Difference between revisions of "Upside Down Ternet"
Thestinger (talk | contribs) (→Configuration: pre tags) |
m (<tt>text</tt> -> {{Codeline|text}}) |
||
Line 12: | Line 12: | ||
== Configuration == | == Configuration == | ||
− | Create flip.pl and place it in your | + | Create flip.pl and place it in your {{Codeline|/usr/local/bin}} folder |
<pre> | <pre> | ||
#!/usr/bin/perl | #!/usr/bin/perl | ||
Line 57: | Line 57: | ||
url_rewrite_program /usr/local/bin/flip.pl | url_rewrite_program /usr/local/bin/flip.pl | ||
− | Also find the line for | + | Also find the line for {{Codeline|http_port}} and make it now read |
http_port 3128 transparent | http_port 3128 transparent | ||
Line 91: | Line 91: | ||
== Router Setup == | == Router Setup == | ||
− | You will need to edit | + | You will need to edit {{Codeline|iptables}} on your router or gateway to redirect http traffic to your proxy. |
If you have DD-WRT on your router, this is easily done by going to Administration -> Commands and pasting the following into the box. | If you have DD-WRT on your router, this is easily done by going to Administration -> Commands and pasting the following into the box. |
Revision as of 21:00, 6 September 2011
This is a HowTo on creating a transparent Squid proxy server using mogrify to flip the images upside down.
Preparation
Install these packages to get things started
pacman -S squid apache imagemagick
ImageMagick contains mogrify and is only needed if you don't already have it.
Configuration
Create flip.pl and place it in your Template:Codeline folder
#!/usr/bin/perl $|=1; $count = 0; $pid = $$; while (<>) { chomp $_; if ($_ =~ /(.*\.jpg)/i) { $url = $1; system("/usr/bin/wget", "-q", "-O","/srv/http/images/$pid-$count.jpg", "$url"); system("/usr/bin/mogrify", "-flip","/srv/http/images/$pid-$count.jpg"); print "http://127.0.0.1/images/$pid-$count.jpg\n"; } elsif ($_ =~ /(.*\.gif)/i) { $url = $1; system("/usr/bin/wget", "-q", "-O","/srv/http/images/$pid-$count.gif", "$url"); system("/usr/bin/mogrify", "-flip","/srv/http/images/$pid-$count.gif"); print "http://127.0.0.1/images/$pid-$count.gif\n"; } elsif ($_ =~ /(.*\.png)/i) { $url = $1; system("/usr/bin/wget", "-q", "-O","/srv/http/images/$pid-$count.png", "$url"); system("/usr/bin/mogrify", "-flip","/srv/http/images/$pid-$count.png"); print "http://127.0.0.1/images/$pid-$count.png\n"; } else { print "$_\n";; } $count++; }
Now we need to modify the permissions so that it's executable
chmod 755 /usr/local/bin/flip.pl
Next, while not necessary, does clean up the Squid config file a lot making it easier on the eyes
sed -i "/^#/d;/^ *$/d" /etc/squid/squid.conf
Now, edit your squid.conf file and append this to the bottom
url_rewrite_program /usr/local/bin/flip.pl
Also find the line for Template:Codeline and make it now read
http_port 3128 transparent
Finally, we have to create the folders for the images to be flipped in and set their permissions
The directory where the images are to be stored must be owned by the proxy user.
mkdir /srv/http/images chown proxy:proxy /srv/http/images chmod 755 /srv/http/images
Finally, add the http user to the proxy group
usermod -aG proxy http
Verify that the http user is a member of the proxy group
groups proxy
or
id -Gn proxy
Starting
Make sure you start both apache and squid with
/etc/rc.d/httpd start /etc/rc.d/squid start
If you simply want to reload squid with the new config:
/etc/rc.d/squid reload
Router Setup
You will need to edit Template:Codeline on your router or gateway to redirect http traffic to your proxy.
If you have DD-WRT on your router, this is easily done by going to Administration -> Commands and pasting the following into the box.
#!/bin/sh PROXY_IP=192.168.1. PROXY_PORT=3128 LAN_IP=`nvram get lan_ipaddr` LAN_NET=$LAN_IP/`nvram get lan_netmask` iptables -t nat -A PREROUTING -i br0 -s $LAN_NET -d $LAN_NET -p tcp --dport 80 -j ACCEPT iptables -t nat -A PREROUTING -i br0 -s ! $PROXY_IP -p tcp --dport 80 -j DNAT --to $PROXY_IP:$PROXY_PORT iptables -t nat -I POSTROUTING -o br0 -s $LAN_NET -d $PROXY_IP -p tcp -j SNAT --to $LAN_IP iptables -I FORWARD -i br0 -o br0 -s $LAN_NET -d $PROXY_IP -p tcp --dport $PROXY_PORT -j ACCEPT