Install squid
Squid is a proxy server and web cache daemon. It has a wide variety of uses, from speeding up a web server by caching repeated requests; to caching web, DNS and other computer network lookups for a group of people sharing network resources; to aiding security by filtering traffic. Although primarily used for HTTP and FTP and limited support TLS, SSL, HTTPS
Web proxy caching is a way to store requested Internet objects (e.g. data like web pages) available via the HTTP, FTP, and Gopher protocols on a system closer to the requesting site. Web browsers can then use the local Squid cache as a proxy HTTP server, reducing access time as well as bandwidth consumption. This is often useful for Internet service providers to increase speed to their customers, and LANs that share an Internet connection. Because it is also a proxy (i.e. it behaves like a client on behalf of the real client).
It can provide some anonymity and security. However, it also can introduce significant privacy concerns as it can log a lot of data including URLs requested, the exact date and time, the name and version of the requester’s web browser and operating system, and the referrer.
A client program (e.g. browser) either has to specify explicitly the proxy server it wants to use (typical for ISP customers), or it could be using a proxy without any extra configuration: “transparent caching”, in which case all outgoing HTTP requests are intercepted by Squid and all responses are cached. The latter is typically a corporate set-up (all clients are on the same LAN) and often introduces the privacy concerns mentioned above.
Squid has some features that can help anonymize connections, such as disabling or changing specific header fields in a client’s HTTP requests. Whether these are set, and what they are set to do, is up to the person who controls the computer running Squid. People requesting pages through a network which transparently uses Squid may not know whether this information is being logged. Within UK organisations at least, users should be informed if computers or internet connections are being monitored.
It is possible for a single Squid server to serve both as a normal and a reverse proxy simultaneously. For example, a business might host its own website on a web server, with a Squid server acting as a reverse proxy between clients (customers accessing the website from outside the business) and the web server. The same Squid server could act as a classical web cache, caching HTTP requests from clients within the business (i.e., employees accessing the internet from their workstations), so accelerating web access and reducing bandwidth demands.
install rmpforge packages
#wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
#rpm –Uvh rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
#yum install squid
#vi /etc/squid/squid.conf
acl CONNECT method CONNECT
acl lan src 192.168.31.0/24
http_access allow localhost
http_access allow lan
http_port 3128
request_header_access Referer deny all
request_header_access X-Forwarded-For deny all
request_header_access Via deny all
request_header_access Cache-Control deny all
visible_hostname proxy.sathish.com
forwarded_for off
#service squid restart
#chkconfig squid on
now i tried to open a http://www..sathish.com in the browser of my client machine its shows
add your proxy ip address and poxy port in the network setting of the client browser.
Install clamAV
ClamAV is an open source (GPL) antivirus engine designed for detecting Trojans, viruses, malware and other malicious threats. It is the de facto standard for mail gateway scanning. It provides a high performance mutli-threaded scanning daemon, command line utilities for on demand file scanning, and an intelligent tool for automatic signature updates. The core ClamAV library provides numerous file format detection mechanisms, file unpacking support, archive support, and multiple signature languages for detecting threats
#yum –enablerepo=rpmforge -y install clamav
#vi /etc/freshclam.conf
#Clamd /etc/clamd.conf
To update the antivrus use the following command
#freshclam
Scan any of the folder in your machine
#clamscan –infected –remove –recursive /home
Install Clamd
clamd – an anti-virus daemon
The daemon listens for incoming connections on Unix and/or TCP socket and scans files or directories on demand. It reads the configuration from /etc/clamd.conf
#yum –enablerepo=rpmforge install clamd
#service clamd start
#chkconfig clamd on
Install c-icap
c-icap is an implementation of an ICAP server. It can be used with HTTP proxies that support the ICAP protocol to implement content adaptation and filtering services.Most of the commercial HTTP proxies must support the ICAP protocol.Web antivirus service, using the clamav open-source antivirus engine basic URL filtering service.
#wget http://ftp.jaist.ac.jp/pub/sourceforge/c/project/c-/c-icap/c-icap/0.1.x/c_icap-0.1.6.tar.gz
#tar zxvf c_icap-0.1.6.tar.gz
#cd c_icap-0.1.6
#./configure
#make
#make install
#cd
#cp /usr/local/etc/c-icap.conf /etc
#vi /etc/c-icap.conf
ServerAdmin root@sathish.com
ServerName proxy.sathish.com
Service squidclamav squidclamav.so
#vi /etc/rc.d/init.d/c-icap
#!/bin/bash
# c-icap: Start/Stop c-icap
# chkconfig: – 70 30
# description: c-icap is an implementation of an ICAP server.
# processname: c-icap
# pidfile: /var/run/c-icap/c-icap.pid
. /etc/rc.d/init.d/functions
. /etc/sysconfig/network
CONFIG_FILE=/etc/c-icap.conf
PID_DIR=/var/run/c-icap
RETVAL=0
start() {
echo -n $”Starting c-icap: ”
daemon /usr/local/bin/c-icap -f $CONFIG_FILE
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/c-icap
return $RETVAL
}
stop() {
echo -n $”Stopping c-icap: ”
killproc c-icap
rm -f /var/run/c-icap/c-icap.ctl
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f $PID_DIR/c-icap.pid /var/lock/subsys/c-icap
return $RETVAL
}
case “$1″ in
start)
start
;;
stop)
stop
;;
status)
status c-icap
;;
restart)
stop
start
;;
*)
echo $”Usage: $0 {start|stop|status|restart}”
exit 1
esac
exit $?
#chmod 755 /etc/rc.d/init.d/c-icap
Install squidclamav
#tar zxvf squidclamav-6.3.tar.gz
#cd squidclamav-6.3
#./configure
#make
#make install
#cd
#vi /etc/squidclamav.conf
redirect http://www.sathish.com/error.html
clamd_local /var/run/clamav/clamd.sock
#/etc/rc.d/init.d/c-icap start
#chkconfig –add c-icap
#chkconfig c-icap on
Add the following lines in the end of the conf file
#vi /etc/squid/squid.conf
icap_enable on
icap_send_client_ip on
icap_send_client_username on
icap_client_username_header X-Authenticated-User
icap_service service_req reqmod_precache bypass=1 icap://127.0.0.1:1344/squidclamav
adaptation_access service_req allow all
icap_service service_resp respmod_precache bypass=1 icap://127.0.0.1:1344/squidclamav
adaptation_access service_resp allow all
#/etc/rc.d/init.d/squid restart
Install SquidGuard
#yum –enablerepo=rpmforge -y install squidguard
#mv /etc/squid/squidguard.conf /etc/squid/squidguard.conf.bk
#vi /etc/squid/squidguard.conf
dbhome /var/lib/squidguard/db
logdir /var/log/squidguard
dest deny {
domainlist deny/domains
urllist deny/urls
}
acl {
default {
pass !deny all
redirect http://www.sathish.com/error.html
}
}
#mkdir /var/log/squidGuard
#mkdir -p /var/lib/squidGuard/db/deny
#vi /var/lib/squidGuard/db/deny/domains
# write domains you’d like to prohibit to access
yahoo.co.in
example.com
#vi /var/lib/squidGuard/db/deny/urls
#write URLs you’d like to prohibit to access
#squidGuard -C all
#chown -R squid. /var/lib/squidGuard/db/deny
#vi /etc/squidclamav.conf
squidguard /usr/bin/squidguard
#/etc/rc.d/init.d/c-icap restart
Install DansGuardian
DansGuardian is an award winning Open Source web content filter which currently runs on Linux, FreeBSD, OpenBSD, NetBSD, Mac OS X, HP-UX, and Solaris. It filters the actual content of pages based on many methods including phrase matching, PICS filtering and URL filtering. It does not purely filter based on a banned list of sites like lesser totally commercial filters.
DansGuardian is designed to be completely flexible and allows you to tailor the filtering to your exact needs. It can be as draconian or as UN obstructive as you want. The default settings are geared towards what a primary school might want but DansGuardian puts you in control of what you want to block.
#yum –enablerepo=rpmforge -y install dansguardian
#vi /etc/dansguardian/dansguardian.conf
filterport = 8080
proxyport = 3128
#/etc/rc.d/init.d/dansguardian start
#chkconfig dansguardian on
#vi /etc/dansguardian/lists/bannedsitelist
yahoo.co.in
#/etc/rc.d/init.d/dansguardian restart
now i tried to open the http://www.sathish.com in my browser show its banned site
