Squid

sudoaptgetinstallsquid
sudogedit/etc/squid/squid.conf

#http_port3128transparent
http_port192.168.1.1:3128transparent
http_port192.168.1.1:8080transparent

cache_mem16MB
cache_dirufs/var/spool/squid70016256

aclallsrc0.0.0.0/0.0.0.0
aclmanagerprotocache_object
aclplussrc"/etc/squid/plus.lst"
aclsitesurl_regex"/etc/squid/sites.lst"
acldescargaurlpath_regexi\.flv$\.exe$\.mp4$\.mp3$\.avi$\.mpg$\.wma$\.mov$\.acc$
\.bat$\.asf$\.mpeg$\.3gp$\.zip$\.rar$\.iso$\.WMA$\.xls$\.xlsx$\.XLS$\.XLSX$\.PPT$
\.ppt$\.PPTX$\.pptx$\.PPS$\.pps$\.PPSX$\.ppsx$\.MPEG$\.ppt$\.pptx$\.PPT$\.PPTX$
\.bmp$\.BMP$
error_directory/usr/share/squid/errors/Spanish
acllocalhostsrc127.0.0.1/255.255.255.255
acltodalaredsrc192.168.1.0/255.255.255.0

http_accessdenysites!plus
http_accessdenydescarga!plus
http_accessallowlocalhost
http_accessallowtodalared
http_accessdenyall

sudogedit/etc/squid/squid.conf
sudogedit/etc/squid/sites.lstpaginasprohibidad

sudogedit/etc/squid/plus.lstpermitidas
sudo/etc/init.d/squidrestart
sudo/etc/init.d/squid3stop

Notaahoralavercionreciemtedesquidessquid3

iptables

sudoaptgetinstalliptables
sudogedit/etc/init.d/iptables.cf

/sbin/iptablesF
/sbin/iptablesX
/sbin/iptablesZ
/sbin/iptablestnatF
/sbin/iptablesPINPUTACCEPT
/sbin/iptablesPOUTPUTACCEPT
/sbin/iptablesPFORWARDACCEPT

/sbin/iptablestnatPPREROUTINGACCEPT
/sbin/iptablestnatPPOSTROUTINGACCEPT

/sbin/iptablestnatAPOSTROUTINGoeth1jMASQUERADE

#iptablestnatAPREROUTINGieth0ptcpdport80jREDIRECTtoport3128
#/sbin/iptablestnatAPREROUTINGieth0ptcpdport80jREDIRECTtoport8080

/sbin/iptablesAINPUTs192.168.1.0/24ieth0jACCEPT

/sbin/iptablesAFORWARDs192.168.1.0/24ieth0ptcpdport993jACCEPT
/sbin/iptablesAFORWARDs192.168.1.0/24ieth0ptcpdport110jACCEPT
/sbin/iptablesAFORWARDs192.168.1.0/24ieth0ptcpdport465jACCEPT
/sbin/iptablesAFORWARDs192.168.1.0/24ieth0ptcpdport25jACCEPT
/sbin/iptablesAFORWARDs192.168.1.0/24ieth0ptcpdport80jACCEPT
/sbin/iptablesAFORWARDs192.168.1.0/24ieth0ptcpdport443jACCEPT
/sbin/iptablesAFORWARDs192.168.1.0/24ieth0ptcpdport53jACCEPT
/sbin/iptablesAFORWARDs192.168.1.0/24ieth0pudpdport53jACCEPT

echo"1">/proc/sys/net/ipv4/ip_forward

sudo/etc/init.d/iptables.cf
dhcp
sudoaptitudeinstalldhcp3server
sudogedit/etc/dhcp3/dhcpd.conf
ddnsupdatesoff;
optionT150code150=string;
denyclientupdates;
oneleaseperclientfalse;
allowbootp;

ddnsupdatestyleinterim;
authoritative;
subnet192.168.1.0netmask255.255.255.0{
range192.168.1.2192.168.1.38;
optiondomainnameservers190.97.201.2,190.97.201.3;
optionrouters192.168.1.1;
optionbroadcastaddress192.168.1.255;
defaultleasetime36000;
maxleasetime180000;
}

sudo/etc/init.d/dhcp3serverrestart
interfacetarjetasdered

eth1sololaoptienededhcpdelVoipata.Porifconfig192.168.8.1

eth0laInternalaLANparaelequiposervidorenLAN192.168.1.1
mascara255.255.255.0sinpuertadeenlace.