Quickly watching configuration files in linux

Suppose you want to configuring something in Linux. For that you have to open configuration files in Linux via vi command editor. What if you want to know whatever changes you have made active. For that I just found a simple command on Cyberciti.biz website. Thought this may be useful for you guys.

#cat config_file_name.conf | sed '/ *#/d; /^ *$/d'

(grep will remove all comments and sed will remove all empty lines)

Configuring Samba on CentOS

Samba is an Open Source / Free Software suite that has, since 1992, provided file and print services to all manner of SMB/CIFS clients, including the numerous versions of Microsoft Windows operating systems. Samba is freely available under the GNU General Public License.

The Samba project is a member of the Software Freedom Conservancy.

Operatring System

CentOS 5.2

Samba

samba-3.0

Installing samba via yum

#yum -y install samba samba-common samba-client

Configuring samba

#mv /etc/samba/smb.conf /etc/samba/smb.conf.orig

Showing you  the basic configuration of samba. In this example we are going to share softwares directory. Only samba user can able to save files in this directory.

#vi /etc/samba/smb.conf

[global]
workgroup = WORKGROUP
server string = Samba Server Version %v
security = share
load printers = yes
cups options = raw
[share]
writeable = yes
admin users = it
path = /softwares
force user = root
valid users = it
public = yes
available = yes

Save and exit the configuration file. Now we have to create samba user as well as the softwares directory which we want to share.

#mkdir /softwares

#adduser it
#passwd it
#smbpasswd -a it
#/etc/init.d/smb restart

Thats it now you are ready to browse the samba share. To access the samba share on windows pc follow the below given procedure:

Start -> run -> cmd

At the prompt type: net use z: \\ip_of_your_samba_server\share /user:it it_password

At this point you have successfully set up Samba under Linux and are now successfully connected to your share from your Windows machine.

Unblocking attachments in Microsoft Outlook

To provide enhanced security, Microsoft Office Outlook is designed to prevent you from unblocking attachments. But some time it becomes headache for you. Some times you don't require this feature. There are two levels of securities in Microsoft Office Outlook Level1 and Level2. Access to Level 1 files is blocked and can't be changed. When you receive an attachment with a Level 2 file type, you will be prompted to save the file to your hard disk. If you use Microsoft Exchange Server, your system administrator can add and remove file types for both levels of e-mail security.

Level 1

File extension	File type
ade	Access Project Extension (Microsoft)
adp	Access Project (Microsoft)
app	Executable Application
asp	Active Server Page
bas	BASIC Source Code
bat	Batch Processing
cer	Internet Security Certificate File
chm	Compiled HTML Help
cmd	DOS CP/M Command File Command File for Windows NT
com	Command
cpl	Windows Control Panel Extension (Microsoft)
crt	Certificate File
csh	csh Script
exe	Executable File
fxp	FoxPro Compiled Source (Microsoft)
gadget	Windows Vista gadget
hlp	Windows Help File
hta	Hypertext Application
inf	Information or Setup File
ins	IIS Internet Communications Settings (Microsoft)
isp	IIS Internet Service Provider Settings (Microsoft)
its	Internet Document Set Internet Translation
js	JavaScript Source Code
jse	JScript Encoded Script File
ksh	UNIX Shell Script
lnk	Windows Shortcut File
mad	Access Module Shortcut (Microsoft)
maf	Access (Microsoft)
mag	Access Diagram Shortcut (Microsoft)
mam	Access Macro Shortcut (Microsoft)
maq	Access Query Shortcut (Microsoft)
mar	Access Report Shortcut (Microsoft)
mas	Access Stored Procedures (Microsoft)
mat	Access Table Shortcut (Microsoft)
mav	Access View Shortcut (Microsoft)
maw	Access Data Access Page (Microsoft)
mda	Access Add-in (Microsoft) MDA Access 2 Workgroup (Microsoft)
mdb	Access Application (Microsoft) MDB Access Database (Microsoft)
mde	Access MDE Database File (Microsoft)
mdt	Access Add-in Data (Microsoft)
mdw	Access Workgroup Information (Microsoft)
mdz	Access Wizard Template (Microsoft)
msc	Microsoft Management Console Snap-in Control File (Microsoft)
msi	Windows Installer File (Microsoft)
msp	Windows Installer Patch
mst	Windows SDK Setup Transform Script
ops	Office Profile Settings File
pcd	Visual Test (Microsoft)
pif	Windows Program Information File (Microsoft)
prf	Windows System File
prg	Program File
pst	MS Exchange Address Book File Outlook Personal Folder File (Microsoft)
reg	Registration Information/Key for W95/98  Registry Data File
scf	Windows Explorer Command
scr	Windows Screen Saver
sct	Windows Script Component Foxpro Screen (Microsoft)
shb	Windows Shortcut into a Document
shs	Shell Scrap Object File
tmp	Temporary File/Folder
url	Internet Location
vb	VBScript File or Any VisualBasic Source
vbe	VBScript Encoded Script File
vbs	VBScript Script File Visual Basic for Applications Script
vsmacros	Visual Studio .NET Binary-based Macro Project (Microsoft)
vss	Visio Stencil (Microsoft)
vst	Visio Template (Microsoft)
vsw	Visio Workspace File (Microsoft)
ws	Windows Script File
wsc	Windows Script Component
wsf	Windows Script File
wsh	Windows Script Host Settings File

Level 2

There are no Level 2 files by default. If you use Microsoft Exchange Server, your system administrator may add and remove Level 2 file types, or allow you to reduce a Level 1 file to Level 2.

But what if you are not having Microsoft Exchange Server. Following is the resgistry trick which disable the Level1 security feature.

Start>run>regedit

HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Outlook\Security
(Go to HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Outlook\Security for Outlook 2003 and HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Outlook\Security for Outlook 2002. )
 

Add a new string value called "Level1Remove".
 

Make its value a list of allowed file extensions separated by semicolons.
 

For example, ".shs;.exe" allows access to Shell Scrap Object File and executables.

NVU web authoring system for creating web pages

Hi

Trying to build a basic website for my personal use. For a while I used windows notepad for creating webpages.  But u must have a very good html knowledge for that. While searching an open source solution for it I come to know NVUweb authering system. 

Nvu (pronounced "N-view," for a "new view") is a free, open source software program that allows you to build websites and web pages using a simple WYSIWYG editor (what-you-see-is-what-you-get).  Nvu makes creating web pages as easy as using a word processor and rivals such programs as Adobe's Dreamweaver and Microsoft's Expression Web, only for free!  With Nvu's built-in site manager, connecting to your website and making changes is a snap. 

I liked the software cause you can use the same software in Windows as well as in Linux. I am using it on My CentOS
You can download it from the below link

For windows users:
nvu-1.0-win32-installer-full.exe

For linux user:
RPM base
kompozer-0.7.10-i386.rpm

Source file
kompozer-0.7.10-gcc4.0.3-i486.tar.gz

For more information you can go to their website:
NVU websites

Cloud computing is just another term for outside your control.

The Darker Side of Cloud Computing

Cloud computing is a marketing buzzword that's thrown around an awful lot today. A vague (but useful) definition is that cloud computing refers to data, processing, or experiences that "live" out there somewhere in the cloud we call the Internet. Everyone's got something going on in the cloud these days: collocating or hosting Web or e-mail servers, social networking, software as a service (SaaS), even infrastructure as a service (for example, off-site online storage). Cloud computing is becoming very popular, primarily as a money-saving technique—cloud services don't require expensive in-house hardware, software, and staff. In addition, cloud services are usually available for a small monthly fee rather than a huge up-front expense, which makes them even more attractive from a budgeting standpoint. Like many things that seem to have only an upside, cloud computing makes me nervous.

The cloud is burgeoning. Businesses are using Salesforce.com for CRM; Zoho, Microsoft Office Live, and Google Apps for office productivity; Intuit QuickBase or a hosted Microsoft SQL Server for databases—and the list goes on. More features, less expense, and fewer IT resources? It almost sounds too good to be true. And it may be. Much the way in the early eighties we asked "Where's the beef?" we should now be asking "Where's the security?"

To secure data, you need to understand something I like to call the data life cycle: How data is collected, entered, processed, transmitted, stored, reported, and exported. Any one of these stages may contain multiple vulnerabilities, some ubiquitous and some particular to your environment. To assess the security of corporate data, you'll have to understand the risks that apply to each stage of the data life cycle. You will be able to take proactive steps to prevent data from being compromised by understanding the integration of security risks, business processes, and the data life cycle.

By now you are probably beginning to see the downside to cloud computing—it's difficult enough to protect data that doesn't leave your control as part of ordinary business, but in the cloud you've relinquished control. Depending on your contract, you may not even own your cloud-resident data! And worse, there are clouds within the cloud—your provider may subcontract with another provider for data storage, and that provider might also subcontract for data storage management. Your provider may not even be able to tell you where your data is, or even which country it is in and whether the laws that apply to you regarding data security and breach disclosure even apply in that twice-removed jurisdiction.

Gartner published a great report in early June that is the industry's first attempt to identify the security risks of cloud computing. In it, Gartner urges something that we at PC Magazine have been advocating for decades: full disclosure (aka "transparency") with regard to security practices and procedures. The reasoning is simple: If your provider can't tell you exactly what it does to protect your data at each stage of the data life cycle, then how good a job do you think that provider is doing?

What other recommendations spring from Gartner's findings?

• Apply internal risk assessment and controls to all externally sourced (cloud) services.
• Assess all legal, regulatory, and audit issues associated with location independence and service subcontracting.
• Demand transparency. Anything less is a deal breaker! Don't contract for IT services with a vendor that refuses to provide detailed information on its security and continuity management programs.

Yes, cloud computing is a set of powerful technology solutions that are here to stay. It provides cost savings that may temporarily blind you to the risks. But don't dive in simply to save money and time. Evaluate each service's security the same way you would evaluate off-the-shelf hardware and software. Ask tough questions about data security. If your provider refuses to answer, or his answer doesn't adhere to your current security policy, look elsewhere. I've sat through countless vendor meetings and I guarantee you this: Every time a security concern is dismissed as "taken care of" without explanation, it's a potential problem.

Source

Installing Joomla on CentOS

Joomla! is a free open source content management system for publishing content on the World Wide Web and intranets as well as a Model–view–controller (MVC) Web Application Development framework. The system includes features such as page caching to improve performance, RSS feeds, printable versions of pages, news flashes, blogs, polls, website searching, and language internationalization. Joomla is licensed under the GPL, and is the result of a fork of Mambo.

It is written in the PHP programming language and uses the MySQL database. Here is the step by step guide of how to install joomla on CentOS.

Operating System:
CentOS5.2

Joomla:
Joomla v.1.5.10

Installing prerequisites:

Enabling RPM repositeries:

#rpm -ivh http://apt.sw.be/redhat/el5/en/i386/RPMS.dag/rpmforge-release-0.3.6-1.el5.rf.i386.rpm

Enabling Utter Ramblings repositeries:

#rpm --import http://www.jasonlitka.com/media/RPM-GPG-KEY-jlitka

Creating repo file:

# touch /etc/yum.repos.d/utterramblings.repo
# echo '[utterramblings]' >> /etc/yum.repos.d/utterramblings.repo
# echo "name=Jason's Utter Ramblings Repo" >> /etc/yum.repos.d/utterramblings.repo
# echo 'baseurl=http://www.jasonlitka.com/media/EL$releasever/$basearch/' >> /etc/yum.repos.d/utterramblings.repo
# echo 'enabled=1' >> /etc/yum.repos.d/utterramblings.repo
# echo 'gpgcheck=1' >> /etc/yum.repos.d/utterramblings.repo
# echo 'gpgkey=http://www.jasonlitka.com/media/RPM-GPG-KEY-jlitka' >> /etc/yum.repos.d/utterramblings.repo

Installing required packages:

#yum -y install mysql mysql-server mysql-devel httpd php php-mysql

Creating database for joomla:

#mysql -u root -p
mysql>create database joomla;
mysql>exit

#echo "extension=mysql.so" >> /etc/php.ini

Installation of joomla:

Download and unzip the joomla package in your web root directory. In my case it is /var/www/html

Creating a temporary configuration file
# touch /var/www/html/joomla/configuration.php
# chmod 777 /var/www/html/joomla/configuration.php

Restart your web server:
#service httpd restart

Enter the following url in your browser:
http://your_ip/joomla and follow the webinstallation process. It is quit simple.

Windows 7's Jump List feature

Take a closer look at Windows 7's Jump List feature

Jump Lists are a new feature in Microsoft Windows 7 that are designed to make it easier to find what you want and perform common operations associated with an application. Jump Lists appear on the Start menu as well as on the Taskbar when you right-click on an icon. As I’ve been working with Windows 7, I’ve learned to take advantage of Jump Lists and really love the boost in computing efficiency.

Recently, I was extolling the benefits of the Jump List to a couple of friends, and one of them blasted my newfound penchant, saying that the Jump List feature was nothing more than a glorified My Recent Documents menu. (Obviously, he is still using Windows XP.) I responded that he was actually right, but he was also wrong.

It’s true that the Jump List feature is an enhancement that can very easily trace its origins to the Recent Documents feature, which by the way first made its appearance on Windows 95’s Start menu as the Documents menu. However, delivering a listing of recently opened documents is but a small piece of what the Jump List provides.

In this edition of the Windows Vista and Windows 7 Report, I’ll introduce you to Windows 7’s Jump List feature. As I do, I’ll show you the Jump Lists for several applications and describe the features in more detail.

Note: Keep in mind that this is a prerelease version and that the look and features of Windows 7 that I will discuss here may very well change between now and the time the operating system is actually released.

Jump List feature in a nutshell

The Jump List feature is designed to provide you with quick access to the documents and tasks associated with your applications. You can think of Jump Lists like little application-specific Start menus. Jump Lists can be found on the application icons that appear on the Taskbar when an application is running or on the Start menu in the recently opened programs section. Jump Lists can also be found on the icons of applications that have been specifically pinned to the Taskbar or the Start menu.

Jump Lists on the Start menu will appear a little different than Jump Lists on the Taskbar. However, they will provide the same functionality.

By default, the Jump List can contain the application’s shortcut, the ability to toggle pinning, the ability to close one or all windows, access to specific tasks associated with the application, and once you begin using the application, a list of recent documents or destinations depending on the application.

Now that you have a general idea of how Jump Lists work, let’s take a look at the Jump Lists for several applications.

Read More

Installing Nagios on CentOS

Nagios is a popular open source computer system and network monitoring software application. It watches hosts and services, alerting users when things go wrong and again when they get better. Nagios was originally designed to run under Linux, but also runs well on other Unix variants. Nagios is free software licensed under the terms of the GNU General Public License version 2 as published by the Free Software Foundation.

Operating System:
CentOS5.2

Nagios:
Nagios 3.0.6

Prerequisites:
Installing prerequisites on your CentOS box.

# yum install -y httpd gcc glibc glibc-common gd gd-devel

Downloading & Installing nagios and its plugin:

Creating user

#/usr/sbin/useradd -m nagios
#/usr/sbin/groupadd nagcmd
#/usr/sbin/usermod -G nagios,nagcmd nagios
#/usr/sbin/usermod -G nagios,nagcmd apache

Assigning password for user nagios

#passwd nagios

Downloading nagios

#cd /usr/local/src/
#wget http://ovh.dl.sourceforge.net/sourceforge/nagios/nagios-3.0.6.tar.gz
#tar -xzf nagios-3.0.6.tar.gz

Installing Nagios

#cd /usr/local/src/nagios-3.0.6
#./configure --prefix=/usr/local/nagios --with-command-group=nagcmd --enable-nanosleep --enable-event-broker
#make all
#make install
#make install-init
#make install-commandmode
#make install-config
#make install-webconf

Create a nagiosadmin account for logging into the Nagios web interface. Remember the password you assign to this account - you'll need it later.

#htpasswd -bc /usr/local/nagios/etc/htpasswd.users nagiosadmin urpassword

Installing nagios plugin

#cd /usr/local/src
#wget http://ovh.dl.sourceforge.net/sourceforge/nagiosplug/nagios-plugins-1.4.13.tar.gz
#tar -xzf nagios-plugins-1.4.13.tar.gz
#cd nagios-plugins-1.4.13
#./configure --with-nagios-user=nagios --with-nagios-group=nagios
#make
#make install

Restart Apache to take effect all the changes.
#service httpd restart

Starting Nagios:
#service nagios start
Fireup your web browser and go to http://your_server_ip/nagios

Make sure your machine's firewall rules are configured to allow access to the web server if you want to access the Nagios interface remotely.

OCS Inventory NG agent for Windows

In my previous tutorial, you learn how to setup OCS Inventory Server on CentOS

Operating System:
Windows XP

OCS Inventory NG Agent:
OCSNG_WINDOWS_AGENT_1.02RC3.zip (internal version 4.0.5.0)

In this tutorial we will learn how to setup OCS inventory client on Windows XP.

Download OCS Inventory NG agent
OCSNG_WINDOWS_AGENT

Extract the zip file and double click on OCSAgent setup:









After clicking finish button you will get inventory on your server.

VNC Server on CentOS

RealVNC provides remote control software which lets you see and interact with desktop applications across any network.
The software has a widespread user base from individuals to the largest multi-national companies. Founded by the original developers of VNC to promote, enhance and commercialise VNC.

Operating System:
CentOS5.2

VNC Server version:
vnc-server-4.1.2.14

Installing VNC Server:

#cd /usr/local/src/
#wget http://apt.sw.be/redhat/el5/en/i386/RPMS.dag/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
#rpm --import http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt
#rpm -Uvh rpmforge-release-0.3.6-1.el5.rf.i386.rpm
#yum -y install vnc vnc-server

Configuring VNC Server:

#echo 'VNCSERVERS="1:root"' >> /etc/sysconfig/vncservers

Before starting vncserver as a service, let's create a vnc password with vncpasswd command.

[root@localhost ~]#vncpasswd
Password:
Verify:

Now let's start vncserver as a service.

#service vncserver start


If you edit the script called xstartup, you will notice following comment in red.
Uncomment those two lines in red as shown below!!! Otherwise, you will get nothing but grey screen.

#cd /root/.vnc
#vi xstartup

#!/bin/sh

# Uncomment the following two lines for normal desktop:

unset SESSION_MANAGER
exec /etc/X11/xinit/xinitrc

[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -iconic &
xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
twm &


Since we've just edited vnc startup script, let's restart the vncserver.

#service vncserver restart

So how do I connect to vncserver? Use vncviewer command in vnc client as following.

[root@localhost ~]$ vncviewer localhost:1

VMware Server On A CentOS

This tutorial provides step-by-step instructions on how to install VMware Server on a CentOS 5.2 desktop system. With VMware Server you can create and run guest operating systems ("virtual machines") such as Linux, Windows, FreeBSD, etc. under a host operating system. This has the benefit that you can run multiple operating systems on the same hardware which saves a lot of money, and you can move virtual machines from one VMware Server to the next one.

Operating System:
CentOS5.2

VMware Server Version:
VMware Server 1.0.3

Preparing CentOS before installing VMware Server

#yum –y install system-config-services xinetd kernel-devel

Downloading VMware Server

To get the serial number you need to run VMware Server, go to http://register.vmware.com/content/registration.html. Fill in your personal details. Afterwards you will get a page with a serial number for VMware Server. Write it down or print it out:

#cd /usr/local/src
#wget http://download3.vmware.com/software/vmserver/VMware-server-1.0.3-44356.tar.gz
#tar zxvf VMware-server-1.0.3-44356.tar.gz
#cd vmware-server-distrib
#./vmware-install.pl

The installer will ask you a lot of questions. You can always accept the default values simply by hitting . When it asks you

You will now find VMware Server under Applications > System Tools:

When you start it, select Local host:

Source:

OCSNG Server Setup on CentOS5.2

Open Computer and Software Inventory Next Generation (OCS inventory NG) is free software that enables users to inventory their IT assets. OCS-NG collects information about the hard- and software of networked machines running the OCS client program ("OCS Inventory Agent"). OCS can be used to visualize the inventory through a web interface. Furthermore, OCS comprises the possibility of deploying applications on the computers according to search criteria. Agent-side IpDiscover makes it possible to know the entirety of networked computers and devices.

Operating System:
CentOS5.2

Downloading OCS Inventory:
OCS Linux Server 1.01

Installing OCS_Inventory server required dependencies:

#cd /usr/local/src/
#wget http://apt.sw.be/redhat/el5/en/i386/RPMS.dag/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
#rpm --import http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt
#rpm -Uvh rpmforge-release-0.3.6-1.el5.rf.i386.rpm

MySQL & Apache setup:

#yum -y install mysql-server mysql httpd
#echo "ServerName your_server_name:80" >> /etc/httpd/conf/httpd.conf

Creating database for OCS inventory:

#mysql -u root -p
mysql>CREATE DATABASE ocsweb;
mysql>GRANT ALL PRIVILEGES ON ocsweb.* TO ocs@localhost IDENTIFIED BY 'ocs';
mysql>exit


PHP & Perl Modules setup:

#yum -y install perl-XML-Simple perl-Compress-Zlib perl-DBI perl-DBD-MySQL perl-Apache-DBI perl-Net-IP perl-SOAP-Lite
#yum -y install php-pecl-zip php-mysql php-devel zlib-devel php-pear php-gd gcc
#yum -y install php-snmp php-posix libgd2 gd-devel libpng libpng-devel perl-config-IniFiles perl-Crypt-DES perl-Digest-HMAC perl-Digest-SHA1 perl-GD perl-IO-Socket-INET6 perl-Net-SNMP perl-rrdtool perl-Socket6 mod_perl perl-XML-Parser

#yum -y install sudo make gcc

Adding zip support to PHP installation:

#pecl install zip
#echo ";Add zip support" >> /etc/php.ini
#echo "extension=zip.so" >> /etc/php.ini
#service httpd restart

OCS Server Installation:

#cd /usr/local/src
#wget http://nchc.dl.sourceforge.net/sourceforge/ocsinventory/OCSNG_LINUX_SERVER_1.01.tar.gz
#tar zxvf OCSNG_LINUX_SERVER_1.01.tar.gz
#cp -rf OCSNG_LINUX_SERVER_1.01 /var/www/html/OCSNG
#cd /var/www/html/OCSNG/ocsreports
#touch dbconfig.inc.php
#chmod 666 dbconfig.inc.php
#cd /var/www/html/OCSNG
#./setup.sh

Pretty much everything is self-explanatory, and for the most part, you can select the defaults. The first screen is only important if you've had a previous version of OCS running on the server.
OCS is now installed in /var/www/html and the main configuration file will be located in the web server's httpd directory, /etc/httpd/conf.d/ocsinventory.conf, along with logging directory at /var/log/ocsinventory-NG/.

Now restart your apache server:
#service httpd restart

Enter the following link into your browser:
http://your_server_ip/OCSNG/ocsreports/install.php

You should see a login box for your MySQL credentials.
MySQL login: root
MySQL Password: whatever you change it too
MySQL HostName: localhost

If everything goes well, you should see a long list of steps the installer completed. If not, fix the problems and try again. If it succeeded, go ahead and click the submit query button at the very bottom of the page. You can now login to the web interface with username and password of both admin. You can change the default password at the top right-hand side of the browser window.

SOURCE

Squid setup

Squid Caching webserver for your office

(Commands are shown in green colour)
Following is the details of my setup:
eth0(External Interface):
IP: 192.168.1.2
Gateway: 192.168.1.1

eth1(Local Interface)
IP: 192.168.222.5


Downloading squid:
You can compile squid from the source file or you can use rpm for your CentOS distribution

cd /usr/local/src/
wget http://people.redhat.com/jskala/squid/squid-3.0.STABLE13-1.el5/i386/squid-3.0.STABLE13-1.el5.i386.rpm
rpm -Uvh squid-3.0.STABLE13-1.el5.i386.rpm

You have to edit squid.conf file as per your needs:
vi /etc/squid/squid.conf

Following is the basic configuration:

visible_hostname hostname
http_port 3128 transparent

acl home src 192.168.222.0/24
http_access allow home

If you want to block some sites then:

acl home src 192.168.222.0/24
acl bansites url_regex "/etc/squid/bannedsites"
http_access deny home bansites
http_access allow home

Creating special user you will have all the rights:

acl poweruser arp "/etc/squid/poweruser"
acl home src 192.168.222.0/24
acl bansites url_regex "/etc/squid/bannedsites"
http_access allow poweruser
http_access deny home bansites
http_access allow home

Preparing iptables for Nating as well as squid server:

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 \-j REDIRECT --to-port 3128
iptables -A INPUT -j ACCEPT -m state \--state NEW,ESTABLISHED,RELATED -i eth1 -p tcp \--dport 3128
iptables -A OUTPUT -j ACCEPT -m state \--state NEW,ESTABLISHED,RELATED -o eth0 -p tcp \--dport 80
iptables -A INPUT -j ACCEPT -m state \--state ESTABLISHED,RELATED -i eth0 -p tcp \--sport 80
iptables -A OUTPUT -j ACCEPT -m state \--state ESTABLISHED,RELATED -o eth1 -p tcp \--sport 80
service iptables save
service iptables restart

Thats it now you have the squid proxy server at your office. Enjoy!!