Squid-cache_logoclamDansguardian squidguard_logo

 

Install squid

Squid is a proxy server and web cache daemon. It has a wide variety of uses, from speeding up a web server by caching repeated requests; to caching web, DNS and other computer network lookups for a group of people sharing network resources; to aiding security by filtering traffic. Although primarily used for HTTP and FTP and limited support TLS, SSL, HTTPS

 

Web proxy caching is a way to store requested Internet objects (e.g. data like web pages) available via the HTTP, FTP, and Gopher protocols on a system closer to the requesting site. Web browsers can then use the local Squid cache as a proxy HTTP server, reducing access time as well as bandwidth consumption. This is often useful for Internet service providers to increase speed to their customers, and LANs that share an Internet connection. Because it is also a proxy (i.e. it behaves like a client on behalf of the real client).

 

It can provide some anonymity and security. However, it also can introduce significant privacy concerns as it can log a lot of data including URLs requested, the exact date and time, the name and version of the requester’s web browser and operating system, and the referrer.

 

A client program (e.g. browser) either has to specify explicitly the proxy server it wants to use (typical for ISP customers), or it could be using a proxy without any extra configuration: “transparent caching”, in which case all outgoing HTTP requests are intercepted by Squid and all responses are cached. The latter is typically a corporate set-up (all clients are on the same LAN) and often introduces the privacy concerns mentioned above.

 

Squid has some features that can help anonymize connections, such as disabling or changing specific header fields in a client’s HTTP requests. Whether these are set, and what they are set to do, is up to the person who controls the computer running Squid. People requesting pages through a network which transparently uses Squid may not know whether this information is being logged. Within UK organisations at least, users should be informed if computers or internet connections are being monitored.

 

It is possible for a single Squid server to serve both as a normal and a reverse proxy simultaneously. For example, a business might host its own website on a web server, with a Squid server acting as a reverse proxy between clients (customers accessing the website from outside the business) and the web server. The same Squid server could act as a classical web cache, caching HTTP requests from clients within the business (i.e., employees accessing the internet from their workstations), so accelerating web access and reducing bandwidth demands.

 

dg-squid-cntlm

 

 

install rmpforge packages

#wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm

#rpm –Uvh rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm

 

#yum install squid

 

#vi /etc/squid/squid.conf

acl CONNECT method CONNECT

acl lan src 192.168.31.0/24

http_access allow localhost

http_access allow lan

http_port 3128

 

request_header_access Referer deny all

request_header_access X-Forwarded-For deny all

request_header_access Via deny all

request_header_access Cache-Control deny all

visible_hostname proxy.sathish.com

forwarded_for off

4

 

#service squid restart

#chkconfig squid on

 

now i tried to open a http://www..sathish.com in the browser of my client machine its shows

19

 

add your proxy ip address and poxy port  in the network setting of the client browser.

 

 

 

Install clamAV

ClamAV is an open source (GPL) antivirus engine designed for detecting Trojans, viruses, malware and other malicious threats. It is the de facto standard for mail gateway scanning. It provides a high performance mutli-threaded scanning daemon, command line utilities for on demand file scanning, and an intelligent tool for automatic signature updates. The core ClamAV library provides numerous file format detection mechanisms, file unpacking support, archive support, and multiple signature languages for detecting threats

 

#yum –enablerepo=rpmforge -y install clamav

 

#vi /etc/freshclam.conf

#Clamd /etc/clamd.conf

 

To update the antivrus use the following command

#freshclam

 

Scan any of the folder in your machine

#clamscan –infected –remove –recursive /home

 

 

Install Clamd

clamd – an anti-virus daemon

The daemon listens for incoming connections on Unix and/or TCP socket and scans files or directories on demand. It reads the configuration from /etc/clamd.conf

 

#yum –enablerepo=rpmforge install clamd

 

#service  clamd start

#chkconfig clamd on

 

 

 Install c-icap

c-icap is an implementation of an ICAP server. It can be used with HTTP proxies that support the ICAP protocol to implement content adaptation and filtering services.Most of the commercial HTTP proxies must support the ICAP protocol.Web antivirus service, using the clamav open-source antivirus engine basic URL filtering service.

 

#wget http://ftp.jaist.ac.jp/pub/sourceforge/c/project/c-/c-icap/c-icap/0.1.x/c_icap-0.1.6.tar.gz

#tar zxvf c_icap-0.1.6.tar.gz

#cd c_icap-0.1.6

#./configure

#make

#make install

#cd

6

 

#cp /usr/local/etc/c-icap.conf /etc

 

#vi /etc/c-icap.conf

ServerAdmin root@sathish.com

ServerName proxy.sathish.com

Service squidclamav squidclamav.so

7 8

 

#vi /etc/rc.d/init.d/c-icap

#!/bin/bash

# c-icap: Start/Stop c-icap

# chkconfig: – 70 30

# description: c-icap is an implementation of an ICAP server.

# processname: c-icap

# pidfile: /var/run/c-icap/c-icap.pid

. /etc/rc.d/init.d/functions

. /etc/sysconfig/network

CONFIG_FILE=/etc/c-icap.conf

PID_DIR=/var/run/c-icap

RETVAL=0

start() {

echo -n $”Starting c-icap: ”

daemon /usr/local/bin/c-icap -f $CONFIG_FILE

RETVAL=$?

echo

[ $RETVAL -eq 0 ] && touch /var/lock/subsys/c-icap

return $RETVAL

}

stop() {

echo -n $”Stopping c-icap: ”

killproc c-icap

rm -f /var/run/c-icap/c-icap.ctl

RETVAL=$?

echo

[ $RETVAL -eq 0 ] && rm -f $PID_DIR/c-icap.pid /var/lock/subsys/c-icap

return $RETVAL

}

case “$1″ in

start)

start

;;

stop)

stop

;;

status)

status c-icap

;;

restart)

stop

start

;;

*)

echo $”Usage: $0 {start|stop|status|restart}”

exit 1

esac

exit $?

2

#chmod 755 /etc/rc.d/init.d/c-icap

 

 

Install squidclamav

#wget http://ftp.jaist.ac.jp/pub/sourceforge/s/project/sq/squidclamav/squidclamav/6.3/squidclamav-6.3.tar.gz

#tar zxvf squidclamav-6.3.tar.gz

#cd squidclamav-6.3

#./configure

#make

#make install

#cd

9

 

#vi /etc/squidclamav.conf

redirect http://www.sathish.com/error.html

clamd_local /var/run/clamav/clamd.sock

10

 

#/etc/rc.d/init.d/c-icap start

 

#chkconfig –add c-icap

#chkconfig c-icap on

 

Add the following lines in the end of the conf file

#vi /etc/squid/squid.conf

icap_enable on

icap_send_client_ip on

icap_send_client_username on

icap_client_username_header X-Authenticated-User

icap_service service_req reqmod_precache bypass=1 icap://127.0.0.1:1344/squidclamav

adaptation_access service_req allow all

icap_service service_resp respmod_precache bypass=1 icap://127.0.0.1:1344/squidclamav

adaptation_access service_resp allow all

11

#/etc/rc.d/init.d/squid restart

 

 

 

 Install  SquidGuard

#yum –enablerepo=rpmforge -y install squidguard

#mv /etc/squid/squidguard.conf /etc/squid/squidguard.conf.bk

#vi /etc/squid/squidguard.conf

dbhome /var/lib/squidguard/db

logdir /var/log/squidguard

dest deny {

domainlist deny/domains

urllist deny/urls

}

acl {

default {

pass !deny all

redirect http://www.sathish.com/error.html

}

}

13

 

#mkdir /var/log/squidGuard

#mkdir -p /var/lib/squidGuard/db/deny

 

#vi /var/lib/squidGuard/db/deny/domains

# write domains you’d like to prohibit to access

yahoo.co.in

example.com

 

#vi /var/lib/squidGuard/db/deny/urls

#write URLs you’d like to prohibit to access

http://www.yahoo.co.in

http://www.sathish.com

 

#squidGuard -C all

16

 

#chown -R squid. /var/lib/squidGuard/db/deny

 

#vi /etc/squidclamav.conf

squidguard /usr/bin/squidguard

#/etc/rc.d/init.d/c-icap restart

 

 

Install DansGuardian

DansGuardian is an award winning Open Source web content filter which currently runs on Linux, FreeBSD, OpenBSD, NetBSD, Mac OS X, HP-UX, and Solaris. It filters the actual content of pages based on many methods including phrase matching, PICS filtering and URL filtering. It does not purely filter based on a banned list of sites like lesser totally commercial filters.

DansGuardian is designed to be completely flexible and allows you to tailor the filtering to your exact needs. It can be as draconian or as UN obstructive as you want. The default settings are geared towards what a primary school might want but DansGuardian puts you in control of what you want to block.

#yum –enablerepo=rpmforge -y install dansguardian

 

#vi /etc/dansguardian/dansguardian.conf

filterport = 8080

proxyport = 3128

17

 

#/etc/rc.d/init.d/dansguardian start

#chkconfig dansguardian on

 

#vi /etc/dansguardian/lists/bannedsitelist

yahoo.co.in

http://www.sathish.com

 

#/etc/rc.d/init.d/dansguardian restart

now  i tried to open the http://www.sathish.com  in my browser show its banned site

18