====== Quinto Labs Content Security ======

Web filtering for the Squid proxy

http://www.quintolabs.com

http://www.quintolabs.com/support_center.php

===== Howto =====

http://www.howtoforge.com/tiny-web-proxy-and-content-filtering-appliance-on-centos-6-version-1.4

===== Installation =====

http://issues.quintolabs.com/trac/quintolabs_qlicap/wiki/QlicapDocsInstall

==== Install System ====

[[computing:linux:minimal_centos_install|Minimal CentOS Install]]

This may work on either 32-bit or 64-bit systems.

==== Install Requirements ====

<file>
yum install wget system-config-firewall-tui squid httpd php

chkconfig squid on
chkconfig httpd on
</file> 

==== Configure Firewall ====

Open HTTP (**80**), HTTPS (**443**) and add a custom port **3128** (tcp protocol).

<file>
system-config-firewall-tui
</file>

==== Install QuintoLabs Content Security ====

<file>
wget http://www.quintolabs.com/qlproxy/binaries/1.4.2/qlproxy-1.4.2-32d12.i386.rpm

yum --nogpgcheck localinstall qlproxy-1.4.2-32d12.i386.rpm
</file>

==== Selinux ====

Set to permissive for now:

<file>
vi /etc/selinux/config
</file>

==== Configure Squid ====

<file>
vi /etc/squid/squid.conf

http_access allow localnet              #verify exists
acl localnet src 192.168.0.0/16         #verify exists

visible_hostname       proxy

icap_enable on
icap_preview_enable on
icap_preview_size 4096
icap_persistent_connections on
icap_send_client_ip on
icap_send_client_username on
icap_service qlproxy1 reqmod_precache bypass=0 icap://127.0.0.1:1344/reqmod
icap_service qlproxy2 respmod_precache bypass=0 icap://127.0.0.1:1344/respmod
adaptation_access qlproxy1 allow all
adaptation_access qlproxy2 allow all
</file>

==== Configure Web Server ====

<file>
cat << EOF >> /etc/httpd/conf.d/qlproxy.conf

#
# This is /etc/httpd/conf.d/qlproxy.conf
#

Alias /qlproxy /var/opt/quintolabs/qlproxy/www
   <Directory /var/opt/quintolabs/qlproxy/www >
        Options FollowSymLinks
        AllowOverride None
   </Directory>

EOF
</file>

**Now reboot!**