Windows Server2019 设置审核策略记录

事件ID 4720显示已创建用户帐户。
事件ID 4722显示已启用用户帐户。
事件ID 4740显示用户帐户已被锁定。
事件ID 4725显示用户帐户已禁用。
事件ID 4726显示用户帐户已删除。
事件ID 4738显示用户帐户已更改。
事件ID 4781显示帐户名称已更改
事件ID 4663显示文件对象已更改
事件ID 4724显示用户密码已更改
事件ID 4672显示用户分配了特殊权限
事件ID 4719显示审核策略修改
事件ID 7002显示用户实际注销
事件ID 6272显示用户通过820.1x登录

一手好牌打的稀烂

今天发现人类历史都是一手好牌打的稀烂。

唐朝如此,宋朝如此,明朝亦是如此。

如今,公司是如此,国家事如此,连我也亦是如此。

良辰美景终过眼,花开花谢亦自然。

How to Install Squid5.6 for Ubuntu20.4

Step 1

sudo apt -y install libssl-dev devscripts build-essential fakeroot debhelper dh-autoreconf dh-apparmor cdbs libcppunit-dev libsasl2-dev libxml2-dev libkrb5-dev libdb-dev libnetfilter-conntrack-dev libexpat1-dev libcap-dev libldap2-dev libpam0g-dev libgnutls28-dev libssl-dev libdbi-perl libecap3 libecap3-dev libsystemd-dev libtdb-dev

Step 2, git squid and configure

git clone https://github.com/squid-cache/squid.git squid
cd squid
git branch -r
git checkout v5
./bootstrap.sh
./configure --with-openssl --enable-ssl-crtd  --with-default-user=squid '--prefix=/usr' '--includedir=${prefix}/include' '--mandir=${prefix}/share/man' '--infodir=${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--disable-silent-rules' '--libdir=${prefix}/lib/x86_64-linux-gnu' '--runstatedir=/run' '--datadir=/usr/share/squid' '--sysconfdir=/etc/squid' '--libexecdir=/usr/lib/squid' '--mandir=/usr/share/man' '--enable-inline' '--enable-async-io=8' '--enable-storeio=ufs,aufs,diskd,rock' '--enable-removal-policies=lru,heap' '--enable-delay-pools' '--enable-cache-digests' '--enable-icap-client' '--enable-follow-x-forwarded-for' '--with-swapdir=/var/spool/squid' '--with-logdir=/var/log/squid' '--with-pidfile=/run/squid.pid' '--with-large-files' '--with-default-user=proxy' '--enable-linux-netfilter' '--with-gnutls'
make
sudo make install

Step 3, edit squid.service file

sudo vi /lib/systemd/system/squid.service

[Unit]
Description=Squid Web Proxy Server
Documentation=man:squid(8)
After=network.target network-online.target nss-lookup.target

[Service]
Type=notify
PIDFile=/var/run/squid.pid
ExecStartPre=/usr/sbin/squid --foreground -z
ExecStart=/usr/sbin/squid --foreground -sYC
ExecReload=/bin/kill -HUP $MAINPID
KillMode=mixed
NotifyAccess=all

[Install]
WantedBy=multi-user.target

sudo systemctl daemon-reload 

Step 4, edit Squid.conf file

sudo vi /etc/squid/squid.conf

#
# Recommended minimum configuration:
#

# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
acl localnet src 0.0.0.1-0.255.255.255  # RFC 1122 "this" network (LAN)
acl localnet src 10.0.0.0/8             # RFC 1918 local private network (LAN)
acl localnet src 100.64.0.0/10          # RFC 6598 shared address space (CGN)
acl localnet src 169.254.0.0/16         # RFC 3927 link-local (directly plugged) machines
acl localnet src 172.16.0.0/12          # RFC 1918 local private network (LAN)
acl localnet src 192.168.0.0/16         # RFC 1918 local private network (LAN)
acl localnet src fc00::/7               # RFC 4193 local private network range
acl localnet src fe80::/10              # RFC 4291 link-local (directly plugged) machines

acl nobumpSites ssl::server_name "/etc/squid/nobumpSites.list"
acl intermediate_fetching transaction_initiator certificate-fetching
http_access allow intermediate_fetching

acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
#
# Recommended minimum Access Permission configuration:
#
# Deny requests to certain unsafe ports
http_access deny !Safe_ports

# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports

# Only allow cachemgr access from localhost
http_access allow localhost manager
http_access deny manager

# We strongly recommend the following be uncommented to protect innocent
# web applications running on the proxy server who think the only
# one who can access services on "localhost" is a local user
#http_access deny to_localhost

#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#

# Example rule allowing access from your local networks.
# Adapt localnet in the ACL section to list your (internal) IP networks
# from where browsing should be allowed
http_access allow localnet
http_access allow localhost

# And finally deny all other access to this proxy
http_access deny all
# Squid normally listens to port 3128
http_port 3128 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=20MB cert=/etc/squid/certs/squid-ca-cert-key.pem cipher=HIGH:MEDIUM:!LOW:!RC4:!SEED:!IDEA:!3DES:!MD5:!EXP:!PSK:!DSS options=NO_TLSv1,NO_SSLv3,SINGLE_DH_USE,SINGLE_ECDH_USE tls-dh=prime256v1:/etc/squid/bump_dhparam.pem

sslproxy_cert_error allow all
acl step1 at_step SslBump1
acl step2 at_step SslBump2
acl step3 at_step SslBump3
ssl_bump peek step1 all 
ssl_bump peek step2 nobumpSites
ssl_bump splice step3 nobumpSites
ssl_bump stare step2
ssl_bump bump step3

# Uncomment and adjust the following to add a disk cache directory.
#cache_dir ufs /var/spool/squid 100 16 256
cache_dir ufs /opt/squid/cache 3000 16 256

# Leave coredumps in the first cache dir
coredump_dir /var/spool/squid

#
# Add any of your own refresh_pattern entries above these.
#
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern .               0       20%     4320

Step 5 , Setting Certs

openssl req -new -newkey rsa:2048 -sha256 -days 365 -nodes -x509 -extensions v3_ca -keyout squid-ca-key.pem -out squid-ca-cert.pem
cat squid-ca-cert.pem squid-ca-key.pem >> squid-ca-cert-key.pem
sudo cp squid-ca-cert-key.pem /etc/squid/certs/squid-ca-cert-key.pem
sudo chown proxy -R /etc/squid/certs/squid-ca-cert-key.pem
sudo openssl dhparam -outform PEM -out /etc/squid/bump_dhparam.pem 2048
sudo chown proxy -R /etc/squid/bump_dhparam.pem
sudo /usr/lib/squid/security_file_certgen -c -s /var/spool/squid/ssl_db -M 4MB

Step 6, Setting cache and start

sudo mkdir /opt/squid/cache
sudo vi /etc/squid/nobumpSites.list
.apple.com
:wq
sudo chown proxy -R /etc/squid/nobumpSites.list
sudo chown proxy -R /opt/squid/cache
sudo chown proxy -R /var/log/squid
sudo squid -z
sudo systemctl start squid.service
sduo systemctl enable squid.service

Step 7, Copy the certificate”squid-ca-cert.pem’ to a computer or system and trust the certificate,Set porxy port 3128

Squid5.2/5.6 https proxy Ubuntu20 中间人 代理折腾大全

系统是ubuntu-20.04.4-live-server-amd64,Openssl版本是OpenSSL 1.1.1f 31 Mar 2020。VM虚拟机记得到配置文件写入 disk.EnableUUID = "TRUE"

1,把如下代码保存成sh可执行文件,并执行。自行生成证书文件

openssl req -new -newkey rsa:2048 -sha256 -days 365 -nodes -x509 -extensions v3_ca -keyout squid-ca-key.pem -out squid-ca-cert.pem

cat squid-ca-cert.pem squid-ca-key.pem >> squid-ca-cert-key.pem
#!/bin/bash

# all packages are installed as root
if [[ $EUID -ne 0 ]]; then
   echo "This script must be run as root" 1>&2
   exit 1
fi

# add diladele apt key
wget -qO - https://packages.diladele.com/diladele_pub.asc | sudo apt-key add -

# add new repo
echo "deb https://squid52.diladele.com/ubuntu/ focal main" \
    > /etc/apt/sources.list.d/squid52.diladele.com.list

# and install
apt-get update && apt-get install -y \
    squid-common \
    squid-openssl \
    squidclient \
    libecap3 libecap3-dev
systemctl daemon-reload

2,查看是否包含–enable-ssl-crtd。执行 squid -v

3,配置 squid.conf

acl localnet src 10.0.0.0/8     # RFC1918 possible internal network
acl localnet src 172.16.0.0/12  # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl localnet src fc00::/7       # RFC 4193 local private network range
acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines

acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT

http_access allow localhost manager
http_access deny manager

# Deny requests to certain unsafe ports
http_access deny !Safe_ports

# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports


http_access allow localnet
http_access allow localhost
# And finally deny all other access to this proxy
http_access deny all

# Squid normally listens to port 3128
htcp_port 4827
http_port 3218 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=20MB cert=/squid/certs/squid-ca-cert-key.pem
sslproxy_cert_error allow all
ssl_bump stare all
ssl_bump bump all
ssl_bump splice all

# Uncomment the line below to enable disk caching - path format is /cygdrive/<full path to cache folder>, i.e.
#cache_dir aufs /cygdrive/d/squid/cache 3000 16 256
cache_dir aufs /squid/cache 3000 16 256

# Leave coredumps in the first cache dir
coredump_dir /squid/dump

# Add any of your own refresh_pattern entries above these.
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern .               0       20%     4320

dns_nameservers 8.8.8.8 8.8.4.4

4,启动前先初始化一个项目,否则无法启动

sudo /usr/lib/squid/security_file_certgen -c -s /var/spool/squid/ssl_db -M 4MB

5,这里就可以完全启动了。自行测试下用如下命令

curl --proxy http://127.0.0.1:3218 --cacert squid-ca-cert.pem https://www.baidu.com

这时候,你可以vi打开squid-ca-cert.pem,复制里面的内容到 查错网 转换下证书格式为 cer,下载到Windows。双击打开安装到“可信任的证书颁发机构”,设置 Internet选项-连接-局域网代理 设置代理地址为这个Ubuntu机器的IP地址,端口设置为 3128 。至此打开百度,你可以在/var/log/syslog看到你访问的日志记录了。

6,尴尬了,这个5.2的容易崩溃。看下面编译5.6的

#准备环境
sudo apt -y install libssl-dev devscripts build-essential fakeroot debhelper dh-autoreconf dh-apparmor cdbs libcppunit-dev libsasl2-dev libxml2-dev libkrb5-dev libdb-dev libnetfilter-conntrack-dev libexpat1-dev libcap-dev libldap2-dev libpam0g-dev libgnutls28-dev libssl-dev libdbi-perl libecap3 libecap3-dev libsystemd-dev libtdb-dev
#克隆项目
git clone https://github.com/squid-cache/squid.git squid
cd squid
git branch -r
git checkout v5
#开始编译
./bootstrap.sh
./configure --with-openssl --enable-ssl-crtd  --with-default-user=squid '--prefix=/usr' '--includedir=${prefix}/include' '--mandir=${prefix}/share/man' '--infodir=${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--disable-silent-rules' '--libdir=${prefix}/lib/x86_64-linux-gnu' '--runstatedir=/run' '--datadir=/usr/share/squid' '--sysconfdir=/etc/squid' '--libexecdir=/usr/lib/squid' '--mandir=/usr/share/man' '--enable-inline' '--enable-async-io=8' '--enable-storeio=ufs,aufs,diskd,rock' '--enable-removal-policies=lru,heap' '--enable-delay-pools' '--enable-cache-digests' '--enable-icap-client' '--enable-follow-x-forwarded-for' '--with-swapdir=/var/spool/squid' '--with-logdir=/var/log/squid' '--with-pidfile=/run/squid.pid' '--with-large-files' '--with-default-user=proxy' '--enable-linux-netfilter' '--with-gnutls'

make
sudo make install
#设置Squid 服务
sudo vi /lib/systemd/system/squid.service
#粘贴如下
[Unit]
Description=Squid Web Proxy Server
Documentation=man:squid(8)
After=network.target network-online.target nss-lookup.target

[Service]
Type=notify
PIDFile=/var/run/squid.pid
ExecStartPre=/usr/sbin/squid --foreground -z
ExecStart=/usr/sbin/squid --foreground -sYC
ExecReload=/bin/kill -HUP $MAINPID
KillMode=mixed
NotifyAccess=all

[Install]
WantedBy=multi-user.target
#保存好后
sudo systemctl start squid.service
sudo systemctl enable squid.service
#增加tls代理
acl intermediate_fetching transaction_initiator certificate-fetching
http_access allow intermediate_fetching
#为 Diffie-Hellman 算法生成设置文件
openssl dhparam -outform PEM -out /etc/squid/bump_dhparam.pem 2048
#放到http_port 3128 后面
cipher=HIGH:MEDIUM:!LOW:!RC4:!SEED:!IDEA:!3DES:!MD5:!EXP:!PSK:!DSS options=NO_TLSv1,NO_SSLv3,SINGLE_DH_USE,SINGLE_ECDH_USE tls-dh=prime256v1:/etc/squid/bump_dhparam.pem
#排除不支持中间人证书的网站。子域名每行一个,格式如下  .dingtalk.com
acl nobumpSites ssl::server_name  "/etc/squid/donotbump.list"
acl step1 at_step SslBump1
acl step2 at_step SslBump2
acl step3 at_step SslBump3
# 检测‘SNI’信息是否可以碰撞
ssl_bump peek step1 all  
# 可以碰撞,检测证书信息            
ssl_bump peek step2 nobumpSites
# 可以碰撞,拼接证书    
ssl_bump splice step3 nobumpSites 
# 不可以碰撞,放弃
ssl_bump stare step2
ssl_bump bump step3 

没有看明白的,点开上一篇文档,按图示操作

我的龙之谷私服,哈哈哈!欢迎来玩

PC客户端下载地址
链接:https://pan.baidu.com/s/1G9cSTKlHtVv5Cy_FRKopMw
提取码:8igz

注册账户页面 http://www.tuhine.com:18880

第一步,注册账号。打开www.tuchine.com:18880

第二步,设置游戏。首先打开“A快速更改ip.exe”,把ip设置为www.tuchine.com的解析结果。每天第一次登陆都要修改。

第三步,设置分辨率。这个打开”A龙之谷更改分辨率.exe”,显示的分辨率要和设置的一致

第四步,启动游戏。打开“A龙之谷登陆器.bat”,启动后到登录界面输入注册的账号,默认有99999999的金钱

第五步,设置回环网卡。添加地址10.6.11.11,192.168.123.201,并执行以下命令
netsh interface portproxy add v4tov4 listenport=14400 listenaddress=0.0.0.0 connectaddress=外网地址 connectport=14400

netsh interface portproxy add v4tov4 listenport=14300 listenaddress=0.0.0.0 connectaddress=外网地址 connectport=14300

后续还有 手游端