Closed Universal Squid+Privoxy installer for CentOS & Debian

[homer_simpson]

Hey guys,

Sa mga may CentOS at Debian dyan, eto universal installer for Squid+Privoxy on CentOS, Debian at OpenSUSE. Pwede din subukan sa Ubuntu although I think yung Ubuntu may different default firewall, so hindi aplikable yung part na yun. Pero madali nalang idag-dag yun sa future.

In addition, it sets up a chained squid, privoxy proxy.

Just copy it over to your VPS, then run from there. And wait there's more, may auto-email pa ito sa owner with the report after it has completed the setup. Isa pa, it is plaintext. Anyone can view it, edit it (of course you have to retain the license).

Grab it from here:

https://dropmb.com/download/558651f5672d4c2a505fb3052fad89c5.html

TODO:

• OpenVPN

Have fun!

[CAVEAT] Use it at your own risk.

 

[MhaShziYing]

Thanks .

 

[iamBARTX]

salamat dito bossing. may naglapag na rin sa wakas for debian

sana boss add din ng autoscript para sa centos 7 na may menu.

 

[Z3R0-C0NF1GZ]

nice work boss

 

[Piaro]

Working to !

Sana magka menu nadin ang mga CentOS7 users

 

[homer_simpson]

Kung may VPS kayo na pwede ipahiram, I will do further testing. Hindi ako pamilyar sa ibang installer. Actually, naisipan ko lang gawin ito. Paki send screen shot o copy ng script ng menu, and I'll see what I can do.

 

[PH-TUNNELER]

ano ba ang privoxy?

 

[jeypi1109]

anong port ng squid nito boss?

 

[homer_simpson]

Default squid port 3128.

 

[jeypi1109]

Default squid port 3128.

bakit 8118 nakalagay sa config boss?

 

[Y U E - LoVe]

Default squid port 3128.

Pede ba palitan yung port nya ts??or dagdagan??

 

[homer_simpson]

Privoxy default port == 8118 tcp
Squid default port == 3128 tcp
OpenVPN (not implemented yet) default port == 1194 tcp/udp

By the way, I am updating the script so that port 3128 is explicit, ie 0.0.0.0:3128. In addition, yung acl:

acl localnet src 192.168.0.0/16

won't allow you to connect, unless yun yung subnet ng VPN mo. I can put it like this

acl allowAll src 0.0.0.0/0

so that it allows everyone to connect.

Kung gusto mo i-secure, additional steps are required such as firewall, ACLs o connect only via VPN.

 

[jeypi1109]

Privoxy default port == 8118 tcp
Squid default port == 3128 tcp
OpenVPN (not implemented yet) default port == 1194 tcp/udp

By the way, I am updating the script so that port 3128 is explicit, ie 0.0.0.0:3128. In addition, yung acl:

acl localnet src 192.168.0.0/16

won't allow you to connect, unless yun yung subnet ng VPN mo. I can put it like this

acl allowAll src 0.0.0.0/0

so that it allows everyone to connect.

Kung gusto mo i-secure, additional steps are required such as firewall, ACLs o connect only via VPN.

ayos boss pero mas ok kung yung ip mo lang din makakaconnect usually ginagamit naman natin to sa vpn natin mas ok kung hindi allowed yung ibang ip na gamitin yung squid mo.
tsaka baka pwede boss pa udpate sa ububtu 16 to 19 kung kaya.

 

[homer_simpson]

Pede ba palitan yung port nya ts??or dagdagan??

Pwede ko idagdag na option yun sa script for either or both Squid and Privoxy. Pero what's the point?

 

[Nontikweed]

Salamat sa share

 

[jeypi1109]

natry mo na ba to boss sa tu50 and fixplan minsan kasi hindi gumagana sa tu50 yung squid.

 

[jeypi1109]

Pwede ko idagdag na option yun sa script for either or both Squid and Privoxy. Pero what's the point?

para lang may option haha mas ok boss pag may option lagi hahaha

 

[homer_simpson]

ayos boss pero mas ok kung yung ip mo lang din makakaconnect usually ginagamit naman natin to sa vpn natin mas ok kung hindi allowed yung ibang ip na gamitin yung squid mo.
tsaka baka pwede boss pa udpate sa ububtu 16 to 19 kung kaya.

Agree ako. Dapat yung owner lang o yung delegated IPs lang ang pwedeng kumonek. However, since residential and mobile IPs are dynamic, mahirap i-implement ang strict IP blocking via firewall. Ang pinaka-ideal na setup actually is certificate-based authentication ng OpenVPN. Tapos yung Squid at Privoxy will listen only on 127.0.0.1. Yun yung pinaka secure. Pwede mo na ding idagdag yung fail2ban.

 

[homer_simpson]

para lang may option haha mas ok boss pag may option lagi hahaha

IMHO, unnecessary complexity yan at this stage. Pero that can be easily implemented.

 

[jeypi1109]

Agree ako. Dapat yung owner lang o yung delegated IPs lang ang pwedeng kumonek. However, since residential and mobile IPs are dynamic, mahirap i-implement ang strict IP blocking via firewall. Ang pinaka-ideal na setup actually is certificate-based authentication ng OpenVPN. Tapos yung Squid at Privoxy will listen only on 127.0.0.1. Yun yung pinaka secure. Pwede mo na ding idagdag yung fail2ban.

oo boss pwede ba ganon na autoscript boss may ovpn installer kasi ako dito kaso wala syang squid mano mano ko iniinstall tsaka yung privoxy para mapagana sa tu50 up and fixplan pero may nag sabi sakin na pwede daw squid sa tu50 up and fixplan depende lang sa sa config ng squid.