Squid 2.6 + SquidGuard
Squid-2.6-14
SquidGuard-1.3
Make sure you erase the default RPM based squid from the system, before continueing:
rpm -e squid
ulimit -n 8192
./configure –enable-default-err-language=English –enable-err-languages=”English” –enable-snmp –enable-arp-acl –enable-delay-pools –enable-cache-digests –enable-poll –disable-ident-lookups –enable-truncate –enable-linux-netfilter –enable-removal-policies –with-maxfd=8192 && make && make install && echo “SQUID SUCCESS” || echo “SQUID FAILED”
chown nobody:nobody /usr/local/squid/var -R
chown nobody:nobody /squidcache -R
squid.conf (2.6
http_port 3128 transparent
acl our_networks src 192.168.0.0/24
http_access allow our_networks
visible_hostname gateway2.pakcyber.local
url_rewrite_program /usr/local/squidGuard/bin/squidGuard -c /usr/local/squidGuard/squidGuard.conf
url_rewrite_children 10
cache_dir ufs /squidcache 6144 16 256
maximum_object_size 10240 KB
half_closed_clients off
cache_effective_user nobody
cache_effective_group nobody
/usr/local/squid/sbin/squid -z
/usr/local/squid/sbin/squid -D
Put the service startup from the contrib directory of squid source to /etc/init.d:
cp /root/squid-2.6.STABLE18/contrib/squid.rc /etc/init.d/squid
chmod +x /etc/init.d/squid
edit the squid startup file and change the interpreter from /sbin/sh to /bin/sh . Also add the chkconfig and description tags.
#!/bin/sh
# squid Startup script for the Squid Web-Cache Server
#
# chkconfig: - 85 15
# description: Squid is a World Wide Web CACHE server. It is used to serve
# HTML files and CGI.
# processname: squid
# config: /usr/local/squid/etc/squid.conf
# config: /etc/sysconfig/squid
# Squid Internet Object Cache startup
# AUTHOR: Markus Gyger
# This is squid’s startup file /sbin/init.d/squid or /etc/init.d/squid
# pidfile: /usr/local/squid/var/logs/squid.pid
# program: /usr/local/squid/sbin/squid
pidfile=/usr/local/squid/var/logs/squid.pid
program=/usr/local/squid/sbin/squid
# Source function library.
. /etc/rc.d/init.d/functions
if [ -f /etc/sysconfig/httpd ]; then
. /etc/sysconfig/httpd
fi
**add a section named status as follows:**
status)
status -p $pidfile $program
RETVAL=$?
;;
**squidGuard:-**
./configure --prefix=/usr/local/squidGuard --with-sg-config=/usr/local/squidGuard/squidGuard.conf
make
make install
chown nobody:nobody /usr/local/squidGuard/* -R
wget http://www.shallalist.de/Downloads/shallalist.tar.gz
tar xzf shallalist.tar.gz
mv BL/* /usr/local/squidGuard/db/
chown nobody:nobody /usr/local/squidGuard/db/* -R
Make sure that you already have a correct squidGuard.conf at proper place before executing this command.
squidGuard.conf
[root@gateway2 squidGuard]# cat squidGuard.conf
logdir /usr/local/squidGuard/log
dbhome /usr/local/squidGuard/db
dest porn {
domainlist porn/domains
urllist porn/urls
}
dest whitelist {
domainlist whitelist/domains
urllist whitelist/urls
}
dest redirector {
domainlist redirector/domains
urllist redirector/urls
}
dest movies {
domainlist movies/domains
urllist movies/urls
}
acl {
default {
pass whitelist !porn !redirector !movies all
redirect http://localhost/cgi-bin/squidGuard.cgi?clientaddr=%a&clientname=%n&clientuser=%i&clientgroup=%s&url=%u
}
}
cd /usr/local/squidGuard/db/porn
The following will compile all files actually mentioned in the squidGuard.conf above. So no matter in which directory you are it will compile them.
date ; /usr/local/squidGuard/bin/squidGuard -C all ; date
You have to create whitelist yourself:
mkdir /usr/local/squidGuard/db/whitelist
echo "mota.ru" > /usr/local/squidGuard/db/whitelist/domains
echo "design.propeller.com/story/2006/07/09/-googles-photo-software-picasa-review/" > /usr/local/squidGuard/db/whitelist/urls
chown nobody:nobody /usr/local/squidGuard/* -R
Copy the squidGuard.cgi from the samples directory in squidGuard source directory, to /var/www/cgi-bin and startup your apache web server.
chmod +x /var/www/cgi-bin/squidGuard.cgi
service httpd restart
service squid restart
Squid problem:-
Squid Child Process Exited Due To Signal 25
The following file was max size that is why
-rw-r—– 1 nobody nobody 2.0G Feb 22 20:24 cache.log
Removed file and restarted squid.