Posts Categorized: squid

Compiling Dansguardian with Increased MaxChildren


I have three main proxy servers running Squid, Squidguard and DansGuardian servicing over 1300 desktop computers. The stock DansGuardian code includes a setting to limit the number of potential DansGuardian child processes to the operating system file descriptor limits. I have managed to increase this to 900 but would like to push it further. The setting… Read more »

Shell Script Example Squid Logs

I was trying to explain to a colleague a few days ago how a few shell commands can be really useful, when today I came across an example to try to illustrate. My problem was that I had 245 log files each about 70-80MB in size – roughly 4 million lines in each log file…. Read more »

Testing Proxy.pac Files

I decided to do a bit of checking on the proxy.pac file we were using. I grepped through our Apache access log files to pull out all of the IP addresses accessing the file over the year: zgrep “proxy.pac” ./2013-??-??.access_log.gz | awk ‘{print $1}’ |  awk -F “:” ‘{print $2}’ | sort | uniq >… Read more »

Squid Problems

Todays installment in the Adventures of Squid Sandwich: Forwarding loop detected WARNING: Forwarding loop detected for: in /var/log/squid/cache.log Since I am using a DansGuardian sandwich with Squid for bread  I set the unique_hostname in the first Squid conf then in the second Squid conf used a CNAME for the same machine of: unique_hostname… Read more »

SquidGuard LDAP User Search and Special Characters

So I had a problem with the ldapusersearch string as some eejit has created an OU with spaces and an apostrophe in the name. So the characters are represented as: comma %2c space %20 apostrophe %27 For example (entirely fictional organisation): src staff { ldapusersearch  ldap://,dc=domain,dc=uk?sAMAccountName?sub?(&(sAMAccountName=%s)(memberOf=cn=All%20Staff%2cOU=King%27s%20College%20Dublin%2cdc=ads%2cdc=domain%2cdc=uk)) }  

Squid 3 Warning

WARNING: (B) ‘::/0’ is a subnetwork of (A) ‘::/0’ I had this warning when restarting squid 3. I had a line left over from squid 2: acl all src which I had subsequently changed to acl all src all as I received a CIDR warning. So to get rid of the subnetwork warning I… Read more »

Building RPMs for Squid, SquidGuard

Squid Get a few dependencies to get the ball rolling: yum -y groupinstall “Development Tools” yum -y install rpm-build openjade linuxdoc-tools openldap-devel pam-devel openssl-devel httpd rpm-devel expat-devel db4-devel libpcap-devel Browse and find the latest Source RPM for your architecture, then install the sprm e.g. wget rpm -ivh squid*.src.rpm This does not actually install… Read more »

Dansguardian Randomise Rules

If you plan to use or Shalla rules in Dansguardian you may suffer from very slow (or impossible) restarts of the daemon. Dansguardian prefers the rules randomized rather than in alphabetical order. I couldn’t find the randomize lines package in the repos so compiled it first e.g.: wget xzf rl-0.2.7.tar.gzcd rl-0.2.7./configuremakemake install Then… Read more »

Building an RPM Package (DansGuardian 2.10)

After putting together an RPM for DansGuardian v2.10.1.1 I thought I would make a few notes. The version of DansGuardian in the repositories is currently version 2.8 and the only other repo or rpm I could find was a 32-bit 2.10.  Why DansGuardian 2.10? Content Scanning Support with Clamd or Kapersky Regular Expressions to enforce… Read more »