2,569
edits
Changes
Jump to navigation
Jump to search
Line 40:
Line 40: − + − + − + − Instal the rpms+ − rpm -Uvh *.rpm+ − − − Alternatively you can add the dungog repository & use yum --enablerepo to download & install − − Add the dungog repository from dungog.net (with status disabled as recommended by sme developers) with the following command: − − db yum_repositories set dungog repository BaseURL <nowiki>http://sme.dungog.net/packages/smeserver/7.0/i386/dungog/</nowiki> EnableGroups yes GPGCheck no Name 'SME Server 7 - dungog' Visible yes status disabled − − (the above command should all be on one line) − expand-template /etc/yum.conf − Then download & install the packages+ + − + − + − Line 194:
Line 184: − + − + − + − + − − − − − + − + − + − + − − − − Line 227:
Line 209: − + Line 233:
Line 215: − + − + − + − or+ − − − − or − − − + − + − + − svc -t /service/squid − + Line 271:
Line 246: − + − http://dansguardian.org/downloads/michaelpike/DGID.zip+
use {{Repository|Dungog}}, indent code etc
Download the required rpms into an empty folder on your sme server using the Linux wget command
Download the required rpms into an empty folder on your sme server using the Linux wget command
wget <nowiki>http://mirror.contribs.org/smeserver/contribs/rmitchell/smeserver/contribs/dansguardian/rpms/2.9.8-2/dansguardian-2.9.8-2.noarch.rpm</nowiki>
wget <nowiki>http://mirror.contribs.org/smeserver/contribs/rmitchell/smeserver/contribs/dansguardian/rpms/2.9.8-2/dansguardian-2.9.8-2.noarch.rpm</nowiki>
wget <nowiki>http://mirror.contribs.org/smeserver/contribs/rmitchell/smeserver/contribs/dansguardian/rpms/2.9.8-2/smeserver-dansguardian-2.9-3.el4.sme.noarch.rpm</nowiki>
wget <nowiki>http://mirror.contribs.org/smeserver/contribs/rmitchell/smeserver/contribs/dansguardian/rpms/2.9.8-2/smeserver-dansguardian-2.9-3.el4.sme.noarch.rpm</nowiki>
wget <nowiki>http://mirror.contribs.org/smeserver/contribs/rmitchell/smeserver/contribs/dansguardian/rpms/2.8.0.6/dungog-blacklists-1.0-20061002.noarch.rpm</nowiki>
wget <nowiki>http://mirror.contribs.org/smeserver/contribs/rmitchell/smeserver/contribs/dansguardian/rpms/2.8.0.6/dungog-blacklists-1.0-20061002.noarch.rpm</nowiki>
Install the rpms
yum localinstall *.rpm
Alternatively you can add the dungog repository
{{Repository|Dungog}}
yum --enablerepo=dungog install dansguardian smeserver-dansguardian dungog-blacklists pcre
yum --enablerepo=dungog install dansguardian smeserver-dansguardian dungog-blacklists pcre
To view available updates
To view available updates
yum --enablerepo=dungog list updates
yum --enablerepo=dungog list updates
==='''Modifying Dansguardian configuration'''===
==='''Modifying Dansguardian configuration'''===
'''1) Configure your sme server to use Transparent Proxy port 8080 and to block direct access to the squid proxy port 3128 & redirect port 80 to port 8080'''
'''1) Configure your sme server to use Transparent Proxy port 8080 and to block direct access to the squid proxy port 3128 & redirect port 80 to port 8080'''
Note the functionality to create custom firewall rules using iptables is built in to the rpms provided by Stephen Noble
Note the functionality to create custom firewall rules using iptables is built in to the rpms provided by http://www.dungog.net
config setprop squid TransparentPort 8080
config setprop squid TransparentPort 8080
config setprop dansguardian portblocking yes
config setprop dansguardian portblocking yes
signal-event post-upgrade; signal-event-reboot
signal-event post-upgrade
reboot
To return Transparent Proxy port to default value and to disable portblocking
To return Transparent Proxy port to default value and to disable portblocking
config delprop squid TransparentPort 3128
config delprop squid TransparentPort 3128
config delprop dansguardian portblocking
config delprop dansguardian portblocking
signal-event post-upgrade; signal-event-reboot
signal-event post-upgrade
reboot
'''2) Configure your workstation web browser to auto detect proxy port'''
'''2) Configure your workstation web browser to auto detect proxy port'''
==='''Configuring Dansguardian to use Auth login'''===
==='''Configuring Dansguardian to use Auth login'''===
This functionality is built in to the rpms provided by Stephen Noble & requires enabling with a db command
This functionality is built in to the rpms provided by http://www.dungog.net & requires enabling with a db command
Dansguardian supports different types of auth login ie nsca, pam & ident
Dansguardian supports different types of auth login ie nsca, pam & ident
Depending on your requirements, enable using the appropriate command. Most users of sme will probably use pam auth as that will authorise access against sme users and passwords.
Depending on your requirements, enable using the appropriate command. Most users of sme will probably use pam auth as that will authorise access against sme users and passwords.
For details regarding the various auth login methods & other configuration requirements, see http://dansguardian.org or Google
For details regarding the various auth login methods & other configuration requirements, see http://dansguardian.org or Google, select one
config setprop squid RequireAuth pam
config setprop squid RequireAuth pam
config setprop squid RequireAuth nsca
config setprop squid RequireAuth ident
config setprop squid RequireAuth nsca
config setprop squid RequireAuth ident
To disable Auth login
To disable Auth login
config delprop squid RequireAuth
config delprop squid RequireAuth
To enable any of the above setting changes you must follow the command with:
To enable any of the above setting changes you must follow the command with:
expand-template /etc/squid/squid.conf
expand-template /etc/squid/squid.conf
sv t /service/squid
If you are using nsca auth, create the user & password authentication list (you don't require users to be valid sme users)
If you are using nsca auth, create the user & password authentication list (you don't require users to be valid sme users)
touch /home/e-smith/db/proxyusers
touch /home/e-smith/db/proxyusers
Enter user names & password combinations one by one using this command
Enter user names & password combinations one by one using this command
You will see a ERR or OK response
You will see a ERR or OK response
If you are using ident auth, you will require a ident client/server on your workstation available from:
If you are using ident auth, you will require a ident client/server on your workstation. One windows ident client is available from:
https://sourceforge.net/projects/retinascan