Difference between revisions of "Network settings"
en>Santosh.thorat |
m (1 revision imported) |
(No difference)
|
Revision as of 00:31, 25 July 2021
Overview
Configure the basic Network Infrastructure.
Configure the Sockets on which SafeSquid will Listen, and accept connections from clients.
Manage SafeSquid's outgoing connections through existing IP's of your host system.
Listen
Setup SafeSquid’s Listen Interfaces to accept connections from clients.
When SafeSquid starts-up, all the enabled entries will be evaluated, and create appropriate Listening Sockets.
You may specify these Interfaces when creating policies in Access Restrictions Section.
Evaluation logically skips disabled Entries.
Service restart is required to effect any changes made here.
Enabled
Enable or Disable this entry
- TRUE : Enable this entry.
- FALSE : Disable this entry
Comment
For documentation, and future references, explain the relevance of this entry with your policies.
That is, by reading the policies, a future user can understand the purpose of that entry.
Port
Specify the Listen port. By default, SafeSquid listens on port 8080.
Port value can be a positive integer between 1 and 65535. Default value is 8080
IP
Specify the IP address to complete the socket definition.
You may choose a specific IPv4 or IPv6 address.
Empty or Blank: All the IPv4 and IPv6 addresses of the host.
- set to 0.0.0.0 : Listen to all IPv4 IPs only
- set to :: : Listen to all IPv6 IPs only
Bindings
Choose additional bindings (roles) for this Socket.
You may select multiple options if you need.
- SSL_TRANSPARENT : Accept SSL requests in a transparent proxy mode.
- CAPTIVE_PORTAL : Setup a captive portal for user authentication, when SafeSquid is used as a Transparent Proxy.
- SSL_AUTHENTICATION : User authentication via SSL client certificates.(Not Yet Implemented)
- SSL_BRIDGE : If SafeSquid has been setup as Reverse Proxy, and must provide SSL for non-SSL HTTP servers.(Not Yet Implemented)
Interface
Specify Interfaces for outgoing connections.
SafeSquid can take advantage of multiple ISPs or outbound connection routes, on multi-homed host systems.
Create multiple entries as required.
SafeSquid evaluates all enabled entries starting from top, and selects the first one that matches the connection.
Evaluation skips the disabled Entries.
Enabled
Enable or Disable this entry
- TRUE : Enable this entry.
- FALSE : Disable this entry.
Comment
For documentation, and future references, explain the relevance of this entry with your policies.
That is, by reading the policies, a future user can understand the purpose of that entry.
Profiles
Specify the Profiles applicable for this entry.
This entry will be applicable only if the connection has any one of the specified profiles.
Leave it Blank, to apply for all connections irrespective of any applied profile.
To avoid application to a connection that has a profile, use negated profile (!profile).
IP
Specify an IP address assigned to the host system.
SafeSquid will bind the outgoing connection to this IP address thus effectively applying the desired routing for the connection.
Note : The configuration must be saved and the proxy server has to be restarted before any changes take effect.
See Also
Secure WIFI Access Through Active Directory Infrastructure And SafeSquid Captive Portal