Patches item #443901, was opened at 2001-07-23 12:48 You can respond by visiting: http://sourceforge.net/tracker/?func=detail&atid=313751&aid=443901&group_id=13751 Category: packages Group: None Status: Open Resolution: None Priority: 5 Submitted By: Mike Noyes (mhnoyes) Assigned to: Nobody/Anonymous (nobody) Summary: squid 2.3 STABLE4 and squidGuard 1.1.4 Initial Comment: I've been using LRP for a few month now and I'm very happy with it. It's very easy to learn, and because it's so small you it's so easy to maintain. But as with many other thing after some time I needed more funcionality. I needed a way to give users selectivly access to web sites. Some user were allowed to have unrestricted access, others only a few predefined sites. This was not everything I also didn't want to go and change any of the settings in the browsers if it was not absolutly necisary. What I needed was transparent proxying. After some searching I found the tools with which I could get this to work What you need is: * LRP. I was allreasy using it so it seemd to right choice. * squid (version 2.3 STABLE4). This is a http cache server. * squidGuard (version 1.1.4). This is for granting users selectivly access to web sites. Download the squid and squidGuard packages here (about 1 mb). Brief instructions For the LRP machine you need a hd because if you're going to run a cache server you're going to need to store those files. Also the squid executable is rather large. I don't now why this is. I'm guessing it's because squid is staticly linked, but I don't now how to change this so you'll have to live with it. What you need to do is get LRP to boot from hd. I use loadlinux and a small msdos partition. A lot of information can be found on Charles Steinkuehler's LRP Website. Most of the things you need come from this excellent site. The base system I've used is EigerStein2BETA. The kernel with IDE support, and the hdsupp packages can be download here. You also need the ext2.o module (I use this filesystem to put the squid cache files on). Boot LRP and use fdisk (found in the hdsupp packages) to create a second partition for the ext2 filesystem. It goes something like this: fdisk. n (add a new partition) p (primary partition) 2 (for second patition, change if needed for you're setup) w (write table back to disk). Next create the filesystem: mke2fs /dev/hda2 When you've succesfully done this go to the file /etc/init.d/squid and search for the string SQUID_HD="" change this in SQUID_HD="/dev/hda2" Backup the squid-2 packages and reboot. squid should now be using the hd for it's cache file and logging. The setup files can be accessed using the lrp menu system. Read the documentation carefully on the squid site. The current local network is 172.16.0.0/12 if this is not the same for you change this in the squid config file (menu item 1). The current acl settings are to allways try a ident lookup (This is needed to detect who is accessing squid). To turn this off remove the line "acl ident ident - REQUIRED" and change the line "http_access allow internalhosts ident" to "http_access allow internalhosts". And last remove the line "ident_lookup_access allow all". You can find it near the end of the file. Next don't forget to setup squidGuard (the current settings are to allow all sites). More information can be found on the squidGuard site. The log files and the cache can be found in the directory /var/squid. This is also the point were the ext2 partition is mounted. I think I've forgoten dozens of things but for now you'll have to do with it. The current settings aren't tested really well, so good luck and have fun. 5 december 2000 Yvo Nelemans ([EMAIL PROTECTED]) ---------------------------------------------------------------------- You can respond by visiting: http://sourceforge.net/tracker/?func=detail&atid=313751&aid=443901&group_id=13751 _______________________________________________ Leaf-devel mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/leaf-devel
