April 30, 2008 at 1:13 am #41015
Is there any way to use Zeroshell behind a PROXY (say squid running on port 8080) while still using its capability to authenticate users (captive portal) before allowing them to browse.
Scenario: The company has the PROXY in place which they don’t want to disturb as it runs third party tools. Now they want wifi users not to use WEP pass keys, instead use their usernames and passwords created in zeroshell, to connect to internet.
I’m using the latest release.
Please guideMay 5, 2008 at 7:27 pm #46419
You could use the integrated proxy of Zeroshell in manner that it has as parent proxy the Squid server you said. You just have to configure the
# Specify a parent proxy (e.g. Squid) HAVP should use.
# Default: NONE
# PARENTPROXY localhost
# PARENTPORT 3128
in the file /root/kerbynet.cgi/template/havp.config
Don’t forget that the HAVP proxy configured in Zeroshell acts as transparent proxy, hence, you do not have to configure the clients to use it. The transparent proxy automatically will redirect the http requests to the Squid.
FulvioMay 8, 2008 at 3:55 am #46420
I changed the havp.config file and added the IP and port of my Parent Proxy. I then restarted the proxy services in /etc/init.d
But this has not worked, do you think anything else is required.May 8, 2008 at 6:09 pm #46421
Is the parent proxy authenticated?May 9, 2008 at 5:32 am #46422
Yes, it is open for allMay 9, 2008 at 10:24 am #46423
Infact, at present the zeroshell box is authenticating the users (captive portal) and once connected users have to manually edit the preferences and add the main/parent squid proxy to start browsing.
When we tried your suggested solution (hvap.config) and restarted proxy service, still users needed to manually change the proxy setting in the browser after authentication from zeroshell.May 22, 2008 at 8:18 am #46424
As I was trying to analyze my problem I noticed that the transparent proxy (HAVP) screen is not updating the rules in the IPTABLES, if you view it from the terminal, IPTABLES remain same, that is why I guess the redirection to PARENT PROXY not happening.. pl reply asap
I’m using beta9 with updated A500 patch installed on P4, 512 RAM using compact disk image.May 23, 2008 at 4:03 am #46425
Got it working!!
Actually I just set the capturing rule for my subnet – 192.168.1.0/24
and got the havp configured to see the parentproxy and port as told by Fulvio. Thanks man!
Even the authentication is happening smoothly via a Windows ADS,
Zeroshell is superb.
Only one small problem remains, how to disconnect users if they accidentally close their connection window, without clicking the “Discoonect” buttonNovember 3, 2009 at 9:27 pm #46426
I am a newbie to linux but i am trying to setup the same setup you have. I have zeroshell setup and a squid NT proxy. Can you you guide me with a little detail on how to configure the squid proxy as a parent on zeroshell?November 4, 2009 at 1:34 am #46427
It is shown in the second post in this thread.November 4, 2009 at 2:33 pm #46428
Is the havp.config stored in the profile saved on the usb drive?November 5, 2009 at 2:57 am #46429
YesNovember 5, 2009 at 1:21 pm #46430
Dont forget that your configuration will disappear when you reboot unless you take steps to reload it as starts up.
Found this out the hard way…November 5, 2009 at 1:45 pm #46431
Did you include the changes in a load up script?November 5, 2009 at 3:37 pm #46432
I have successfully modified the havp.config and inserted the IP and port of the squid proxy.
I have created a capturing rule for the DHCP range 172.22.31.100-172.22.31.200. Restarted the proxy service on zeroshell.
I still cannot get the transparent proxy portion to work. Is there something else I am missing?
Zeroshell has 1 interface ETH00
Any help would be appreciated.
You must be logged in to reply to this topic.