opus
August 17th, 2006, 10:22
A Simple Squid/Dansguardian basic install:
(Make sure you have wget handy for getting Dansguardian src)
#cd /usr/ports/www/squid
#make install && make distclean
#cd /usr/local/etc/squid
#cp squid.conf squid.conf.original
#vi squid.conf
insert the following. Mind you, this is how I got mine to work. I am sure there needs to be fine tuning.....once I figure out how/what.
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.7/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80
acl CONNECT method CONNECT
http_access allow all
http_access deny manager
http_access deny CONNECT !SSL_ports
http_access deny all
http_reply_access allow all
icp_access allow all
coredump_dir /var/squid/cache
(thanks elmore)
I have no idea what it all means, just that it works.
:wq! and get out of the file
Then run
#squid -Z
That should about do for squid.
#cd /usr/ports/www/dansguardian
# cd /usr/ports/www/dansguardian
# make rmconfig
# make config
<select the option to install the phraselists>
# make install clean
(thanks phoenix)
You will get a warning about having to go get DG src so.....
#cd /usr/ports/distfiles
#wget http://floridamirror.dansguardian.org/downloads/2/Stable/dansguardian-2.8.0.6.source.tar.gz
#cd /usr/ports/www/dansguardian
#make install clean
Thats all for the install.
Apache also gets install with this setup. I dont use Apache, so you will have to figure that part out yourself.
#cd /usr/local/etc/dansguardian
You might have to copy the sample conf file to a working one. If there is no sample one there, you can get one in /usr/local/etc/dansguardian/samples
You need to put this in your /etc/rc.conf:
squid_enable="YES"
dansguardian_enable="YES"
As well as whatever is required for apache. This will start them at startup.
I would reboot now and see if everything starts up.
Once up and running you can
#netstat -ant | grep 8080
you should see tcp listening
You can also
#netstat -ant | grep 3128 to see it is listening as well
You can
#top
to be sure DG, Squid and Apache are running.
From there, you can
#cd /usr/local/etc/dansguardian
Look through all the banned files, etc there. You will then understand how things are blocked. I had to go through them and remove almost everything that mentions guns, do to the fact that I do a bit with guns.
One thing for sure, google search will NOT work if in your Google prefs, you have the "safe filter off" >You MUST have the safe filter on for Google search to work with DG.
Point your browser or however you configure for a proxy, in your particular OS. For OS X, go to:
system prefs>network>[pick the interface you are using]>proxies, then put the ip address in and port 8080.
I realize this is rather short and basic, but its all I know. I was disappointed to find there is not much out there that is available by way of help for this.
Please feel free to correct me or add/remove/explain anything I have/havenot included in this. Maybe between all of us, we can get a good tutorial out of this.
(Make sure you have wget handy for getting Dansguardian src)
#cd /usr/ports/www/squid
#make install && make distclean
#cd /usr/local/etc/squid
#cp squid.conf squid.conf.original
#vi squid.conf
insert the following. Mind you, this is how I got mine to work. I am sure there needs to be fine tuning.....once I figure out how/what.
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.7/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80
acl CONNECT method CONNECT
http_access allow all
http_access deny manager
http_access deny CONNECT !SSL_ports
http_access deny all
http_reply_access allow all
icp_access allow all
coredump_dir /var/squid/cache
(thanks elmore)
I have no idea what it all means, just that it works.
:wq! and get out of the file
Then run
#squid -Z
That should about do for squid.
#cd /usr/ports/www/dansguardian
# cd /usr/ports/www/dansguardian
# make rmconfig
# make config
<select the option to install the phraselists>
# make install clean
(thanks phoenix)
You will get a warning about having to go get DG src so.....
#cd /usr/ports/distfiles
#wget http://floridamirror.dansguardian.org/downloads/2/Stable/dansguardian-2.8.0.6.source.tar.gz
#cd /usr/ports/www/dansguardian
#make install clean
Thats all for the install.
Apache also gets install with this setup. I dont use Apache, so you will have to figure that part out yourself.
#cd /usr/local/etc/dansguardian
You might have to copy the sample conf file to a working one. If there is no sample one there, you can get one in /usr/local/etc/dansguardian/samples
You need to put this in your /etc/rc.conf:
squid_enable="YES"
dansguardian_enable="YES"
As well as whatever is required for apache. This will start them at startup.
I would reboot now and see if everything starts up.
Once up and running you can
#netstat -ant | grep 8080
you should see tcp listening
You can also
#netstat -ant | grep 3128 to see it is listening as well
You can
#top
to be sure DG, Squid and Apache are running.
From there, you can
#cd /usr/local/etc/dansguardian
Look through all the banned files, etc there. You will then understand how things are blocked. I had to go through them and remove almost everything that mentions guns, do to the fact that I do a bit with guns.
One thing for sure, google search will NOT work if in your Google prefs, you have the "safe filter off" >You MUST have the safe filter on for Google search to work with DG.
Point your browser or however you configure for a proxy, in your particular OS. For OS X, go to:
system prefs>network>[pick the interface you are using]>proxies, then put the ip address in and port 8080.
I realize this is rather short and basic, but its all I know. I was disappointed to find there is not much out there that is available by way of help for this.
Please feel free to correct me or add/remove/explain anything I have/havenot included in this. Maybe between all of us, we can get a good tutorial out of this.