Team Members
Fedora 9 Re-Spin Released!
How to allow access to IM applications when using Squid as proxy server on Fedora
Squid is a proxy server and web cache daemon. You can use it to route all or only web traffic from your network with the help of a firewall. But if you use Windows Desktops in your network and configure proxy on them using Internet Explorer, other applications such as MSN messenger, Yahoo messenger also the proxy server by default. Since by default Squid does not allow IM applications to pass through these application would not work. Using this method you can allow popular IM application use Squid proxy and pass through.
Applicable to Fedora Versions
Guide is designed keeping Fedora 8 in mind, but should work with other releases as well.
Again this is only necessary if you have Windows Clients that require IM and IRC access. If your clients are running Linux, there are better ways of doing this.
Doing the work
- Install Squid if you haven't done so already. Open Terminal, Login as root and install Squid
yum install squid
- Edit Squid configuration file
vi /etc/squid/squid.conf
Change vi with your favorite text editor.
- If you want to change the Proxy server name then add the following line to your squid.conf
visible_hostname MyMachineName
- Allow HTTP access to a network
acl acl_home src 192.168.1.0/255.255.255.0 http_access allow acl_home
or allow only one IPacl acl_JohnDoe src 128.128.128.128 http_access allow acl_JohnDoe
- Now to allow IM and IRC access, add the following lines to squid.conf
acl SSL_ports port 443 563 1863 5190 5222 5050 6667 # AOL Instant Messenger to connect to oscar.aol.com acl AIM_ports port 5190 9898 acl AIM_domains dstdomain .oscar.aol.com .blue.aol.com acl AIM_domains dstdomain .messaging.aol.com .aim.com acl AIM_hosts dstdomain login.oscar.aol.com login.glogin.messaging.aol.com toc.oscar.aol.com acl AIM_nets dst 64.12.0.0/255.255.0.0 acl AIM_methods method CONNECT # http_access allow AIM_methods AIM_ports AIM_nets http_access allow AIM_methods AIM_ports AIM_hosts # Permit IRC acl IRC_ports port 6667 acl IRC_domains dstdomain .freenode.net acl IRC_hosts dstdomain irc.freenode.net acl IRC_methods method CONNECT # http_access allow IRC_methods IRC_ports IRC_hosts http_access allow IRC_methods IRC_ports IRC_domains # Permit Yahoo Messenger acl YIM_ports port 5050 acl YIM_domains dstdomain .yahoo.com .yahoo.co.jp acl YIM_hosts dstdomain scs.msg.yahoo.com cs.yahoo.co.jp acl YIM_methods method CONNECT # http_access allow YIM_methods YIM_ports YIM_hosts http_access allow YIM_methods YIM_ports YIM_domains # Permit Google Talk acl GTALK_ports port 5222 5050 acl GTALK_domains dstdomain .google.com acl GTALK_hosts dstdomain talk.google.com acl GTALK_methods method CONNECT # http_access allow GTALK_methods GTALK_ports GTALK_hosts http_access allow GTALK_methods GTALK_ports GTALK_domains # Permit MSN acl MSN_ports port 1863 443 1503 acl MSN_domains dstdomain .microsoft.com .hotmail.com .live.com .msft.net .msn.com .passport.com acl MSN_hosts dstdomain messenger.hotmail.com acl MSN_nets dst 207.46.111.0/255.255.255.0 acl MSN_methods method CONNECT # http_access allow MSN_methods MSN_ports MSN_hosts http_access allow MSN_methods MSN_ports MSN_domains http_access allow MSN_methods MSN_ports MSN_nets http_access deny !Safe_ports !AIM_ports !YIM_ports !GTALK_ports !MSN_ports http_access deny CONNECT !SSL_ports
- Save the file, exit and restart Squid
service squid restart
- Now configure your Windows machine to use your Squid server as proxy.
More Information
Disclaimer
We test this
stuff on our own machines, really we do. But you may run into problems,
if you do, come to #fedora on irc.freenode.net
Using this method you may be violating network policy, please check with your network administrator for further information You have been warned.
Forgot your password?
New user?
