pre 使用代理的方法, cmwap或许也能用了

mycccc

( x2 f8 b/ \' Z0 ~/ |

pre支持代理的现成软件估计是等不到了
, v) f% S0 j/ |4 R$ j哪怕只是浏览器里加个代理选项,1.4.5没有,2.1也没有
$ ~5 s1 _! _& c$ z, n5 _' m  Y (或者webos有proxy软件么?我找了两天没找到)


7 N  f1 V* ~% I, s0 `搜了半天英文方面的资料,还真有
发现在webos上代理实在是太linux了
5 A, y+ Y4 X- J( i$ r3 w8 i6 A6 a

方法如下:
/ X  O7 A4 g* r* ~# ~- T: y安装squid代理，添加一个节点代理，配置iptables的所有HTTP请求转发代理 。对浏览器等来说透明,这样就可以让不支持代理的各软件都通过代理
% s; c" R. `6 g% \5 g
9 m% [/ W9 I& v* c3 n' p% p" P
  w: Q. j/ M" E% _
7 Z- v1 H. |/ i

按照这种方式
cmwap应该也可以设置成代理访问的
7 `. }8 H, j/ n3 ]这下无限流量的cmwaper们该笑了


9 K( R& t) C9 P7 k4 [/ D7 M 原文见这里: http://www.daemon.de/PalmPreHowtoSquid


- G) H- J/ T# s% m; x' V4 |Transparent Proxy on the palm pre for internet filtering and proxy forwarding

Ok, someone asked for it, so I figured it out, how to do it for fun and profit.

    Transparent Proxy on the palm pre for internet filtering and proxy forwarding
. J% |- L, ^4 g        Installing Squid
        Create a basic proxy config
        Prepare the directories for squid
; R$ J& D4 |  y8 [# Y( e        Starting squid
        Redirect Web Traffic to the Proxy
. o, |# g4 j" C' ^  R) y        Add the rules to the squid startup file
        Configure network to startup squid if WLAN comes up:
5 L: H* g, E. z        See it working

% w, A, H* G4 c$ g* K: E$ VInstalling Squid

First, you need to have root access to your device. How to get root, is described elsewere in this wiki. It would be a good idea to know a little about linux and networking too. Be warned: this can make your networking unfunctional!

Make your root disk writable:

cd / && mount -v -o remount,rw /

Login to the pre console and type this command to install the squid optware package

root@palm-webos-device: # ipkg-opt update ... root@palm-webos-device: # ipkg-opt install squid Installing squid (2.6.21-2) to root... Downloading http://ipkg.nslu2-linux.org/feed ... id_2.6.21-2_arm.ipk Configuring squid create default cache and logs dir chown: unknown user/group nobody:nobody chown: unknown user/group nobody:nobody FATAL: Could not determine fully qualified hostname.Please set  'visible_hostname'  Squid Cache (Version 2.6.STABLE21): Terminated abnormally. CPU Usage: 0.020 seconds = 0.010 user + 0.010 sys Maximum Resident Size: 0 KB Page faults with physical i/o: 0 Segmentation fault

You should review the configuration file /opt/etc/squid/squid.conf, make any necessary change, and complete the install by running -

/opt/etc/init.d/S80squid start  Successfully terminated.

Ignore the errors for the moment, we'll get to it soon.

Create a basic proxy config

Change to the directory /opt/etc/squid and move the file squid.conf which is already there to somewhere else. Now create a new squid.conf, which should have the following contents:

visible_hostname localhosthttp_port 3128 transparent                 hierarchy_stoplist cgi-bin ?               access_log /var/cache/squid/squid.log squid          acl QUERY urlpath_regex cgi-bin \?                   cache deny QUERY # replace the ip address with the address of your proxy# replace the port 3128 with the port of your proxycache_peer 192.168.2.205 parent 3128 3130 default # if your proxy requires authentication, use this:# cache_peer 192.168.2.205 parent 3128 3130 default login USERNAME PASSWORDrefresh_pattern ^ftp:           1440    20%     10080refresh_pattern ^gopher:        1440    0%      1440refresh_pattern .               0       20%     4320acl apache rep_header Server ^Apache                broken_vary_encoding allow apache    coredump_dir /var/cache/squid        cache_dir ufs /var/cache/squid 20 5 5access_log /var/cache/squid/squid.logcache_log /var/cache/squid/cache.logcache_store_log /dev/null acl all src 0.0.0.0/0.0.0.0acl manager proto cache_objectacl localhost src 127.0.0.1/255.255.255.255acl to_localhost dst 127.0.0.0/8acl SSL_ports port 443acl Safe_ports port 80          # httpacl Safe_ports port 21          # ftpacl Safe_ports port 443         # httpsacl Safe_ports port 70          # gopheracl Safe_ports port 210         # waisacl Safe_ports port 1025-65535  # unregistered portsacl Safe_ports port 280         # http-mgmtacl Safe_ports port 488         # gss-httpacl Safe_ports port 591         # filemakeracl Safe_ports port 777         # multiling httpacl CONNECT method CONNECThttp_access allow manager localhosthttp_access deny managerhttp_access deny !Safe_portshttp_access deny CONNECT !SSL_ports# example for an ACL, uncomment and modify#acl enemy dstdomain www.apple.com#http_access deny enemy http_access allow allicp_access allow all

Basicly this is a config for a transparent proxy, thus a browser will be redirected to it without knowing that it is actually connected to a proxy. We must configure it this way because the WebOS browser cannot be configured to use a proxy.

Note that we have added a single ACL here, which denies access to some random site *g*. Any other requests will be allowed. SSL (HTTPS) will not be passed through the proxy because this requires the browser to connect to it using a proxy request.

Prepare the directories for squid

Squid needs a directory where to store it's files, as content it caches and logfiles. You may consider to disable caching and logging. But caching may be a good idea if your traffic is limited, so you'll save some. Logging is always usefull for debugging. If you want to turn it off, use /dev/null as target for the logfiles.

mkdir /var/cache/squid chown nobody /var/cache/squid

Next you need let squid to prepare the directory structure using the -z option:

root@palm-webos-device: # squid -z -f squid.conf 2009/11/26 23:19:29| Creating Swap Directories

You should not see any errors here!

Starting squid

The installer already added it to the startup daemons, now we will start it manually:

/opt/etc/init.d/S80squid start

Look in /var/cache/squid/cache.log for any errors. Use ps to see if it really runs. You may consider to install lynx and test the proxy:

ipkg-opt install lynx export http_proxy=http://localhost:3128 lynx www.google.com

If you see a google textmode site, it works.

Redirect Web Traffic to the Proxy

Now comes the ugly part. I'll not explain it in detail: we install some iptable Rules. We tell iptables to forward any traffic destined to tcp port 80 to localhost port 3128 (this is where squid listens for incoming connections). To avoid that the requests of the proxy itself are forwarded to localhost (which would create a loop), we add a rule telling iptables to not forward web traffic if it were generated by user nobody (the user squid runs as):

iptables -t nat -A OUTPUT -p tcp --dport 80 -m owner --gid-owner 65534 -j ACCEPT iptables -t nat -A OUTPUT -p tcp --dport 80 -j DNAT --to-destination 127.0.0.1:3128

You should not get any response from iptables. Let's see if the rules were added correctly:

root@palm-webos-device: # iptables -nL -t natChain PREROUTING (policy ACCEPT)target     prot opt source               destination          Chain POSTROUTING (policy ACCEPT)target     prot opt source               destination          Chain OUTPUT (policy ACCEPT)target     prot opt source               destination         ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:80 owner GID match65534 DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:80 to:127.0.0.1:3128 Add the rules to the squid startup file

Edit /opt/etc/init.d/S80squid so that it looks like this:

#! /bin/shcase "$1" in    start)        echo -n "Starting proxy server: "        if [ -n "`pidof quotacheck`" ]; then           #you don't need it if you don't have quota check enable.           echo "Starting squid-cache server after delay for few mins:"           /opt/etc/squid/squid.delay-start.sh&        else           /opt/sbin/squid -f /opt/etc/squid/squid.conf           iptables -t nat -A OUTPUT -p tcp --dport 80 -m owner --gid-owner 65534 -j ACCEPT           iptables -t nat -A OUTPUT -p tcp --dport 80 -j DNAT --to-destination 127.0.0.1:3128           echo "done."        fi        echo "done."        ;;    stop)        echo -n "Stopping proxy server: "        /opt/sbin/squid -f /opt/etc/squid/squid.conf -k shutdown        iptables -t nat -D OUTPUT -p tcp --dport 80 -m owner --gid-owner 65534 -j ACCEPT        iptables -t nat -D OUTPUT -p tcp --dport 80 -j DNAT --to-destination 127.0.0.1:3128        echo "done."        ;;    reload|force-reload)        echo -n "Reloading proxy server configuration files: "        /opt/sbin/squid -f /opt/etc/squid/squid.conf -k reconfigure        echo "done."        ;;    restart)        echo -n "Restarting proxy server: "        /opt/sbin/squid -f /opt/etc/squid/squid.conf -k shutdown        sleep 2        /opt/sbin/squid -f /opt/etc/squid/squid.conf        echo "done."        ;;    *)        echo "Usage: /opt/etc/init.d/S80squid {start|stop|reload|force-reload|restart}"        exit 1        ;;esac Configure network to startup squid if WLAN comes up:

Change to directory /etc/pmnetconfig/.

In the file if-up modify this part:

if [ "$ISPPP" -ne 4 ] && [ "$ISRMNET" -ne 6 ] && [ "$ISTUN" -ne 4 ] && [ "$ISCSCOTUNVPN" -ne 8 ]; then    NetCfgSetAddr    CMSERVICES=$((${CMSERVICES} | ${CMSVCINTERNET})) fi

to

if [ "$ISPPP" -ne 4 ] && [ "$ISRMNET" -ne 6 ] && [ "$ISTUN" -ne 4 ] && [ "$ISCSCOTUNVPN" -ne 8 ]; then    NetCfgSetAddr    CMSERVICES=$((${CMSERVICES} | ${CMSVCINTERNET}))    /usr/bin/logger "wifi up: execute /opt/etc/init.d/S80squid start"     /opt/etc/init.d/S80squid start fi

In the file if-down modify this part:

if [ ${CMINTERFACE} = ${CMBTINTERFACENAME} ] || [ ${CMINTERFACE} = ${CMBRINTERFACENAME} ]; then    ${LOG} "${IPTABLES} -t nat -D POSTROUTING -s  $CMNETADDR/$CMPREFIXLEN -j MASQUERADE"    ${IPTABLES} -t nat -D POSTROUTING -s $CMNETADDR/$CMPREFIXLEN -j MASQUERADE    ${LOG} "${ECHO} 0 >/proc/sys/net/ipv4/ip_forward"    ${ECHO} 0 >/proc/sys/net/ipv4/ip_forward fi

to:

if [ ${CMINTERFACE} = ${CMBTINTERFACENAME} ] || [ ${CMINTERFACE} = ${CMBRINTERFACENAME} ]; then    ${LOG} "${IPTABLES} -t nat -D POSTROUTING -s  $CMNETADDR/$CMPREFIXLEN -j MASQUERADE"    ${IPTABLES} -t nat -D POSTROUTING -s $CMNETADDR/$CMPREFIXLEN -j MASQUERADE    ${LOG} "${ECHO} 0 >/proc/sys/net/ipv4/ip_forward"    ${ECHO} 0 >/proc/sys/net/ipv4/ip_forward    /usr/bin/logger "wifi up: execute /opt/etc/init.d/S80squid stop"         /opt/etc/init.d/S80squid stop          fi See it working

So, let's see how it works. Enable WIFI and fire up the browser and see if it works. You should see your requests on the remote proxy.

If you added an ACL as mentioned earlier, a message like the following should appear if you enter the url of your favourite enemy vendor (the one we configured above):

If it doesn't work, check /var/log/messages and look for "squid"! /var/cache/squid/cache.log is also a good place to look for failures. Good luck!

This HOWTO can also be found on the webos-internals wiki.

mycccc

靠
5 [( k8 Y0 |! s) l$ ?5 V! i0 j) o/ Xdiscuz这排版弄得
大家看原文

mycccc

SetupSquidTransparentProxy

& v1 E; N: G/ C% X% a, G5 HSquid Transparent Proxy on Palm Pre
+ J& l2 [5 l! b# q
" n1 ~# Z: H' g3 M: B! S. k  Q% }Ok, someone asked for it, so I figured it out, how to do it for fun and profit:

Hide Preparation

First, you need to have root access to your device. How to get root, is described here. It would be a good idea to know a little about linux and networking too. Be warned: this can make your networking unfunctional!
0 \8 z5 w$ G! E, f. h5 N
Next thing you need to do is to install the package Optware Advanced Linux Command Line Installer from Preware, which installs ipkg-opt!

↑ Jump Back A Section
; i. q1 l+ H7 V# v7 D, F" _Hide Installing Squid
2 `3 O5 |: y' C! T+ z2 k0 b
# {. W; c6 V. q9 ^8 F! q( o+ G9 y2 fLogin to the pre console and make your root disk writable:

' ?- \" b# f; r# K9 xroot@palm-webos-device: # cd / && mount -v -o remount,rw /
( q1 n8 R( L* x8 [- f5 \& HType this command to install the squid optware package
; M6 {8 z, b1 I/ Y
root@palm-webos-device: # ipkg-opt update
      ...
      root@palm-webos-device: # ipkg-opt install squid
$ d) I* e# O2 D/ T* o      Installing squid (2.6.21-2) to root...
      Downloading http://ipkg.nslu2-linux.org/feed ... id_2.6.21-2_arm.ipk
! }2 E3 Y" |1 o  T      Configuring squid
' c; l+ b9 ~# ]6 ^      create default cache and logs dir
" ^5 {7 ?9 o6 ^; j- F/ }( U1 n      chown: unknown user/group nobody:nobody
      chown: unknown user/group nobody:nobody
9 i8 ?" _4 ?* c/ q! |1 y      FATAL: Could not determine fully qualified hostname.Please set 'visible_hostname'
: X$ ]% ?4 f& v% [- v2 H% [. ~      
  N! B" E8 q0 S2 t! C9 j      Squid Cache (Version 2.6.STABLE21): Terminated abnormally.
: Y: y" g% R2 `/ U      CPU Usage: 0.020 seconds = 0.010 user + 0.010 sys
* p0 v$ }; q. F% t$ k" k( u4 i      Maximum Resident Size: 0 KB
      Page faults with physical i/o: 0
      Segmentation fault
' ?  t3 s' ~. V& f5 g& M      
      You should review the configuration file /opt/etc/squid/squid.conf,
      make any necessary change, and complete the install by running -
0 g+ m: w; W$ S& ]6 U2 f# j9 z      /opt/etc/init.d/S80squid start
      
      Successfully terminated.
* Z* M3 c* f! gIgnore the errors for the moment, we'll get to it soon.
# T5 Q2 G" r3 r* [/ O* p
( u" @! y; _( a' V↑ Jump Back A Section
Hide Create a basic proxy config
; A5 E* r6 v, t" P" h" u
Change to the directory /opt/etc/squid and move the file squid.conf which is already there to somewhere else. Now create a new squid.conf, which should have the following contents:

visible_hostname localhost
      http_port 3128 transparent                 
1 b0 {- |; U& c  n1 p      hierarchy_stoplist cgi-bin ?               
      access_log /var/cache/squid/squid.log squid         
      acl QUERY urlpath_regex cgi-bin \?                  
      cache deny QUERY
/ r$ @: @4 ~; c8 k: X7 v. ^8 E      
. q2 _7 R! c% H4 B& w      # replace the ip address with the address of your proxy
6 Z' {% `# u' y5 }4 h      # replace the port 3128 with the port of your proxy
      cache_peer 192.168.2.205 parent 3128 3130 default
# s8 ?) I/ m. V( _      
      # if your proxy requires authentication, use this:
. b2 O2 f2 h7 ^8 J8 m0 u3 x      # cache_peer 192.168.2.205 parent 3128 3130 default login USERNAME PASSWORD
      
$ v8 u% f6 {, V      refresh_pattern ^ftp:           1440    20%     10080
      refresh_pattern ^gopher:        1440    0%      1440
      refresh_pattern .               0       20%     4320
" d/ u' Q% ^! i8 i      acl apache rep_header Server ^Apache               
      broken_vary_encoding allow apache   
      coredump_dir /var/cache/squid        
2 }2 A# D# `2 ]7 _; ]4 _& x      cache_dir ufs /var/cache/squid 20 5 5
; A2 b8 q& e% f& c5 u; F      access_log /var/cache/squid/squid.log
! l3 k5 l' l  {; V* u      cache_log /var/cache/squid/cache.log
      cache_store_log /dev/null
      
1 f! D! J8 x0 e2 K* Y      acl all src 0.0.0.0/0.0.0.0
0 k" ^6 K4 V, Q8 L  ?: {- L      acl manager proto cache_object
+ L6 Q1 x, P3 f' e% |2 r; g      acl localhost src 127.0.0.1/255.255.255.255
1 X5 ^2 S9 A& @6 v      acl to_localhost dst 127.0.0.0/8
  x/ M, E' U8 r: f4 f2 Z      acl SSL_ports port 443
8 V7 o7 |" {: a* F0 Y      acl Safe_ports port 80          # http
) W& i" P" a5 x$ R      acl Safe_ports port 21          # ftp
      acl Safe_ports port 443         # https
# F6 n7 U+ p0 k      acl Safe_ports port 70          # gopher
      acl Safe_ports port 210         # wais
      acl Safe_ports port 1025-65535  # unregistered ports
* v3 `9 ]6 j9 m/ B/ J& c      acl Safe_ports port 280         # http-mgmt
# l# q0 `$ G* B" j" j' I      acl Safe_ports port 488         # gss-http
      acl Safe_ports port 591         # filemaker
      acl Safe_ports port 777         # multiling http
      acl CONNECT method CONNECT
1 e& L2 o1 Z! }+ S3 }      http_access allow manager localhost
& `6 }5 l  A+ `3 W8 o      http_access deny manager
+ y8 ]8 F5 K  y5 l3 h! x- N  F( N      http_access deny !Safe_ports
  i) W% p3 D; H, w) u$ M$ l      http_access deny CONNECT !SSL_ports
0 ]7 D2 z! r/ S) Z7 L      # example for an ACL, uncomment and modify
7 v2 b9 L4 b; b: }! a      #acl enemy dstdomain www.apple.com
& d# \8 a+ e5 e9 A      #http_access deny enemy
      
' Z2 [6 Z/ e7 x/ E/ @5 `      http_access allow all
      icp_access allow all
5 S8 X  Q9 E( X; p9 t% LBasically this is a config for a transparent proxy, thus a browser will be redirected to it without knowing that it is actually connected to a proxy. We must configure it this way because the WebOS browser cannot be configured to use a proxy.
- n) Q; q) F4 O) k6 d
Note that we have added a single ACL here, which denies access to some random site *g*. Any other requests will be allowed. SSL (HTTPS) will not be passed through the proxy because this requires the browser to connect to it using a proxy request.
5 E6 ]( G& Z( z6 z$ X; ^+ K
& \- Y( J9 o, ]9 u/ jYou WILL need to modify the squid.conf variable cache_peer, it points to your upstream proxy, e.g. your companys proxy. Refer to the comments for the syntax.

4 x: ^% r7 i, s; U- }& [: Z& r↑ Jump Back A Section
' H" ?- e# }* t# fHide Prepare the directories for squid
. U* I/ m7 \  N9 z7 l5 j5 ~* L
( a' {* E+ A* \1 [  C  \Squid needs a directory where to store it's files, as content it caches and logfiles. You may consider to disable caching and logging. But caching may be a good idea if your traffic is limited, so you'll save some. Logging is always usefull for debugging. If you want to turn it off, use /dev/null as target for the logfiles.

2 S5 |; C2 G: D  v/ T  cmkdir /var/cache/squid
7 ~8 n1 {8 l& [% [8 q8 x$ I; x      chown nobody /var/cache/squid
5 Z5 @& K! Q; H  k$ L+ XNext you need let squid to prepare the directory structure using the -z option:

$ l* t, k6 N1 S8 Uroot@palm-webos-device: # squid -z -f squid.conf
% @8 j5 [  E! T$ m7 O& X      2009/11/26 23:19:29| Creating Swap Directories
5 u1 X" c+ `6 C; J4 V# C5 ~  \+ [You should not see any errors here!
) m* V: C& a% d( c/ ^6 g5 ~
- Z- U, d  r6 v. r* _5 n" j↑ Jump Back A Section
Hide Starting squid
% B' }0 N" L( I& [5 {( d1 v. Q
$ f6 h" L; }5 ^& t8 zThe installer already added it to the startup daemons, now we will start it manually:

1 {( v* O4 w- B/opt/etc/init.d/S80squid start
0 l: E3 e+ Q# r4 v4 ILook in /var/cache/squid/cache.log for any errors. Use ps to see if it really runs. You may consider to install lynx and test the proxy:
& \8 c( p7 C$ I; u
ipkg-opt install lynx
      export http_proxy=http://localhost:3128
      lynx www.google.com
If you see a google textmode site, it works.
8 \  T2 p8 l& l- Z% Q% w  \
$ _/ A* x6 \' V7 \. q; h/ C8 U9 {1 o% eTurn it off if everything is ok:
8 r4 A# h- s3 T9 M
/opt/etc/init.d/S80squid stop
1 {8 j6 C2 X4 z. p↑ Jump Back A Section
7 w* Y5 W  D8 g  Z: }Hide Add the rules to the squid startup file

( B5 }/ E! Y% H: DNow comes the ugly part. I'll not explain it in detail: we install some iptable Rules. We tell iptables to forward any traffic destined to tcp port 80 to localhost port 3128 (this is where squid listens for incoming connections). To avoid that the requests of the proxy itself are forwarded to localhost (which would create a loop), we add a rule telling iptables to not forward web traffic if it were generated by user nobody (the user squid runs as).

$ y& L# N  C0 q6 hTo do that, edit /opt/etc/init.d/S80squid so that it looks like this:
  d  v0 m+ K: F5 ?; ~3 i2 t/ R
#! /bin/sh
      
0 F2 g# u$ u( W! G) V9 m$ }& G) e      case "$1" in
          start)
              echo -n "Starting proxy server: "
$ a) H7 G: s% {              if [ -n "`pidof quotacheck`" ]; then
                 #you don't need it if you don't have quota check enable.
' e) \6 z) w$ ]6 G                 echo "Starting squid-cache server after delay for few mins:"
& u) S3 G; ^) t; l; L                 /opt/etc/squid/squid.delay-start.sh&
              else
                 /opt/sbin/squid -f /opt/etc/squid/squid.conf
" K( w; Z! N) Q/ M5 R/ u                 iptables -t nat -A OUTPUT -p tcp --dport 80 -m owner --gid-owner 65534 -j ACCEPT
6 |- z, ?5 m* S$ ]                 iptables -t nat -A OUTPUT -p tcp --dport 80 -j DNAT --to-destination 127.0.0.1:3128
                 echo "done."
              fi
              echo "done."
              ;;
+ `- H8 V8 A9 L! d: _          stop)
% ~+ p, Q# C, `1 m              echo -n "Stopping proxy server: "
              /opt/sbin/squid -f /opt/etc/squid/squid.conf -k shutdown
              iptables -t nat -D OUTPUT -p tcp --dport 80 -m owner --gid-owner 65534 -j ACCEPT
              iptables -t nat -D OUTPUT -p tcp --dport 80 -j DNAT --to-destination 127.0.0.1:3128
              echo "done."
              ;;
          reload|force-reload)
9 h! O( ^- C. _0 k              echo -n "Reloading proxy server configuration files: "
, y8 D4 O, K/ ]2 B8 t              /opt/sbin/squid -f /opt/etc/squid/squid.conf -k reconfigure
- g/ l+ ?# s8 C) v" v              echo "done."
0 d) q' m0 _3 o6 o) \' {) M              ;;
, ^! v& ^1 F/ q) ^- v/ F1 v5 |# Q          restart)
              echo -n "Restarting proxy server: "
0 |1 V: F( W6 q              /opt/sbin/squid -f /opt/etc/squid/squid.conf -k shutdown
              sleep 2
              /opt/sbin/squid -f /opt/etc/squid/squid.conf
              echo "done."
              ;;
4 t# `8 c2 ?4 b8 j/ n          *)
6 M2 ?7 d& H0 p/ b! v; f* z3 Q              echo "Usage: /opt/etc/init.d/S80squid {start|stop|reload|force-reload|restart}"
: ^' p) _/ n- F6 E/ X, _1 G              exit 1
              ;;
$ L5 g* j1 d  f( o      esac
. U$ e$ y! L1 @9 e↑ Jump Back A Section
Hide Configure network to startup squid if WIFI comes up

Now we need to alter the behavior of the palm network manager so that it starts squid if WIFI comes up and stops it when WIFI goes down.
0 ?+ l  {( T) y1 e
Change to directory /etc/pmnetconfig/.

5 l8 z4 ^- i- k% Z' v5 S* KIn the file if-up modify this part:

if [ "$ISPPP" -ne 4 ] && [ "$ISRMNET" -ne 6 ] && [ "$ISTUN" -ne 4 ] && [ "$ISCSCOTUNVPN" -ne 8 ]; then
/ j) h; i6 z- Q6 p. U& I8 h" s$ V! s          NetCfgSetAddr
- a! [6 D6 S7 g5 l- R          CMSERVICES=$((${CMSERVICES} | ${CMSVCINTERNET}))
       fi
# \/ W: R4 M" O  z9 {to

if [ "$ISPPP" -ne 4 ] && [ "$ISRMNET" -ne 6 ] && [ "$ISTUN" -ne 4 ] && [ "$ISCSCOTUNVPN" -ne 8 ]; then
4 W$ Z" L4 w" W          NetCfgSetAddr
          CMSERVICES=$((${CMSERVICES} | ${CMSVCINTERNET}))
          /usr/bin/logger "wifi up: execute /opt/etc/init.d/S80squid start"
+ r6 ~6 P: Q/ R' G) A          /opt/etc/init.d/S80squid start
3 ^5 u& N3 S* X) g       fi
6 T- l# j" J; l" W/ Q8 \; zIn the file if-down modify this part:

if [ ${CMINTERFACE} = ${CMBTINTERFACENAME} ] || [ ${CMINTERFACE} = ${CMBRINTERFACENAME} ]; then
          ${LOG} "${IPTABLES} -t nat -D POSTROUTING -s  $CMNETADDR/$CMPREFIXLEN -j MASQUERADE"
& n7 O+ N- i8 O4 `4 z8 t! i          ${IPTABLES} -t nat -D POSTROUTING -s $CMNETADDR/$CMPREFIXLEN -j MASQUERADE
          ${LOG} "${ECHO} 0 >/proc/sys/net/ipv4/ip_forward"
8 _: ?4 H0 H* V8 B: B6 _          ${ECHO} 0 >/proc/sys/net/ipv4/ip_forward
       fi
. x% I/ X& c! Z! o2 `0 a6 a4 eto:

if [ ${CMINTERFACE} = ${CMBTINTERFACENAME} ] || [ ${CMINTERFACE} = ${CMBRINTERFACENAME} ]; then
          ${LOG} "${IPTABLES} -t nat -D POSTROUTING -s  $CMNETADDR/$CMPREFIXLEN -j MASQUERADE"
( V9 m9 y/ y, y  r) x0 ^0 r  r+ x          ${IPTABLES} -t nat -D POSTROUTING -s $CMNETADDR/$CMPREFIXLEN -j MASQUERADE
5 c5 ?, [  x0 g# P$ C) \! w          ${LOG} "${ECHO} 0 >/proc/sys/net/ipv4/ip_forward"
          ${ECHO} 0 >/proc/sys/net/ipv4/ip_forward
6 B9 S; H; H6 F5 J- l4 r          /usr/bin/logger "wifi up: execute /opt/etc/init.d/S80squid stop"     
          /opt/etc/init.d/S80squid stop         
/ ]! i, H  e7 s9 L6 D, L7 I       fi
. {3 U% w$ C# v; }↑ Jump Back A Section
Hide Make your root disk read-only again
' I  [% j, I9 A4 {3 Z/ u
root@palm-webos-device: # cd / && mount -v -o remount,ro /
↑ Jump Back A Section
Hide See it working
3 }! d1 U, F+ N" V1 {$ V+ I9 ?
0 e' T+ S) ]& {' v0 ]! VSo, let's see how it works. Enable WIFI and fire up the browser and see if it works. You should see your requests on the remote proxy.
$ [- d; H7 _7 f3 p0 d1 J# F
If you added an ACL as mentioned earlier, a message like the following should appear if you enter the url of your favourite enemy vendor (the one we configured above):

4 x) L! g; e; H- S9 d
* v( ^/ W, b& m: H, p
↑ Jump Back A Section
Hide Blocking Adverts

Now squid is set up, we can use it for ad blocking. There are two steps to this:

# t* y5 w; i, B( Z' [9 L  GObtain a block list

1 C5 {& G; ?5 T; V! D; ^4 I2 AAn excellent ad block list is maintained at http://pgl.yoyo.org/as/. We need to download it in a suitable format for squid, which can be done by running the following command:

+ _, b9 Q/ m- A+ {wget -q -O/opt/etc/squid/blocklist 'http://pgl.yoyo.org/as/serverlist.php?hostformat=squid-dstdom-regex;showintro=0&nohtml=true&mimetype=plaintext > /opt/etc/squid/blocklist
, g, t1 {; A7 r! W% A7 l1 c. |5 y(Technical details: the wget command downloads the URL given in single quotes, then we strip the HTML mark-up and blank lines using grep. The filename at the end is where the black list will be stored.)

9 _( l7 ^2 {9 b5 o% \Configure squid to use the block list

) V# K2 {, k  n3 d2 L6 BNow we need to tell squid to block the list of URLs in the file we've just created. Open the /opt/etc/squid/squid.conf file we created above, and scroll down to where it reads:

& U: d. `7 A4 sacl enemy dstdomain www.apple.com
Replace this line with:

acl enemy dstdom_regex "/opt/etc/squid/blocklist"
Finally, restart squid:

+ w; j: y: b2 ~& e! p- A* I/opt/etc/init.d/S80squid restart
4 {& |6 G3 d- O% r9 v, O% fTo test it's working, open a browser and try to visit ads.msn.com (one of the blocked URLs). The error given should be similar to the screenshot given above.

If in the future you need to update the ad blocking list, run the commands:
# u. S+ B5 A; n4 `$ o! g( ^  z: p/ K
* ?" Q( y4 U9 F/ d4 o, Z4 o& L( B' i; acd / && mount -v -o remount,rw /
. l/ p  z' P, d7 ~! ]) J9 l      wget -q -O - 'http://pgl.yoyo.org/as/serverlist.php?hostformat=squid-dstdom-regex;showintro=0'  | grep -v ">" | grep "." > /opt/etc/squid/blocklist
8 u5 @2 W% `5 `6 v( ?& C+ b      /opt/etc/init.d/S80squid restart
For further details of filtering URLs using squid, please refer to the excelent documentation of the squid cache project.

睡务干部

英文还给老师了  求大神  直接出方法

signning

这里有跟详细参数 看下http://bbs.gfan.com/?fromuid=179411

mycccc

5楼骗链接

laris

如果有td的模块就好了

choujiangang

我现在在用prejvm+UC+qq,可以上网

suede77

这个教程有点难度~~~可以写的详细一些吗，就是把每一步做什么，需要安装什么，怎么设置仔细写出来，求大神给个图文并茂的帖子，相信cmwap包月吧不限流量的同学回顶礼膜拜的！

choujiangang

是啊，希望有哪位大大可以把步骤简化一下，期待cmwap可以用啊
' Y, _# S6 O9 C2 X

mayday1234

这完全是跑了个linux小程序