thanks in advance
Wesley
-
Sounds like you were using SQUID on your 4.x box and you're not using it on 5.5+?
-
Thank you for your reply Nathan, After approx. 4 hours searching around I decided to start looking @ squid to see if it was being used. On the 5.5 I was not proxying through the E-Smith. So I setup a windows box to use a proxy gave it the IP of the E-Smith and lo and behold my error pages are back. In fact they are located on the E-Smith and can be editted :) Merry Chrtistmas.
It's funny one little tangent like trying to get the error pages made me look at things I never looked at before, like the Squid website, it never ceases to amaze me just how versatile and pwerful the E-Smith really is. Definately a great job from the people who created it.
Now another question does anyone know how I can block a user or IP from reaching the internet during certain times of the day?
Thank you in advance
Wesley
-
A little more difficult, but I imagine you could create a cronjob that would deny the user by issuing the following command:
/sbin/ipchains -A input --source --dest ! /24 -j DENY
Your "Undeny" rule would simply need to delete the above rule, or issue /etc/rc.d/init.d/masq restart to flush the IPChain rules.
/24 is the CIDR notation for a Class-C subnet, or 255.255.255.0 (I believe)
-
Happy Holidays and thank You for your reply Nathan.
I did some searching arounf the E-Smith site and the BB for more info on using Squid. An amazing piece of code squid is :)
Is there any technotes/docs or infothat you know of that could shed more light onto the subject Of the Squid Proxy. I spent about 4 hours this morning at the Squid website. Which gave tons of Great information but, working that info into E-Smith's template system is the big hurdle.
Any info would be greatly appreciated ......
-
Oh, by "Internet" I assumed you meant all external access, not just HTTP browsing. Either way, you're going to have to Cron an entry since we're talking access times...I think your easiest bet is going to be using ipChains. I'd be more than happy to assist you in implementing it.
As far as SQUID is concerned, I'm not a big user of Squid, as a result I'm not that educated on it either. I'd just check out the SQUID documentation, I can help you implement any setting you want into the templating system.
-
Since the release of 5.1 transparent HTTP proxy is enabled by default. How can I disable it?
To disable transparent proxying of all HTTP request from your LAN, run:
/sbin/e-smith/db configuration setprop squid Transparent no
/sbin/e-smith/signal-event remoteaccess-update