SQUIDWALL READMElast change: 2015-03-25 @ 12:53
==================
The english documentation can be found here:
-> http://www.mcmilk.de/wiki/Squidwall
Die deutsche Dokumentation kann hier gefunden werden:
-> http://www.mcmilk.de/wiki/Squidwall_(deutsch)
last change: 2015-03-25 @ 12:53
ENVIRONMENT VARIABLES FOR SQUIDWALL
=====================================
LOG_FILE
- default: "/var/log/squid/squidwall.log"
- contains the filename of the logfile of squidwall
- have to be writeable by the squid user or group
PROXY
- default: "127.0.0.1:3128"
- contains ip:port of the squid webcache
- this cache shouldn't be redirected to squidwall :)
CLAMD
- default "127.0.0.1:3310"
- ip:port of the TCP/IP deamon of clamd
- look for TCPSocket and TCPAddr in clamd.conf
CLAMAV_SOCKET
- default "/var/lib/clamav/clamd.sock"
- look for LocalSocket and FixStaleSocket in clamd.conf
MAX_SIZE
- default: 60000
- max length, which should be send to clamd for scanning
- also the max length, which is used for the content scanning
PFILTER_MAX
- default: 100
LOG_IN
- default: unset
- if set, each incoming request of squid will be logged to squidwall.log
LOG_OUT
- default: unset
- if set, each outcoming answer of squidwall to squid will be logged
REDIR_BADURL
- default: "http://www.example.org/?network=x&reason=url&"
REDIR_BADCONT
- default: "http://www.example.org/?network=x&reason=cont&"
REDIR_BADHOST
- default: "http://www.example.org/?network=x&reason=host&"
REDIR_BADUSER
- default: "http://www.example.org/?network=x&reason=user&"
REDIR_BANNERFOUND
- default: "http://www.example.org/img/t.png"
REDIR_VIRUSFOUND
- default: "http://www.example.org/?network=x&reason=virus&"
REDIR_WEBINTERFACE
- default: "http://$SERVER/inet/"
REDIR_SAFESITE
- default: "http://www.example.org/img/"
HOSTS_DIR
- default: "/etc/squidwall/hosts"
- directory for the hosts definitions
USERS_DIR
- default: "/etc/squidwall/users"
- directory for the username definitions
REDIR_DIR
- default: "/etc/squidwall/redirects"
- directory with symbolic links for redirection purposes
BFILTERS_DIR
- default: "/etc/squidwall/bfilters"
- directory for the definitions of the banner filters
BCFILTERS_DIR
- default: "/etc/squidwall/bcfilters"
- directory for the definitions of the regex.7 banner (http header) filters
BRFILTERS_DIR
- default: "/etc/squidwall/brfilters"
- directory for the definitions of the regex.7 banner (url) filters
CFILTERS_DIR
- default: "/etc/squidwall/cfilters"
- directory for the definitions of the content filters
CRFILTERS_DIR
- default: "/etc/squidwall/crfilters"
- directory for the definitions of the regex.7 content filters
PFILTERS_DIR
- default: "/etc/squidwall/pfilters"
- directory for the definitions of the phrase filter
UFILTERS_DIR
- default: "/etc/squidwall/ufilters"
- directory for the definitions of the url blacklist
URFILTERS_DIR
- default: "/etc/squidwall/urfilters"
- directory for the definitions of the regex.7 url blacklist
WFILTERS_DIR
- default: "/etc/squidwall/wfilters"
- directory for the definitions of the url whitelist
WRFILTERS_DIR
- default: "/etc/squidwall/wrfilters"
- directory for the definitions of the regex.7 url whitelist
0.4klast change: 2015-03-25 @ 12:53
- two new environment variables which can be used for debugging new
configurations or errors
-> $LOG_IN is set to the whole incoming request of squid
-> $LOG_OUT is set to the output given by squidwall
- fixed the new timestamping... strftime sets the last byte to 0 ;)
0.4j
- made the tai64n logging optional, see params.h for details
-> default logging is now done in this format: "%Y-%m-%d %H:%M:%S"
- disabled the debugging @ params.h
0.4i
- fixed warning when compiling md5.c
- added redir_defaultsite, which is used as default rewrite url, when
$REDIR_DEFAULTSITE is set and all wfilter sites failed
-> a simple method for an whitefilter only list
0.4h
- squid url_rewrite_concurrency detection had a bug, which causes problems
on sites beginning with numbers
- this is maybe not the last 0.4 version ;)
0.4g
- use wrfilter @ content level instead @ url level
- this is the last 0.4 version
0.4f
- use socket_tcp4b instead of socket_tcp4
0.4e
- changed the call to write/read in buffer_init()
- added handling of changed squid 2.6 redirector interface
0.4d
- fixed connection error handling
0.4c
- added a small fix, so this version can be used with squid 2.6 now
0.4b
- changed the md5 and sha1 url filters, they use now only the hostname
for comparing
- removed the webinterface from contrib, it may be downloaded seperatly
from http://www.mcmilk.de/projects/squidwall/dl/
0.4a
- added the User-Agent Header in the http request (wikipedia didn't work)
0.4
- fixed bug: when clamd connection fails, no filter was applied
- 2 new url filters: ufilters_md5 and ufilter_sha1
- url shortcuts can be defined @ /etc/squidwall/redirects
- clamav socket support
0.3b
- easy access to the webinterface via http://squidwall/ is now possible
- fixed some compiler warnings
- improved the antivirus scanning
0.3a
- fixed antivirus scanning
- removed documentation, I have a wiki for this now!
0.3
- added some new filter variants
- all filters are defined now @ /etc/squidwall/filters/*
- clamd version is only read, when needed
- added phrase filter
- improved the content scanning et all
- use of the structure list_head (from linux kernel)
- memory usage is much better now :)
0.2a
- splitted the filters directory into different parts:
- url filter with regex.7 expression matching
- url filter with case-insensitive string matching
- content filter with regex.7 expression matching
- content filter with case-insensitive string matching
0.2
- added missing die_nomem() calls
- added url/content regex matching for blacklisting
-> real content scanning
- changed also the naming of some functions
- tested squidwall with 40.000 host entries and 40.000 user entries
-> bad performance ... version 0.3 will change the bad memory usage!
0.1
- tr/2005-06-25
- initial idea and concept
- tr/2005-06-26
- the antivirus scanning works
- user/ip based control isn't done yet
- tr/2005-07-08
- added user/host stuff
- tr/2005-07-11
- added some docs
- released version 0.1
Thanks to those people for success and failure reports, images, code, ideas andlast change: 2015-03-25 @ 12:53
docs.
JP = Jörg Petermann <aktuell@online-netzwerk-lernen.de>
- the two images virus.gif and stop.jpg
last change: 2015-03-25 @ 12:53
- improve the webinterface:
- add more languages to it
- use more / all features of squidwall
- add learning and classifiying of the sqlite cached pages
- add pthread support for squid 2.6 and share the in memory cache (possible?)
last change: 2015-03-25 @ 12:53
- squidwall can only handle "HTTP GET" requests
- it does not scan the whole GET REQUEST, when scanning for viruses
-> only 100K or whatever you set as MAXSIZE is scanned
- pppd statistics (v0.4b)
- editing the hosts (v0.4b)
- editing the hosts acls (v0.4b)
- editing redirections (v0.4b)
- defining user for the webinterface (v0.4b)
- editing @ phrasefilter (v0.3a)
- changing the acl's for a pc group (v0.3a)
- editing the contentfilter - Regex (v0.2)
- Benutzeranmeldung (v0.1)
- Webinterface zur Konfiguration (v0.1)
related projects
- squid homepage
- clamav homepage
- libowfat homepage (required for compiling)
- squid @ freshmeat - other squid related software
![http://www.example.org/img/t.png"](http://www.example.org/img/t.png"){kind=link}
