Virtual Architects Support Wiki

User Tools

Site Tools

You are here: start » networking » linux » qlproxy
Trace:
networking:linux:qlproxy

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
networking:linux:qlproxy [2011/12/24 14:54]
gcooper 		networking:linux:qlproxy [2011/12/24 15:38] (current)
gcooper
Line 14: Line 14:
  
 http://issues.quintolabs.com/trac/quintolabs_qlicap/wiki/QlicapDocsInstall http://issues.quintolabs.com/trac/quintolabs_qlicap/wiki/QlicapDocsInstall
 +
 +==== Install System ====
 +
 +[[computing:linux:minimal_centos_install|Minimal CentOS Install]]
 +
 +This may work on either 32-bit or 64-bit systems.
 +
 +==== Install Requirements ====
  
 <file> <file>
-yum install wget squid+yum install wget system-config-firewall-tui squid httpd php
  
 +chkconfig squid on
 +chkconfig httpd on
 +</file> 
 +
 +==== Configure Firewall ====
 +
 +Open HTTP (**80**), HTTPS (**443**) and add a custom port **3128** (tcp protocol).
 +
 +<file>
 +system-config-firewall-tui
 +</file>
 +
 +==== Install QuintoLabs Content Security ====
 +
 +<file>
 wget http://www.quintolabs.com/qlproxy/binaries/1.4.2/qlproxy-1.4.2-32d12.i386.rpm wget http://www.quintolabs.com/qlproxy/binaries/1.4.2/qlproxy-1.4.2-32d12.i386.rpm
  
 yum --nogpgcheck localinstall qlproxy-1.4.2-32d12.i386.rpm yum --nogpgcheck localinstall qlproxy-1.4.2-32d12.i386.rpm
 </file> </file>
 +
 +==== Selinux ====
 +
 +Set to permissive for now:
 +
 +<file>
 +vi /etc/selinux/config
 +</file>
 +
 +==== Configure Squid ====
  
 <file> <file>
 vi /etc/squid/squid.conf vi /etc/squid/squid.conf
  
-http_access allow localnet +http_access allow localnet              #verify exists 
-acl localnet src 192.168.0.0/16+acl localnet src 192.168.0.0/16         #verify exists 
 visible_hostname       proxy visible_hostname       proxy
 +
 +icap_enable on
 +icap_preview_enable on
 +icap_preview_size 4096
 +icap_persistent_connections on
 +icap_send_client_ip on
 +icap_send_client_username on
 +icap_service qlproxy1 reqmod_precache bypass=0 icap://127.0.0.1:1344/reqmod
 +icap_service qlproxy2 respmod_precache bypass=0 icap://127.0.0.1:1344/respmod
 +adaptation_access qlproxy1 allow all
 +adaptation_access qlproxy2 allow all
 </file> </file>
 +
 +==== Configure Web Server ====
  
 <file> <file>
-chkconfig squid on +cat << EOF >> /etc/httpd/conf.d/qlproxy.conf
-service squid start +
-</file+
  
 +#
 +# This is /etc/httpd/conf.d/qlproxy.conf
 +#
 +
 +Alias /qlproxy /var/opt/quintolabs/qlproxy/www
 +   <Directory /var/opt/quintolabs/qlproxy/www >
 +        Options FollowSymLinks
 +        AllowOverride None
 +   </Directory>
 +
 +EOF
 +</file>
  
 +**Now reboot!**
networking/linux/qlproxy.1324763666.txt.gz · Last modified: 2011/12/24 14:54 by gcooper

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki