WBITT

We Bring In Tomorrows Technology

  • Full Screen
  • Wide Screen
  • Narrow Screen
  • Increase font size
  • Default font size
  • Decrease font size

Squid 2.6 + SquidGuard

E-mail Print PDF
User Rating: / 11
PoorBest 

 

############################################ 

Title:  Squid2.6 + Squid Guard

Author: Muhammad Kamran Azeem

Date: 21-Feb-2008

############################################ 

Squid-2.6-14
SquidGuard-1.3


Make sure you erase the default RPM based squid from the system, before continueing:

rpm -e squid



ulimit -n 8192

./configure   --enable-default-err-language=English --enable-err-languages="English"  --enable-snmp  --enable-arp-acl --enable-delay-pools --enable-cache-digests --enable-poll --disable-ident-lookups --enable-truncate --enable-linux-netfilter --enable-removal-policies --with-maxfd=8192    && make && make install && echo "SQUID SUCCESS" || echo "SQUID FAILED"


chown nobody:nobody /usr/local/squid/var -R
chown nobody:nobody /squidcache -R



squid.conf (2.6
http_port 3128 transparent
acl our_networks src 192.168.0.0/24
http_access allow our_networks
visible_hostname gateway2.pakcyber.local
url_rewrite_program /usr/local/squidGuard/bin/squidGuard -c /usr/local/squidGuard/squidGuard.conf
url_rewrite_children 10
cache_dir ufs /squidcache 6144 16 256
maximum_object_size 10240 KB
half_closed_clients off
cache_effective_user nobody
cache_effective_group nobody



/usr/local/squid/sbin/squid -z
/usr/local/squid/sbin/squid -D


Put  the service startup from the contrib directory of squid source to /etc/init.d:-

cp /root/squid-2.6.STABLE18/contrib/squid.rc  /etc/init.d/squid

chmod +x /etc/init.d/squid

edit the squid startup file and change the interpreter from  /sbin/sh to /bin/sh . Also add the chkconfig and description tags.

#!/bin/sh
# squid        Startup script for the Squid Web-Cache Server
#
# chkconfig: - 85 15
# description: Squid is a World Wide Web CACHE server.  It is used to serve \
#              HTML files and CGI.
# processname: squid
# config: /usr/local/squid/etc/squid.conf
# config: /etc/sysconfig/squid

# Squid Internet Object Cache startup
# AUTHOR: Markus Gyger
# This is squid's startup file /sbin/init.d/squid or /etc/init.d/squid
# pidfile: /usr/local/squid/var/logs/squid.pid
# program: /usr/local/squid/sbin/squid

pidfile=/usr/local/squid/var/logs/squid.pid
program=/usr/local/squid/sbin/squid


# Source function library.
. /etc/rc.d/init.d/functions

if [ -f /etc/sysconfig/httpd ]; then
        . /etc/sysconfig/httpd
fi


# add a section named status as follows:

status)
        status -p $pidfile $program
        RETVAL=$?
        ;;





squidGuard:-
------------
./configure --prefix=/usr/local/squidGuard --with-sg-config=/usr/local/squidGuard/squidGuard.conf                 
make
make install


chown nobody:nobody /usr/local/squidGuard/* -R



wget http://www.shallalist.de/Downloads/shallalist.tar.gz

tar xzf shallalist.tar.gz

mv BL/* /usr/local/squidGuard/db/

chown nobody:nobody /usr/local/squidGuard/db/* -R

Make sure that you already have a correct squidGuard.conf at proper place before executing this command.




squidGuard.conf
---------------

[root@gateway2 squidGuard]# cat squidGuard.conf
logdir /usr/local/squidGuard/log
dbhome /usr/local/squidGuard/db

dest porn {
        domainlist porn/domains
        urllist   porn/urls
}

dest whitelist {
        domainlist whitelist/domains
        urllist    whitelist/urls
}


dest redirector {
        domainlist redirector/domains
        urllist   redirector/urls
}


dest movies {
        domainlist movies/domains
        urllist   movies/urls
}


acl {

        default {
        pass whitelist !porn !redirector !movies all
        redirect http://localhost/cgi-bin/squidGuard.cgi?clientaddr=%a&clientname=%n&clientuser=%i&clientgroup=%s&url=%u
        }
}




--------------------

cd /usr/local/squidGuard/db/porn

The following will compile all files actually mentioned in the squidGuard.conf above. So no matter in which directory you are it will compile them.

date ; /usr/local/squidGuard/bin/squidGuard -C all ; date


You have to create whitelist yourself:

mkdir /usr/local/squidGuard/db/whitelist
echo "mota.ru" > /usr/local/squidGuard/db/whitelist/domains


echo "design.propeller.com/story/2006/07/09/-googles-photo-software-picasa-review/" > /usr/local/squidGuard/db/whitelist/urls

chown nobody:nobody /usr/local/squidGuard/* -R

Copy the squidGuard.cgi from the samples directory in squidGuard source directory, to /var/www/cgi-bin and startup your apache web server.

chmod +x /var/www/cgi-bin/squidGuard.cgi

service httpd restart

service squid restart

 

------------------------------ 

 

Squid problem:-
Squid Child Process Exited Due To Signal 25
The following file was max size that is why

-rw-r----- 1 nobody nobody 2.0G Feb 22 20:24 cache.log


Removed file and restarted squid.

 

You are here How To / Tutorials Squid 2.6 + SquidGuard