ที่มา : kathmannlabs.net

 
NOTE: These are instructions for CentOS, a Red Hat clone. Replace the "yum" command with "up2date" if you are actually using Red Hat.
Go back to the main project page

Install Red Hat / CentOS linux

Install CentOS to a VM

Install Squid cache

  • yum install squid – installs squid on your machine

Install DansGuardian

  • cd /usr/src – change directories into the /usr/src directory (not required, just where I like to keep all of the sources)
  • download DansGuardian – see link for latest downloads
  • tar zxvf dans.tar.gz – substitute dans.tar.gz for the filename of the latest tarball download
  • useradd dansguardian – adds a new user named dansguardian
  • edit /etc/passwd to give dansguardian /sbin/nologin shell – since nobody will be logging into this username, only the server, this helps eliminate the ability for the service to become overly exploited
  • yum install zlib-devel
  • ./configure –runas_usr=dansguardian –runas_grp=dansguardian – setup the Makefile to run the daemon under the dansguardian user and group (note from 2/21/07: using DG version 2.9.8.2beta this configure option is now –with-proxyuser=dansguardian and –with-proxygroup=dansguardian; I also had to use the configure option –disable-pcre)
  • make – compile the source
  • make install – install the binaries

Configure DansGuardian

  • vi /etc/crontab
  • add the line 59 23 * * sun /etc/dansguardian/logrotation – adds a command to rotate the logs into the task scheduler
  • vi /etc/dansguardian/dansguardian.conf
  • change accessdenied webpage from YOURSERVER.YOURSITE to %IPADDRESS% – so that the block pages show up correctly

Add ports to firewall

  • vi /etc/sysconfig/iptables – add the following lines
  • -A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp -s 127.0.0.1 –dport 3128 -j ACCEPT
  • -A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 8080 -j ACCEPT

Enable Squid cache and DansGuardian at startup

  • chkconfig –levels 2345 squid on – turns on squid for automatic start on boot in runlevels 2,3,4, and 5
  • chkconfig –levels 2345 dansguardian on – – turns on dansguardian for automatic start on boot in runlevels 2,3,4, and 5

Start the daemons (and restart iptables)

  • /etc/init.d/iptables restart – restarts iptables so new rules take effect
  • /etc/init.d/squid start – starts the squid daemons
  • /etc/init.d/dansguardian start – starts the DansGuardian daemons