From owner-freebsd-questions@FreeBSD.ORG Mon Mar 3 18:47:31 2014 Return-Path: Delivered-To: freebsd-questions@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6BD391C6 for ; Mon, 3 Mar 2014 18:47:31 +0000 (UTC) Received: from pegasos-out.vodafone.de (pegasos-out.vodafone.de [80.84.1.38]) by mx1.freebsd.org (Postfix) with ESMTP id 7E52EC7F for ; Mon, 3 Mar 2014 18:47:30 +0000 (UTC) Received: from localhost (localhost.localdomain [127.0.0.1]) by pegasos-out.vodafone.de (Rohrpostix2 Daemon) with ESMTP id CFD74541F6B; Mon, 3 Mar 2014 19:37:35 +0100 (CET) X-Virus-Scanned: amavisd-new at vodafone.de X-Spam-Flag: NO X-Spam-Score: 1.7 X-Spam-Level: * X-Spam-Status: No, score=1.7 tagged_above=-999 required=4 tests=[ALL_TRUSTED=-1, BAYES_99=1.3, BAYES_999=1.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=disabled Authentication-Results: rohrpostix2.prod.vfnet.de (amavisd-new); dkim=pass header.i=@vodafone.de Received: from pegasos-out.vodafone.de ([127.0.0.1]) by localhost (rohrpostix2.prod.vfnet.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s1FZuclbJGFo; Mon, 3 Mar 2014 19:37:30 +0100 (CET) Received: from smtp-02.vodafone.de (xsmail-dmz4.prod.vfnet.de [10.215.254.35]) by pegasos-out.vodafone.de (Rohrpostix2 Daemon) with ESMTP id 4FAA7541F54; Mon, 3 Mar 2014 19:37:27 +0100 (CET) X-DKIM: OpenDKIM Filter v2.6.8 pegasos-out.vodafone.de 4FAA7541F54 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=vodafone.de; s=mail; t=1393871850; bh=RdhKOgGMjHhGTwTlHXQBF2vIzP3Pk8Uyg4efzg4JedE=; h=Date:From:To:Subject; b=D4k/cECp1M3HK/7lweS5MzSjFwnlGVFCQgJlAGQCi2UaxDOMfXEyFUmrEsiI6kG4X dpZlnhV4EJmrrxLs6EZNyAYnfEJUA5gM8I/F3o1zQ0UwSnS56mpidIGk8cgXJpcanI J3L0MAGSNybeqEo5c4mx8K6D9a+lsSSGkUa3o56g= Received: from localhost (localhost.localdomain [127.0.0.1]) by smtp-02.vodafone.de (Postfix) with ESMTP id B5F5BE4AFE; Mon, 3 Mar 2014 19:37:26 +0100 (CET) X-DKIM: OpenDKIM Filter v2.0.2 smtp-02.vodafone.de B5F5BE4AFE X-Virus-Scanned: amavisd-new at vodafone.de Received: from smtp-02.vodafone.de ([127.0.0.1]) by localhost (xsmail-dmz4.prod.vfnet.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nZ65vRBKIHaV; Mon, 3 Mar 2014 19:37:21 +0100 (CET) Received: from [192.168.0.55] (95-91-241-69-dynip.superkabel.de [95.91.241.69]) by smtp-02.vodafone.de (Postfix) with ESMTPSA id C7075E4B3D; Mon, 3 Mar 2014 19:37:19 +0100 (CET) Message-ID: <5314CBD0.3080507@vodafone.de> Date: Mon, 03 Mar 2014 19:37:04 +0100 From: =?ISO-8859-1?Q?Andreas_Gl=E4ser?= User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20131103 Icedove/17.0.10 MIME-Version: 1.0 To: freebsd-questions@FreeBSD.org Subject: BSD-based Privoxy-Squid Surfwall on USB-key X-Enigmail-Version: 1.5.1 OpenPGP: id=EA445555; url=keys.gnupg.net Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="----enig2LDQUONLXVMWQDMKOAQJE" X-Content-Filtered-By: Mailman/MimeDel 2.1.17 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Mar 2014 18:47:31 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) ------enig2LDQUONLXVMWQDMKOAQJE Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable My original intention was to replace my print-server, which was a bit slow, when processing graphics, with a better one and switch to FreeBSD. I chose a HP-t5540 thin-client, because it features gigabit-ethernet and an SATA-controller [see picture], a parallel-port and it is quite energy-saving. The installation was the hardest part, it cost two days of trial and error, especially the disk-partitioning could be better documented, then setting up CUPS, Privoxy chained with Squid was pretty much of a bread-and-butter job. I made an XZ-compressed image of my SD-card and uploaded it to the Ubuntu-cloud: http://ubuntuone.com/6FflUlks0EBv7eQuBXPpcO It is not meant to be a ready-made distribution, but it will drastically ease system-installation, because all you have to do is uncompress the image and dd it onto a 16GB SD-card or USB-Flashdrive, use in virtual machines is also possible, I guess. BSD has the same problem there as Linux, that the network-card is not working initially, when booting the image on different hardware. I tried it on my older Pentium-M-based notebook and had to change 'vge0' to 'bge0' there in '/etc/rc.conf', followed by '# /etc/rc.d/netif restart && /etc/rc.d/routing restart' You will have to choose a static IP-address, that fits into your local network and set the network/netmask accordingly in '/usr/local/etc/squid/squid.conf' in line 10. In your webbrowser you have to set the respective IP of the machine as network-proxy with port 3128. That is all. It is a good proof of concept in my opinion, I chose FreeBSD, because I have Debian-workstations and I feel, not each and every machine needs to run Debian/Linux and diversity is favourable. I also tried this on FSC-Futro-S400, but 'powerd' seems to have a problem there, also with the current FBSD-version. I recommend to use Privoxy together with the AdBlock-plus browser-plugin.= Cheers, all ! root-password is: toor =3D=3D=3D=3D=3D=3D Compressed file size: 1231442556 MD5sum: 377b129641e7408d63538c7815db5078 p-sw.img.xz Uncompressed size: 15819866112 --------------------------------------------------------------------- Links: http://www.privoxy.org/user-manual/config.html [Section 7.5.3] https://www.antagonism.org/web/squid-proxy.shtml http://taggedzi.com/articles/display/working-with-squid-and-privoxy http://wiki.squid-cache.org/SquidFaq http://wiki.squid-cache.org/SquidFaq/ConfiguringSquid http://wiki.squid-cache.org/SquidFaq/SecurityPitfalls BSD-Networking: http://www.cyberciti.biz/tips/freebsd-how-to-change-ip-address-or-setup-n= ew-ip-address-to-existing-interface.html http://www.cyberciti.biz/tips/freebsd-how-to-start-restart-stop-network-s= ervice.html http://www.onlamp.com/pub/a/bsd/2004/05/13/FreeBSD_Basics.html?page=3D2 --=20 Andreas Glaeser Baumschulenstr. 105 D-12437 Berlin Telefon: 030 - 41 72 62 54 mobil: 0151 - 24 20 53 00 ------enig2LDQUONLXVMWQDMKOAQJE Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBCAAGBQJTFMvbAAoJEMCPUzDqRFVV4vgH/ig+owiotczcRToXDMSVd5Az P0tHYTw6Anv619hr+QAKYXh33XYXXUshvrmRva5/DG2n6tVNjyHXCz22Nqhc8lMT J2SgjKWDqqu12zPCJGSHFtGXeWZKrF8OY1TLoLySl+fA+nraXf9rcClR/NWyv45k cmIrMR8Wb2BcWF7IwHdZNDGqOAQg9OS5DKMTpb61RwAaB7c139lcRTJEGq/hTaGh lCE538AJbJpM2fvlT+3MxwocmIL4os7Ml8RzhNrKy3OqKnAbWp14dwaaN/KdTbtL fAMyV1zl9VDjh7HEiQ4Iyqqz3H7EVno7L9YDl5jYyILK2ySWKihO7pUuJWIPfrw= =rSCF -----END PGP SIGNATURE----- ------enig2LDQUONLXVMWQDMKOAQJE--