Squid installation

The following tutorial describes the installation of squid. squid.conf for the content of his writings taken from balinux.or.id,
made by relatives egi (egi@nuxegi.net). to the contents of squid.conf, can be modified according to our needs

Squid installation
1. extract package
# Tar-xvzf squid-2.6.STABLE4.tar.gz

2. and compile Squid
[Root @ gateway squid-2.6.STABLE4] #. / Configure-prefix = / usr / local / squid-sysconfdir = / etc /-enable-gnuregex-enable-icmp-enable-delay-pools-enable-snmp-enable- htcp-enable-ssl-enable-cache-Digests-enable-linux-netfilter-enable-large-cache-files-enable-carp-with-pthreads-enable-carp-with-pthreads-enable-storeio = diskd, ufs - enable-removal-policies = heap-enable-arp-acl-enable-forw-via-db-enable-leakfinder-enable-truncate-enable-underscores-enable-stacktraces-enable-dlmalloc

[Root @ gateway squid-2.6.STABLE4] # make
[Root @ gateway squid-2.6.STABLE4] # make install

3. create cache directory, then change the access rights
[Root @ gateway squid-2.6.STABLE4] # mkdir-mode = 777 / usr / local / squid / var / cache
[Root @ gateway squid-2.6.STABLE4] # chown-Rf squid.squid / usr / local / squid / var / cache /
4. Create the file access.log and cache.log
[Root @ gateway squid-2.6.STABLE4] # touch / usr / local / squid / var / logs / access.log
[Root @ gateway squid-2.6.STABLE4] # touch / usr / local / squid / var / logs / cache.log
5. make file access permissions
[Root @ gateway squid-2.6.STABLE4] # chown-Rf squid.squid / usr / local / squid / var / logs /
[Root @ gateway squid-2.6.STABLE4] # chmod-Rf 777 / usr / local / squid / var / cache /

Editting squid.conf
"File / etc / squid.conf"
# File: squid.conf
# Creted by: egi@nuxegi.net
#
#-------------------------
# Port used 8080 or 3128
#-------------------------
http_port 8080
icp_port 3130
#-------------------------
# Options proxy
#-------------------------
# Cache_peer 202.xxx.xxx.xxx parent 8080 3130 no-query default
# Cache_peer sv.us.ircache.net parent 3128 3130 login = egi@nuxegi.net.id: FafboluveuvEecgi
# Cache_peer sj.us.ircache.net parent 3128 3130 login = egi@nuxegi.net.id: FafboluveuvEecgi
# Icp_query_timeout 2000
# Maximum_icp_query_timeout 2000
# Mcast_icp_query_timeout 2000
# Dead_peer_timeout 15 seconds
hierarchy_stoplist cgi-bin
hierarchy_stoplist?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
# Prefer_direct off
#-------------------------
# Options cache needs
#-------------------------
cache_mem 8 MB
cache_swap_low 90
cache_swap_high 95
minimum_object_size 0 KB
maximum_object_size 100 MB
maximum_object_size_in_memory 20 KB
ipcache_size 1024
ipcache_low 90
ipcache_high 95
fqdncache_size 1024
cache_replacement_policy heap GDSF
memory_replacement_policy heap GDSF
#-------------------------
# Log file and directory where the cache ... cache directory can be made more than 1 (one)
#-------------------------
diskd cache_dir / usr / local / squid / var / cache 3000 16 256 Q1 = 72 Q2 = 64
store_dir_select_algorithm round-robin
cache_access_log / usr / local / squid / var / logs / access.log
cache_log / usr / local / squid / var / logs / cache.log
cache_store_log / usr / local / squid / var / logs / store.log
emulate_httpd_log off
log_ip_on_direct off
log_fqdn off
log_mime_hdrs off
log_icp_queries off
buffered_logs off
debug_options ALL, 1
mime_table / squid / etc / mime.conf

#-------------------------
# Options For External Support Programs
#-------------------------
ftp_user admin@dapenbni.co.id
ftp_list_width 32
ftp_passive on
# Dns_nameservers 202.155.0.10 202.155.0.15
unlinkd_program / usr / local / squid / libexec / unlinkd
redirect_rewrites_host_header on
#-------------------------
# Options For Peer Database
#-------------------------
digest_generation on
digest_bits_per_entry 10
digest_rebuild_period 30 minutes
digest_rewrite_period 30 minutes
digest_swapout_chunk_size 6000 bytes
client_persistent_connections on
server_persistent_connections on
pipeline_prefetch on
store_dir_select_algorithm round-robin
#-------------------------
# Optimize cache
#-------------------------
request_header_max_size 10 KB
request_body_max_size 3 MB
# Reply_body_max_size 500 MB
refresh_pattern-i \. gif $ 10,080 90% 43,200
refresh_pattern-i \. jpg $ 10,080 90% 43,200
refresh_pattern-i \. bomb \. gov \. au 30 20% 120
refresh_pattern-i \. html $ 480 50% 22 160
refresh_pattern-i \. htm $ 480 50% 22 160
refresh_pattern-i \. class $ 10,080 90% 43,200
refresh_pattern-i \. zip $ 10,080 90% 43,200
refresh_pattern-i \. jpeg $ 10,080 90% 43,200
refresh_pattern-i \. mid $ 10,080 90% 43,200
refresh_pattern-i \. shtml $ 480 50% 22 160
refresh_pattern-i \. exe $ 10,080 90% 43,200
refresh_pattern-i \. THM $ 10,080 90% 43,200
refresh_pattern-i \. wav $ 10,080 90% 43,200
refresh_pattern-i \. txt $ 10,080 90% 43,200
refresh_pattern-i \. CAB $ 10,080 90% 43,200
refresh_pattern-i \. au $ 10,080 90% 43,200
refresh_pattern-i \. mov $ 10,080 90% 43,200
refresh_pattern-i \. xbm $ 10,080 90% 43,200
refresh_pattern-i \. ram $ 10,080 90% 43,200
refresh_pattern-i \. avi $ 10,080 90% 43,200
refresh_pattern-i \. chtml $ 480 50% 22 160
refresh_pattern-i \. THB 43,200 $ 10,080 90%
refresh_pattern-i \. DCR $ 10,080 90% 43,200
refresh_pattern-i \. bmp $ 10,080 90% 43,200
refresh_pattern-i \. phtml $ 480 50% 22 160
refresh_pattern-i \. mpg $ 10,080 90% 43,200
refresh_pattern-i \. pdf $ 10,080 90% 43,200
refresh_pattern-i \. art $ 10,080 90% 43,200
refresh_pattern-i \. swf $ 10,080 90% 43,200
refresh_pattern-i \. mp3 $ 10,080 90% 43,200
refresh_pattern-i \. ra $ 10,080 90% 43,200
refresh_pattern-i \. LWW $ 10,080 90% 43,200
refresh_pattern-i \. viv $ 10,080 90% 43,200
refresh_pattern-i \. doc $ 10,080 90% 43,200
refresh_pattern-i \. gz $ 10,080 90% 43,200
refresh_pattern-i \. Z $ 10,080 90% 43,200
refresh_pattern-i \. tgz $ 10,080 90% 43,200
refresh_pattern-i \. tar $ 10,080 90% 43,200
refresh_pattern-i \. VRM $ 10,080 90% 43,200
refresh_pattern-i \. VRML $ 10,080 90% 43,200
refresh_pattern-i \. AIF $ 10,080 90% 43,200
refresh_pattern-i \. aifc $ 10,080 90% 43,200
refresh_pattern-i \. aiff $ 10,080 90% 43,200
refresh_pattern-i \. arj $ 10,080 90% 43,200
refresh_pattern-i \. c $ 10,080 90% 43,200
refresh_pattern-i \. dial $ 10,080 90% 43,200
refresh_pattern-i \. dir $ 10,080 90% 43,200
refresh_pattern-i \. dxr $ 10,080 90% 43,200
refresh_pattern-i \. hqx $ 10,080 90% 43,200
refresh_pattern-i \. JPE $ 10,080 90% 43,200
refresh_pattern-i \. lha $ 10,080 90% 43,200
refresh_pattern-i \. LZH $ 10,080 90% 43,200
refresh_pattern-i \. midi $ 10,080 90% 43,200
refresh_pattern-i \. movie $ 10,080 90% 43,200
refresh_pattern-i \. mp2 $ 10,080 90% 43,200
refresh_pattern-i \. mpe $ 10,080 90% 43,200
refresh_pattern-i \. mpeg $ 10,080 90% 43,200
refresh_pattern-i \. mpga $ 10,080 90% 43,200
refresh_pattern-i \. pl $ 10,080 90% 43,200
refresh_pattern-i \. ppt $ 10,080 90% 43,200
refresh_pattern-i \. ps $ 10,080 90% 43,200
refresh_pattern-i \. qt $ 10,080 90% 43,200
refresh_pattern-i \. qtm $ 10,080 90% 43,200
refresh_pattern-i \. race $ 10,080 90% 43,200
refresh_pattern-i \. seafood $ 10,080 90% 43,200
refresh_pattern-i \. crunches $ 10,080 90% 43,200
refresh_pattern-i \. tif $ 10,080 90% 43,200
refresh_pattern-i \. tiff $ 10,080 90% 43,200
refresh_pattern-i \. snd $ 10,080 90% 43,200
refresh_pattern-i \. wrl $ 10,080 90% 43,200
refresh_pattern ^ ftp:// 480 60% 22 160
refresh_pattern ^ gopher: / / 30 20% 120
refresh_pattern. 22 160 480 50%
# Reference_age 1 month
quick_abort_min 16 KB
32 KB quick_abort_max
quick_abort_pct 95
negative_ttl 5 minutes
positive_dns_ttl 6 hours
negative_dns_ttl 10 minutes
range_offset_limit 0 KB
connect_timeout 360 seconds
read_timeout 15 minutes
request_timeout 360 seconds
client_lifetime 100 day
half_closed_clients on
pconn_timeout 120 seconds
ident_timeout 10 seconds
shutdown_lifetime 30 seconds
announce_period 7 day
#-------------------------
# Timeouts
#-------------------------
connect_timeout 120 seconds
peer_connect_timeout 60 seconds
# Siteselect_timeout 6 seconds
read_timeout 5 minutes
request_timeout 20 seconds
client_lifetime 1 day
half_closed_clients on
pconn_timeout 60 seconds
ident_timeout 5 seconds
shutdown_lifetime 30 seconds
#-------------------------
# Information Administrativ
#-------------------------
cache_mgr admin@dapenbni.co.id
cache_effective_user Squid
cache_effective_group Squid
visible_hostname gateway.dapenbni.co.id
unique_hostname gateway.dapenbni.co.id
#-------------------------
# Cache
#-------------------------
announce_host gateway.dapenbni.co.id
announce_port 8080
#-------------------------
# Needs Transparent Proxy
#-------------------------
virtual httpd_accel_host
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
httpd_accel_single_host off

#-------------------------
Other #
#-------------------------
logfile_rotate 5
memory_pools on
200 MB memory_pools_limit
forwarded_for on
log_icp_queries on
icp_hit_stale on
minimum_direct_hops 5
minimum_direct_rtt 400
store_avg_object_size 13 KB
store_objects_per_bucket 50
client_db off
netdb_low 900
netdb_high 1000
netdb_ping_period 1 minutes
query_icmp on
test_reachability on
reload_into_ims on
# Fake_user_agent SiNK1NGfuNK/1.0 (CP / M, 128-bit)
#-------------------------
# Access Management
#-------------------------
acl all src 0 / 0
internal acl src 192.168.0.0/24
acl src allowedhost 202.xxx.xxx.xxx
# Acl block-i gohip url_regex
# Acl blok1 url_regex bonzi-i
# Acl blok2 url_regex-i Lolitas
# Acl blok3 url_regex-i passthison
# Acl blok4 url_regex-i dewisex
# Acl blok5 url_regex-i lolitasworld
# Acl blok6 url_regex-i netsetter
acl src localservers 202.xxx.xxx.xxx
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
port 443 563 acl SSL_ports
acl Safe_ports port 80 21 443 563 808 -65 535 70 210 1025
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl CONNECT method CONNECT
always_direct allow localhost
always_direct allow internal
always_direct allow allowedhost
http_access allow manager localhost
http_access deny manager
http_access deny! Safe_ports
http_access deny CONNECT! SSL_ports
# Http_access deny block
# Http_access deny blok1
# Http_access deny blok2
# Http_access deny blok3
# Http_access deny blok4
# Http_access deny blok5
# Http_access deny blok6
http_access allow localhost
http_access allow internal
http_access allow allowedhost
http_access allow localservers
http_access deny all
icp_access allow all
miss_access allow all
# Snmp_access allow localhost
# Snmp_access deny all
# Snmp_port 3401
# Acl snmppublic public snmp_community
# Snmp_access allow snmppublic allowed_hosts
# Snmp_access deny all
never_direct allow all
#-------------------------
# Parameters Delaypool
#-------------------------
url_regex magic_words1 acl-i 202 154
url_regex magic_words2 acl-i ftp. exe. mp3. vqf. tarballs. gz. rpm. zip. rar. avi. mpeg. mpe. mpg. qt. ram. rm. iso. raw. wav
delay_pools 2
delay_class 1 2
# -1/-1 Mean That there are no limits
delay_parameters 1 -1/-1 -1/-1
delay_access 1 allow magic_words1
delay_class 2 2
delay_parameters 2 4000/150000 4000/120000
delay_access 2 allow magic_words2

run Squid
[Root @ gateway squid-2.6.STABLE4] # / usr / local / squid / sbin / squid-z
[Root @ gateway squid-2.6.STABLE4] # / usr / local / squid / sbin / squid-SYD

Check squid
[Root @ gateway squid-2.6.STABLE4] # netstat-plnat grep squid
tcp 0 0 0.0.0.0:8080 0.0.0.0: * LISTEN 14066 / (squid)

READ MORE - Squid installation

Function gets (), getchar (), getch (), and getche () In C + + Programming

Function gets (), getchar (), getch (), and getche () In C + + Programming

Hallo bro, this time I will be sharing about gets (), getchar (), getch (), and getche () in C + + Programming.

1. gets ()
Function gets () is used to input data of type character and can not be used to enter numeric data. Here is a sample program.

2. getchar ()
Getchar () function is used to read data of type character.

3.getch () And getche ()
That is a function that when we input a character, then there will be an emphasis enter automatically, and moved to the next line.
The function getch () characters entered will not be displayed on the screen so frequently used to request input of password.
Getche function () characters entered will be displayed on the screen.

READ MORE - Function gets (), getchar (), getch (), and getche () In C + + Programming

The matrix is a set of quantities

The matrix is a set of quantities (variables and constants) that can be referenced through the index, which stated its position in the general representation used, ie a table Rectangle. The matrix is a way of visualizing the variable which is a collection of numbers or other variables, such as vectors. With matrix representation, the calculation can be done with more structured. Utilization for example in explaining the linear equations, coordinate transformation, and others. Matrix as well as ordinary variables can be manipulated, such as multiply, add up, deductible and decomposed.



Matrix addition and subtraction

Matrix addition and subtraction can be performed by operating the matrix components at the same location, or denoted by

or in a decorative representation



Photo illustration:

READ MORE - The matrix is a set of quantities

Jdbc is the Application Programming Interface (API)

JDBC is the Application Programming Interface (API) designed for universal access database based on SQL. JDBC consists atsa JDBC 1.0 API that provides basic functionality for data access. JDBC 2.0 API adds to the basic functions with other advantages which more sophisticated. JDBC JDBC API is a trade mark name, not an acronym. But often mistaken for JDBC stands for Java Database Connectivity. JDBC API consists of a number of classes and interfaces written in Java which provides a standard API as a tool for programmers and provides the possibility to write database applications using any Java API. JDBC API makes it easy to send SQL statements to relational database systems and supports a variety of SQL language. Advantage JDBC API is an application can access any data source and can run on any platform that has Java Virtual Machine (JVM). So we do not have to write one program for accessing the Sybase database, Oracle or Access and others. We simply write a program that uses the JDBC API, and the program can send the SQL statement or other statement to a particular data source. With applications written in Java language one does not have to worry about writing different applications to run on different platforms. What does JDBC? JDBC technology is able to do three things: 1. Establish a connection to a data source (data source). 2. Send a statement to the source data. 3. Processing the results of the model statement 2-tier and 3-tier to access the database, JDBC API supports both 2-tier model and 3-tier. For 2-tier model, an applet or java application speaks directly to the database. In this case the required JDBC driver that can communicate to the source data. A command or statement from the user are sent to the database and the results of statements sent back to the user. The database can be located on the same machine or different from the client, which is connected to a network. If the location of the database is different from the client machine so-called client / server. Called the client user's machine and the machine where the database is called a server. This network can be a LAN or the Internet. In a 3-tier model, user send commands to a middle tier. Furthermore, middle tier sends commands to the database. Database to process the order and sends back the results to the middle tier. Then send it to the user's middle tier. The advantage of this 3-tier model is easier for deployed applications and improve performance. JDBC Driver Types JDBC API consists of two main interfaces, the first is the JDBC API for application writers, and the second is lower-level JDBC driver API for driver writers. Technology JDBC drivers can be divided into four categories: 1. JDBC-ODBC Bridge plus ODBC Driver This combination produces JDBC access via ODBC drivers. Bridging between Java applications with the Microsoft ODBC. This driver type is best suited for a corporate network where client installations are not big problems, or for server applications written in Java language in a 3-tier architecture. 2. Native API party Java technology-enabled driver converts JDBC Type this driver call into the client API for Oracle, Sybase, Informix, DB2, and other DBMS. This type requires a specific binary code of the operating system is loaded into each client. 3.Pure Driver for Database Middleware Java (JDBC-Net) Model this driver translates JDBC calls into the middleware vendor protocol, which is then translated to a DBMS protocol by a middleware server. Middleware provides connectivity to a variety of different types of databases. 4.Native-protocol Pure Java Driver Model driver converts JDBC calls directly into the network protocol used by the DBMS, allowing a direct call from a client machine to the DBMS server and providing practical solutions for Internet access.

Data Sources

// register a data source
DataSource?Class dso = new DataSource?Class(); // Implements DataSource?
dso.setServerName("SOME_SERVER");
dso.setDatabaseName("SOME_DATABASE");
Context ic = new InitialContext();
// Register dso as e named DataSource?
ic.bind("jdbc/SOME_DATABASE", dso);
...
// Querying for a DataSource?
Context ic = new InitialContext();
DataSource ds = (DataSource?) ic.lookup("jdbc/SOME_DATABASE");
// make a connection
Connection con = ds.getConnection("username", "pasword");

READ MORE - Jdbc is the Application Programming Interface (API)

standard OSI has 7 layers

ften used for data communications is the OSI (Open Systems Interconecting)

so with this application every computer with different operating systems will be able to communicate fluently and global data.
Another advantage to the vendor side of this standard will vendors promise their products will sell in the market.

standard OSI has 7 layers, seven layers has a function and responsibility of their own.
1. bottom layer is the physical layer, which is useful for
physical connection (cabling using RJ45)
2. data link layer (layer works on the side of the modem where
function to perform modulation and demodulation)
3. network layer (network layer)
4. transport layer (Serves for reliable data transfer,
responsible for the integrity of data in data transmission
data exchange in the relationship between transmitter
and receiver)
5. session layer (Serves to control the communication between
application, build, maintain and terminate sessions between
application)
6. presentation layer (Serves to overcome differences
data format, compression, and encryption of data)
7. application layer (As a user interface to the OSI environment,
examples of application layer is the e-mail, ftp and http).

example of data communication is the Internet.
with any Internet connection worldwide data exchange easier.
although different operating systems (Windows, Linux, MacOS, OS / 2, BSD) all can make data communications.
for all operating systems and devices to follow ISO standards that OSI.

READ MORE - standard OSI has 7 layers

Types of Data Communications Applications

Data communication is the process of sending and receiving data / information from two or more devices / equipment, such as computers / laptops / printers / other communication devices are connected in a network, both local and broad, such as the Internet.

Two types of data communication:
1. Through Terrestrial Infrastructure
2. Through Satellite

application:
a. Checking your credit card online.
b. The transfer of funds from one bank to another electronically.
c. Automatic Payment Machine (automatic telling machines = ATM).
d. Electronic sales system (purchase of goods which are automatically handled by the bank account).
e. e-mail
f. Systems such as Prestel Text Video
g. Fax System
h. Transaction Processing

Types of Data Communications Applications

Data Collection, data can be collected from several places (remote station), stored in memory and at certain times these data will be processed. Example: payroll inventory application

Inquiry and Response, the user can access directly to the file or program. The data that is sent to the computer system can be immediately processed and the results can be immediately given. When users conduct a dialogue with the computer system is called interactive. Examples: banking application, payment dipertokoan

Storage and Retrival, data previously stored in a computer can be taken at any time by the parties concerned without being limited distance, for example: online data storage or in an email.

Time Sharing, a user can complete the program together. Each user is given the opportunity to work for a certain period a fixed amount, after which other users are given the opportunity to work on. Example: the application user computer systems together for software development.

Jon Remote Entry, Remote Terminal Job transmit programs or data (text) to be stored to a central computer where data is processed. The program was done in batches, which is processed after the turn came. Example: a web application

Real Time Data Processing and Process Control, the desired process results in a timely manner with the interests of that process (real time). For example: Google Maps
Data Exchange Among Computers, the exchange of data in the form of programs, files and so forth between computer systems.

READ MORE - Types of Data Communications Applications

Building a Router at Home With Ubuntu

Building a Router at Home With Ubuntu
Many homes now have Internet access independent. Some of them even had to use a broadband connection with a fairly high speed. The question is, Can the Internet connection is being shared to multiple PCs or notebooks at home? The answer could be, with the router!

Router that will be made - though for home-based classes - guaranteed to have stability and enterprise-class security as supported by the Linux operating system. Eits, do allergies first with Linux. Linux is intentionally selected from Ubuntu Desktop - the easiest Linux distributions and is widely used as a working terminal. We assure you, you baseball will meet with the Linux command line is much feared by ordinary users.

Here we will use the Desktop versions of Ubuntu Linux 8.10 (Intrepid Ibex). But underneath the version of Ubuntu users are also fixed to follow the same steps. Oh yes, the router that we will make use Firestarter application (www.fs-security.com) who has a 100% license free. Originally, this application is a firewall router features. So your router will have a firewall facilities. Fun, right?

Let's get started. As a first step, prepare a PC that had been installed Ubuntu and have an active Internet connection so you can browse there. Do not forget to also provide an additional network card to connect Ubuntu to the local network.

Installation of Main Components

1. There are two main components that must be installed before we can enable the PC as a router, that is Firestarter and DHCP (Dynamic Host Configuration Protocol). DHCP component need only be installed if you want an IP address automatically allocated to clients. If you want to configure the address manually, DHCP is not required to be installed. To install Firestarter and DHCP, click the menu System> Administration> Synaptic Package Manager (SPM). Then enter your Ubuntu root password (if requested).

2. From the window of the MSS, use the "Quick Search" to search for Firestarter package. If you've met, click the small box next to the Firestarter package and select "Mark for Installation".

3. Furthermore, in the same way, do a search for DCHP packets. If SPM presents many choices, make sure you select the package "dhcp3-server". Click the little box again and select "Mark for Installation". Then click the "Apply" with a green check mark icon at the top. The rest I'll work on Linux.

Router Configuration

4. If the installation went smoothly, the next step is to configure Firestarter for all connections from the client can be forwarded to the Internet. Run Firestarter from the menu Applications> Internet> Firestarter and enter your Ubuntu root password when prompted.

5. From the Firestarter main window, click the Preferences menu at the top (make sure the tab "Status" is active), then select Network Settings. Notice the two drop-down box that was there. Drop-down box at the top is the interface to connect to the Internet. If using an Ethernet network card, the interface is shown most likely is "eth0". While the second drop-down box shows the interface to the local network.

6. If it is determined where the Internet and local network, you can simply enable (check) the option "Enable Internet connection sharing" and "Enable DHCP for the local network" (automatic client IP allocation). Range of IP allocation using DHCP also can you set yourself, by clicking the black arrow next to the option "DCHP server details". Other options on this window can be left as is, because we do not really need it.

7. After all is finished is set, click the "Accept". By clicking the "Start Firewall", your PC has become a router to share an Internet connection. Easy, right?

TIPS: Bonus Firewall

Incomplete feel if a router is not equipped with additional security to ward off attacks that are likely to come from the Internet. Fortunately, Firestarter is designed to secure a PC connected to the Internet, including clients that are connected via Internet Connection Sharing.

Actually, by default, Firestarter has worked as a firewall since it was first activated. But the default settings in our opinion still has many holes which if not closed it is not likely going to be penetrated cracker.

If security is your priority while surfing fun, it never hurts to follow the simple steps below.

A. Facing Attacks from Outside

1. Reopen the Preferences window in Firestarter. This time select "ICMP Filtering" and enable (check) the option "Enable ICMP Filtering". Ignore the other options under it if there are no other features of the ICMP protocol which allowed acceptable PC. Next, click the Accept button.

2. Back to the Firestarter main window, then select the tab "Policy". In Editing options, make sure the chosen "Inbound traffic policy" which means we will make rules about "who can access a PC or a port from the Internet". If no port that can be accessed from the Internet, so be sure to list the "Allow connections from host", "Allow service", and "Forward service" to be empty. Conversely, if you want to allow a host of Internet-connected to the router side of this, right-click an empty area on the list "Allow connections from host" and choose "Add rule". Then enter the IP address of hosts that are allowed to access the router. If you have, do not forget to click the "Add" and "Apply". The same way can be done to allow port connection / service from the Internet, it's just that you have to work in the "Allow service".

3. If you have, try to test your PC with the help of site security audits of Gibson Research (www.grc.com). Compare the results before and after the configuration is done (see if you get the title of "Passed" on TruStealth Analysis or not).

B. Restricting Client Access URL

After successfully restrict access from the outside, now we will make restrictions on clients that will access the Internet. This is especially useful if you want to save bandwidth or to prevent underage users accessing inappropriate sites. Here's how to do it.

1. From the Firestarter main window, click the tab "Policy" and change the dropdown editing to "Outbound traffic policy". This option is used to restrict access to the Internet or a local client opposite of "Inbound traffic policy" that we discussed above.

2. Two radio buttons will appear which each contain an option "Permissive by default, traffic black list" and "Restrictive by default, whitelist traffic". Permissive by default used if you want to allow all data traffic from clients to the Internet and using a list of policy to block addresses, the host or service / specific ports. Conversely, Restrictive by default is used to block all traffic from client to Internet data and use the list policy to allow access to the address, host or service / specific ports. If you want to block a specific address, select Permissive by default.

3. To order for Firestarter block certain sites, do it by right-clicking an empty area on the list of "Deny connection to host", then choose "Add rule". Enter the IP address or domain name (without "http://") in the field "IP, host or network", then click Add. If you have, do not forget to click Apply at the top of the window of Firestarter. Try to visit the address had been blocked using the browser.

READ MORE - Building a Router at Home With Ubuntu