Saturday, March 31, 2007

Class of 2003

me & my Batch 2003 doing
visiting to KLCC twin tower

Saturday, March 24, 2007

finally, i solve my problem to create graph using PHP. almost 2 and half years looking for it. The concept is simple. What you need is you have to download PHPlot class for the here.Just follow the instruction given. happy ending story. bye

Thursday, March 08, 2007

Squid Tutorial

We all know that using proxy is a method to connect to Internet for the LAN user. But do you know how to make a proxy server in your PC? There are many proxy server softwares in Windows such as WinGate and SyGate. However I will introduce you a Linux software today, it names Squid. You can find it in most versions Linux OS.
I will give you a little basic knowledge first. A proxy server software is based on the TCP/IP protocol. It monitors a special port such as 3128. A computer who runs a proxy server software is called a proxy server. If other computer want to connect to Internet through the proxy server, it should know the proxy server's IP address and proxy port such as 3128, which is used to config the communication software such as IE and ICQ.
The main function of proxy server is:
The proxy server can cache the website content that the clients visited, which can speed up the second visit.
The proxy server can give you access to the forbidden site. For example, the LAN administrator forbid your access to, but you can also visit it through a proxy.
The proxy server can control the accesses of its clients. I will tell you more about it below.
Maybe you know another Linux software IPchains, which can also used as a access control tool. But the problem is that IPchains doesn't support DNS parsing. You have to list all the IP address of the websites you want to control. However it's different for Squid, you can simply forbid the access to the domain whose suffix is .tw or .cn by Squid while the DNS parsing is the work of ISP.
Now I will give you a example. We use a PC which has two network cards as our proxy server. The first network (eth0) connects to local area network (LAN) and the second one (eth1) connects to Internet. We use the RedHat Linux 8.0 and Squid (which comes with the OS).
Just like other Linux software, Squid works according to its config files. Its default config file is /etc /squid /squid.conf. It is more than ten pages and contains the config specification. However there are only a small part of them we will use, I list the most important options below. Most of them are open-and-shut.
  http_port 3128
  #the port that the proxy server monitors
  cache_dir /var/cache/squid 100 16 32
  #cache dir size(MB), the number of first level subdir, the number of second level subdir
  cache_access_log /var/log/squid/access.log
  cache_log /var/log/squid/cache.log
  acl all src
  acl head src
  acl normal src
  acl denysite dstdomain tw cn
  acl denyip dst
  acl dnsport port 53
  http_access allow head
  http_access deny denysite
  http_access deny denyip
  http_access allow normal
  http_access deny dnsport
We can know from the config file that:
Squid will monitor the port 3128
The cache dir is /var/cache/squid and its size is 100MB
The users and can access all the websites
The users can't visit the website whose domain suffix is .tw or .cn
The users can not visit the website whose IP is
Other users can not connect to server whose port is 53
It's obvious that the config file use keyword "acl" to define user groups & destination groups and use "http_access" to control the access of the groups. There different keywords after "acl" such as "src","dst","proto","port" and "dstdomain". You can also use "acl