Table of Contents

Sarg on a Squid Server

Squid

yum install squid

 

useradd -d /cache/ -r -s /dev/null squid >/dev/null 2>&1
chown -R squid.squid /cache/
ls -l /
/bin/rm /etc/squid/squid.conf

 

/bin/cat << EOF >> /etc/squid/squid.conf
# -----------------------------------------------------------------------------
# NETWORK OPTIONS
# -----------------------------------------------------------------------------
#
# version=2005.07.15
http_port 8080


# -----------------------------------------------------------------------------
# LOGFILE PATHNAMES AND CACHE DIRECTORIES
# -----------------------------------------------------------------------------
cache_dir ufs /cache 2000 16 256
# cache_access_log /var/log/squid/access.log
# cache_log /var/log/squid/cache.log
# cache_store_log /var/log/squid/store.log


# -----------------------------------------------------------------------------
# OPTIONS FOR TUNING THE CACHE
# -----------------------------------------------------------------------------
refresh_pattern         ^ftp:           1440    20%     10080
refresh_pattern         ^gopher:        1440    0%      1440
refresh_pattern         .               0       20%     4320


# -----------------------------------------------------------------------------
# HTTPD-ACCELERATOR OPTIONS
# for transparent proxy and logging with SARG and forcing use of blacklists
# -----------------------------------------------------------------------------
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy  on
httpd_accel_uses_host_header on


# -----------------------------------------------------------------------------
# Squidguard Processes (blacklists)
# -----------------------------------------------------------------------------
#redirect_program /usr/local/bin/squidGuard -c /usr/local/squidGuard/squidGuard.conf
#redirect_children 4


# -----------------------------------------------------------------------------
# Squidguard access exceptions
# -----------------------------------------------------------------------------
#acl KILL urlpath_regex \.[eE][xX][eE]
#acl KILL urlpath_regex \.[mM][pP][3]
#acl KILL urlpath_regex \.[sS][rR][cC]
#acl KILL urlpath_regex \.[cC][oO][mM]
#acl KILL urlpath_regex \.[bB][aA][tT]
#acl KILL urlpath_regex \.[dD][lL][lL]
#acl KILL urlpath_regex \.[dD][aA][tT]

#http_access deny KILL


# -----------------------------------------------------------------------------
# For use of Watchdog proxying filtering
# -----------------------------------------------------------------------------
#cache_peer proxy1.watchdog.net.nz parent 8080 0 no-query default
#acl all src 0.0.0.0/0.0.0.0
#never_direct allow all


# -----------------------------------------------------------------------------
# OPTIONS FOR EXTERNAL SUPPORT PROGRAMS
# -----------------------------------------------------------------------------
# ftp_user Squid@
# ftp_list_width 32
# ftp_passive on
# ftp_sanitycheck on


# -----------------------------------------------------------------------------
# Authentication
# -----------------------------------------------------------------------------
#auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid_passwd
#auth_param basic children 10
#auth_param basic realm Matatoki School Web Filtering Service
#auth_param basic credentialsttl 2 hours


# -----------------------------------------------------------------------------
# ACCESS CONTROLS
# -----------------------------------------------------------------------------
# -----------------------------------------------------------------------------
# ACL Section
# -----------------------------------------------------------------------------
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443 563     # https, snews
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 631         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl localnet src 192.168.20.0/255.255.255.0
acl localnet src 192.168.1.0/255.255.255.0
acl localnet src 192.168.2.0/255.255.255.0

acl CONNECT method CONNECT

#acl neo_pets dstdomain .neopets.com
#acl bad_mail dstdom_regex mail*
#acl local_mail dstdomain mail.access-info.co.nz

#acl super_users proxy_auth strider richard tony christine
#acl office_ips src 192.168.20.1  # New Gateway
#acl office_ips src 192.168.20.34 # Mount Doom (Tonys Computer)
#acl office_ips src 192.168.20.97 # Skitso (Laptop)
#acl office_ips src 192.168.20.96 # Minastirith (Richards Computer)
#acl office_ips src 192.168.20.88 # AgentSmith (Virus Cleaner Machine... (in Squids second HDD)


#acl standard_users proxy_auth REQUIRED
#acl morning_hours time S M T W H F A 6:00-8:00
#acl afternoon_hours time S M T W H F A 15:00-18:00



# -----------------------------------------------------------------------------
# http_access Section
# The Rules that are entered here are processed in the order they apear.
# -----------------------------------------------------------------------------
#http_access allow office_ips
http_access allow localnet
#http_access allow super_users
#http_access allow local_mail
#http_access deny bad_mail
#http_access allow neo_pets morning_hours
#http_access allow neo_pets afternoon_hours
#http_access deny neo_pets
#http_access allow standard_users


# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager
# Deny requests to unknown ports
http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports

http_access deny to_localhost
http_access allow localhost

http_access deny all


icp_access allow all

miss_access allow all

cache_effective_user squid
cache_effective_group squid
EOF

 

chmod 700 /etc/rc.d/init.d/squid
/sbin/chkconfig --add squid
/sbin/chkconfig --level 345 squid on
/etc/rc.d/init.d/squid stop
/etc/rc.d/init.d/squid start
cp /usr/lib/squid/cachemgr.cgi /var/www/cgi-bin/

sarg

wget http://apt.sw.be/redhat/el6/en/x86_64/testing/RPMS/sarg-2.3-2.el6.test.x86_64.rpm

OR

wget http://apt.sw.be/redhat/el6/en/i386/testing/RPMS/sarg-2.3-2.el6.test.i686.rpm

rpm -ihv .... the correct package.

yum install GD

 

emacs  /etc/httpd/conf.d/sarg.conf

Allow from 202.174.160.0/20
Allow from 202.174.167.3
Allow from 202.174.174.8
Allow from 202.174.174.24
Allow from 202.174.161.33
Allow from 192.168.20.0/24

/etc/init.d/httpd restart

Next Page: Yum Upgrades