Fedora 15: Setup Proxy Server
OS : Fedora 15 (Lovelock)
Packages : Fedora Repositories
//——————//
// INSTALLING squid //
//——————//
[root@localhost tj]# yum install squid
<…>
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
squid x86_64 7:3.1.11-1.fc15 fedora 1.7 M
Installing for dependencies:
perl-AnyEvent noarch 5.27-4.fc15 fedora 319 k
perl-AnyEvent-AIO noarch 1.1-6.fc15 fedora 8.1 k
perl-AnyEvent-BDB noarch 1.1-5.fc15 fedora 8.2 k
perl-Async-MergePoint noarch 0.03-5.fc15 fedora 19 k
perl-BDB x86_64 1.88-3.fc15 fedora 84 k
perl-Compress-Raw-Bzip2 x86_64 2.033-2.fc15 fedora 32 k
perl-Compress-Raw-Zlib x86_64 2.033-4.fc15 fedora 59 k
perl-Coro x86_64 5.25-4.fc15 fedora 221 k
perl-Crypt-DES x86_64 2.05-13.fc15 fedora 19 k
perl-Curses x86_64 1.28-2.fc15 fedora 108 k
perl-DBI x86_64 1.616-2.fc15 fedora 781 k
perl-Event x86_64 1.12-6.fc15 fedora 288 k
perl-Event-Lib x86_64 1.03-14.fc15 fedora 53 k
perl-Glib x86_64 1.223-2.fc15 fedora 370 k
perl-Guard x86_64 1.021-4.fc15 fedora 18 k
perl-HTML-Parser x86_64 3.68-3.fc15 fedora 111 k
perl-HTML-Tagset noarch 3.20-7.fc15 fedora 17 k
perl-Heap noarch 0.80-8.fc15 fedora 46 k
perl-IO-AIO x86_64 3.71-1.fc15 fedora 97 k
perl-IO-Async noarch 0.29-4.fc15 fedora 159 k
perl-IO-Compress noarch 2.033-2.fc15 fedora 223 k
perl-IO-Tty x86_64 1.10-1.fc15 fedora 41 k
perl-MD5 noarch 2.03-8.fc15 fedora 8.3 k
perl-Net-Daemon noarch 0.44-11.fc15 fedora 49 k
perl-Net-SSLeay x86_64 1.36-4.fc15 fedora 173 k
perl-POE noarch 1.289-4.fc15 fedora 580 k
perl-Perlilog noarch 0.3-7.fc15 fedora 61 k
perl-PlRPC noarch 0.2020-6.fc15 fedora 34 k
perl-Socket-GetAddrInfo x86_64 0.16-3.fc15 fedora 32 k
perl-Socket6 x86_64 0.23-6.fc15 fedora 23 k
perl-TermReadKey x86_64 2.30-12.fc15 fedora 31 k
perl-URI noarch 1.56-2.fc15 fedora 102 k
perl-common-sense noarch 3.3-2.fc15 fedora 23 k
perl-libwww-perl noarch 5.837-3.fc15 fedora 383 k
Transaction Summary
================================================================================
Install 35 Package(s)
Total download size: 6.2 M
Installed size: 17 M
Is this ok [y/N]:
<…>
//——————————————————–//
// INSTALLING dansguardian and clamav-server (dependancy) //
//——————————————————–//
[root@localhost tj]# yum install dansguardian
<…>
=====================================================================================================================================
Package Arch Version Repository Size
=====================================================================================================================================
Installing:
dansguardian x86_64 2.10.1.1-4.fc13 fedora 445 k
Installing for dependencies:
clamav-data-empty noarch 0.97-1500.fc15 updates-testing 14 k
clamav-filesystem noarch 0.97-1500.fc15 updates-testing 14 k
clamav-lib x86_64 0.97-1500.fc15 updates-testing 3.3 M
clamav-server x86_64 0.97-1500.fc15 updates-testing 85 k
fedora-usermgmt noarch 0.11-1406.fc15 fedora 8.9 k
fedora-usermgmt-core noarch 0.11-1406.fc15 fedora 10 k
fedora-usermgmt-default-fedora-setup noarch 0.11-1406.fc15 fedora 8.7 k
fedora-usermgmt-shadow-utils noarch 0.11-1406.fc15 fedora 9.7 k
Transaction Summary
=====================================================================================================================================
Install 9 Package(s)
Total download size: 3.9 M
Installed size: 38 M
Is this ok [y/N]:
<…>
//————————–//
// TESTING THE PROXY SERVER //
//————————–//
//Set Firefox Web Browser Proxy Configuration
Manual Proxy Configuration = True
HTTP Proxy = 127.0.0.1:8080
Use this proxy server for all protocals
//Start required services
[root@localhost tj]# systemctl start squid.service
[root@localhost tj]# systemctl start dansguardian.service
//You may need to set SElinux to permissive mode if you encounter problem related to SElinux policy
[root@localhost tj]# setenforce permissive
//Try to browse any website that might be denied by proxy server
//————————————————//
// Enable DansGuardian Content Scanners Feature //
//————————————————//
[root@localhost tj]# vi /etc/dansguardian/dansguardian.conf
contentscanner = ‘/etc/dansguardian/contentscanners/clamdscan.conf’ <– uncomment this line
//refer to /etc/clamd.d/dansguardian.conf for path to a local socket file the ClamD daemon will listen on
[root@localhost tj]# vi /etc/dansguardian/contentscanners/clamdscan.conf
clamdudsfile = ‘/var/run/clamd.dansguardian/clamd.sock’ <– uncomment this line
// *Prepare clamd*
// when I issue
// [root@localhost tj]# systemctl restart clamd.dansguardian.service
// I found the following error message in /var/log/messages
// Mar 6 17:27:39 localhost clamd[16463]: Can’t save PID in file /var/run/clamd.dansguardian/clamd.pid
//
//It seems that clamd daemon do not respect configuration
// PidFile /var/run/dansguardian/clamd.pid
//in /etc/clamd.d/dansguardian.conf
//see /usr/share/clamav/clamd-wrapper that may cause this problem
[root@localhost tj]# mkdir /var/run/clamd.dansguardian
[root@localhost tj]# chown dansguardian:dansguardian /var/run/clamd.dansguardian
[root@localhost tj]# vi /etc/clamd.d/dansguardian.conf
PidFile /var/run/clamd.dansguardian/clamd.pid
LocalSocket /var/run/clamd.dansguardian/clamd.sock
//Download clamd database
[root@localhost tj]# wget http://db.local.clamav.net/main.cvd
[root@localhost tj]# wget http://db.local.clamav.net/daily.cvd
[root@localhost tj]# wget http://db.local.clamav.net/bytecode.cvd
[root@localhost tj]# wget http://db.local.clamav.net/safebrowsing.cvd
//Move download database files to /var/lib/clamav
[root@localhost tj]# mv *.cvd /var/lib/clamav
//Change ownership of those files to dansguardian:dansguardian
[root@localhost tj]# chown dansguardian:dansguardian /var/lib/clamav/*.cvd
//Restart required services
[root@localhost tj]# systemctl restart dansguardian.service
[root@localhost tj]# systemctl restart clamd.dansguardian.service
yunustj
