Dansguardian Red Hat Linux Install how-to

From Kathmann Labs

Jump to: navigation, search

[edit] Dansguardian Red Hat Linux Install How-to

NOTE: These are instructions for CentOS, a Red Hat clone. Replace the "yum" command with "up2date" if you are actually using Red Hat.
Go back to the main project page

Install Red Hat / CentOS linux

Install CentOS to a VM

Install Squid cache

  • yum install squid - installs squid on your machine

Install DansGuardian

  • cd /usr/src - change directories into the /usr/src directory (not required, just where I like to keep all of the sources)
  • download DansGuardian - see link for latest downloads
  • tar zxvf dans.tar.gz - substitute dans.tar.gz for the filename of the latest tarball download
  • useradd dansguardian - adds a new user named dansguardian
  • edit /etc/passwd to give dansguardian /sbin/nologin shell - since nobody will be logging into this username, only the server, this helps eliminate the ability for the service to become overly exploited
  • yum install zlib-devel
  • ./configure --runas_usr=dansguardian --runas_grp=dansguardian - setup the Makefile to run the daemon under the dansguardian user and group (note from 2/21/07: using DG version 2.9.8.2beta this configure option is now --with-proxyuser=dansguardian and --with-proxygroup=dansguardian; I also had to use the configure option --disable-pcre)
  • make - compile the source
  • make install - install the binaries

Configure DansGuardian

  • vi /etc/crontab
  • add the line 59 23 * * sun /etc/dansguardian/logrotation - adds a command to rotate the logs into the task scheduler
  • vi /etc/dansguardian/dansguardian.conf
  • change accessdenied webpage from YOURSERVER.YOURSITE to %IPADDRESS% - so that the block pages show up correctly

Add ports to firewall

  • vi /etc/sysconfig/iptables - add the following lines
  • -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 127.0.0.1 --dport 3128 -j ACCEPT
  • -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT

Enable Squid cache and DansGuardian at startup

  • chkconfig --levels 2345 squid on - turns on squid for automatic start on boot in runlevels 2,3,4, and 5
  • chkconfig --levels 2345 dansguardian on - - turns on dansguardian for automatic start on boot in runlevels 2,3,4, and 5

Start the daemons (and restart iptables)

  • /etc/init.d/iptables restart - restarts iptables so new rules take effect
  • /etc/init.d/squid start - starts the squid daemons
  • /etc/init.d/dansguardian start - starts the DansGuardian daemons
Retrieved from "http://www.kathmannlabs.net/mediawiki/index.php/Dansguardian_Red_Hat_Linux_Install_how-to"
Personal tools
extras