企業解決方案實踐squid+squidGuard+sarg+clamav+mrtg
前不久為公司做了一個Squid Proxy Server測試,達到以下要求,供大家參考
1:NT4.0域用戶認證, 只部分用戶上internet網, 全部用戶能上公司intranet.
2:網站過濾
3:on-access 防病毒, 病毒庫升級速度快.
4:上網記錄分析. 可以為經理級人員提供相關員工上網記錄分析. 需密碼驗證.
5:mrtg流量分析
因為以下英文較簡單,就沒必要轉成中文了
硬體配置
找了DELL台式機GX270,內存增至1GRAM, 一張網卡,放在公司firewall後邊,default gateway設成firewall address
Redhat Linux 9.0 Installation
1:Insert the boot diskette into CD drive and reboot, Your BIOS settings may need to be changed to allow you to boot from the diskette or CD-ROM. After a short delay, a screen containing the boot: prompt should appear. Press ENTER continuous, Click Skip when prompt you to test the CD media.
2:Using your mouse select the relative option refer to the following for the installation:
Language Selection: English (English)
Keyboard Configuration: U.S. English
Mouse Configuration: PS/2
Installation Type: Server
Disk Partitioning Setup: Manually Partition with Disk Druid.
File System (ext3) Size Description
/boot 150MB
<swap>; 2048MB
/ 5000MB
/var Remained space For proxy log
/cache1 10000MB For proxy cache
/cache2 10000MB For proxy cache
3:Boot Loader Configuration:
Network Configuration:
Eth0
IP address 10.160.1.114
submask 255.255.252.0
Gateway 10.160.1.10
Primary DNS 10.160.1.1
10.160.1.3
Firewall Configuration: No Firewall
Additional language support: English (USA)
Time Zone Selection: Asia/ShangHai
Set Root Password: xxxxxxxx
Package Group Selection (included the following only):
Applications: Editors: Vim-enhanced only
Text-base Internet: Add Lynx
Servers: Server configuration tools: Default
Web Server: move squid only
Network Servers: Telnet-server only
Development tools: Default
Proceed with Install
Do not create boot disk
Install will complete and system will reboot.
《解決方案》
企業解決方案實踐squid+squidGuard+sarg+clamav+mrtg
Logon as root,add user: support,squid
#useradd -c "Remote support User" support
#passwd support
#useradd -g squid -s /bin/false -c "For Squid Only" squid
#chown –R squid.squid /cache1
#chown –R squid.squid /cache2
#chmod 770 /cache1
#chmod 770 /cache2
#mkdir /etc/squid
#vi /etc/rc.d/rc.local add: 因為公司DHCP的默認網關不是默認gateway,而是另外一台路由器,故在此增加本地路由
echo "" >;/etc/issue
echo "" >;/etc/issue.net
/sbin/hdparm -c 1 /dev/hda
touch /var/lock/subsys/local
/sbin/ip route add 10.0.0.0/8 via 10.160.1.21
/sbin/ip route add 172.160.0.0/12 via 10.160.1.21
/sbin/ip route add 192.168.0.0/16 via 10.160.48.21
#vi /etc/hosts add:在些增加內部某些主機的IP映射, 如下要用到的域名伺服器, 可以多域.
Compile and Install Squid-2.5.STABLE7
Download squid2.5Stable7 and save it to /usr/local/src after connect internet:
#wget http://www.squid-cache.org/Versions/v2/2.5/squid-2.5.STABLE7.tar.gz
#tar zxvf squid-2.5STABLE7.tar.gz
#./configure --prefix=/usr/local/squid --sysconfdir=/etc/squid --enable-auth=ntlm --enable-ntlm-auth-helpers=SMB --disable-internal-dns --enable-storeio=aufs,ufs --with-aufs-threads=32 --enable-cache-digests --enable-underscores --enable-removal-policies
#make
#make install
#make clean
#strip /usr/local/squid/sbin/squid
#strip /usr/local/squid/bin/squidclient
#strip /usr/local/squid/libexec/dnsserver
#strip /usr/local/squid/libexec/unlinkd
#strip /usr/local/squid/libexec/cachemgr.cgi
Delete Squid-2.5.STABLE7 folder and Squid-2.5.STABLE7.tar.gz
#mkdir /var/log/squid
#chown -R squid.squid /var/log/squid
Move the cache manager program to /var/www/cgi-bin/
#mv /usr/lib/squid/cachemgr.cgi /var/www/cgi-bin/cachemgr.cgi
Start the http and squid proxy server automatically during boot
#cp /usr/local/squid/sbin/squid /etc/init.d/squid
#ln –s /etc/rc.d/init.d/http /etc/rc3.d/S86httpd
#ln –s /etc/rc.d/init.d/squid /etc/rc3.d/S876squid
Modify /etc/httpd/conf/httpd.conf please refer to Appendix I;
Modify /etc/squid/squid.conf file please refer to Appendix II;
Create wpad.dat on /var/www/html Please refer to Appendix III.
Create swap space
#/etc/init.d/squid –z
Reboot
Appendix I:
/etc/httpd/conf/httpd.conf
Listen 10.160.1.114:8000
ServerAdmin Seewo@msn.com
ServerName ServerName:8000
AddType application/x-ns-proxy-autoconfig .dat
DocumentRoot /var/www/html
AccessFileName .htaccess
AllowOverride All
Appendix II:
/etc/squid/squid.conf
# NETWORK OPTIONS
http_port 10.160.1.114:80
http_port 10.160.1.114:8080
icp_port 0
# OPTIONS WHICH AFFECT THE NEIGHBOR SELECTION ALGORITHM
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
acl localserver dst 10.160.1.0/255.255.252.0
no_cache deny localserver
# OPTIONS WHICH AFFECT THE CACHE SIZE
cache_mem 256MB
cache_swap_low 93
cache_swap_high 95
maximum_object_size 20480 KB
cache_replacement_policy heap LFUDA
memory_replacement_policy heap LRU
# LOGFILE PATHNAMES AND CACHE DIRECTORIES
cache_dir aufs /cache1 10000 16 123
cache_dir aufs /cache2 10000 16 123
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none
log_ip_on_direct off
# OPTIONS FOR EXTERNAL SUPPORT PROGRAMS
ftp_user Squid@yahoo.com
ftp_list_width 64
cache_dns_program /usr/local/squid/libexec/dnsserver
dns_children 10
dns_nameservers 10.160.1.1 10.160.1.3
redirect_program /usr/local/squidguard/bin/squidGuard -c /etc/squid/squidGuard.conf
redirect_children 5
redirect_rewrites_host_header on
acl Intranet dst 10.0.0.0/8 172.160.0.0/12 192.168.0.0/16 redirector_access allow !Intranet
auth_param ntlm program /usr/local/squid/libexec/ntlm_auth 域名/伺服器名 (可以有多個, 伺服器最好在/etc/hosts 里加IP映射)
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 120 seconds
auth_param ntlm use_ntlm_negotiate off
# OPTIONS FOR TUNING THE CACHE
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
# TIMEOUTS
client_lifetime 120 minutes
# ACCESS CONTROLS
acl AuthorizedUsers proxy_auth REQUIRED
acl deny_users proxy_auth -i "/etc/squid/deny_users"
acl fileupload req_mime_type -i ^multipart/form-data$
acl javascript rep_mime_type -i ^application/x-javascript$
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl anth_clients src 10.160.1.0/255.255.252.0
acl to_localhost dst 127.0.0.0/8
acl all src 0.0.0.0/0.0.0.0
acl SSL_ports port 443 563 8000 8080 8888
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager anth_clients
http_access deny manager all
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
acl msnmessenger url_regex -i gateway.dll
acl deny_sites url_regex -i "/etc/squid/deny_sites"
acl OnlyIpOne max_user_ip 1
http_access allow anth_clients Intranet
http_access deny msnmessenger
http_access deny deny_sites
http_access deny deny_users
http_access deny OnlyIpOne
http_access allow AuthorizedUsers
http_access deny all
http_reply_access allow all
icp_access allow all
# ADMINISTRATIVE PARAMETERS
cache_mgr admin
cache_effective_user squid
cache_effective_group squid
visible_hostname ServerName
# HTTPD-ACCELERATOR OPTIONS
httpd_accel_host 10.160.6.133 公司另外一台WEB伺服器
httpd_accel_port 80
httpd_accel_single_host on
httpd_accel_with_proxy on
httpd_accel_uses_host_header off
forwarded_for off
cachemgr_passwd zxxxxx all
buffered_logs on
# DELAY POOL PARAMETERS (all require DELAY_POOLS compilation option)
coredump_dir /usr/local/squid/var/cache
digest_generation on
digest_rebuild_period 1 hour
digest_rewrite_period 1 hour
digest_swapout_chunk_size 4096 bytes
digest_rebuild_chunk_percentage 10
Appendix III:
/var/www/html/wpad.dat
function FindProxyForURL(url, host)
{
if (isPlainHostName(host))
return "DIRECT";
else
return "PROXY 10.160.1.114:8080";
}
《解決方案》
企業解決方案實踐squid+squidGuard+sarg+clamav+mrtg
SquidGuard 1.2.0 compiling and installation procedure
Get the following file and save it to /usr/local/src
#wget http://ftp.teledanmark.no/pub/db/db-2.7.7.tar.gz
#wget http://ftp.teledanmark.no/pub/www/proxy/squidGuard/squidGuard-1.2.0.tar.gz
Build and install BerkeleyDB
#tar zxvf db-2.2.7.tar.gz
#cd db-2.2.7
#cd build_unix
#../dist/configure
#make
#make install
Build and Intall SquidGuard
#tar zxvf squidGuard-1.2.0.tar.gz
#cd squidGuard-1.2.0
# export LIBS="-lpthread"
#./configure --prefix=/usr/local/squidguard --datadir=/usr/share --sysconfdir=/etc/squid
--localstatedir=/var --infodir=/usr/share/info --mandir=/usr/share/man
--with-sg-config=/etc/squid/squidguard.conf --with-sg-logdir=/var/log/squidguard
--with-sg-dbhome=/usr/local/squidguard/db --with-db=/usr/local/BerkeleyDB
#make
#make install
Create the log directories and files
#mkdir /var/log/squidguard
#touch /var/log/squidguard/squidguard.log
#touch /var/log/squidguard/ads.log
#touch /var/log/squidguard/stopped.log
#chown –R squid.squid /var/log/squidguard
Set up the page to redirect users to when they're blocked:
Download a modified squidGuard.cgi file and save it to /var/www/html/cgi-bin/
#wget http://www.maynidea.com/squidguard/squidGuard.cgi
Download an 「invisible」 gif file and save it to /var/www/html/images/
#wget http://www.maynidea.com/squidguard/1x1.gif
Add the following lines in /etc/squid/squid.conf
redirect_program /usr/local/squid/bin/squidGuard -c /etc/squid/squidGuard.conf
redirect_children 5
Download the newest blacklists and save it to /usr/local/squidguard/db
#wget http://ftp.teledanmark.no/pub/www/proxy/squidguard/contrib/blacklists.tar.gz
#tar zxvf blacklists.tar.gz
#rm blacklists.tar.gz
Modify /etc/squid/squidGuard.conf file please refer to Appendix I;
Clam AntiVirus compiling and installation procedure
Download the following file and save it to /usr/local/src
#wget http://jaist.dl.sourceforge.net/sourceforge/clamav/clamav-0.80.tar.gz
#wget http://dazuko.org/files/dazuko-2.0.4.tar.gz
#tar xvzf clamav-0.80.tar.gz
#/usr/sbin/groupadd clamav
#/usr/sbin/useradd -g clamav -s /bin/false -c "Clam AntiVirus" clamav
#cd clamav-0.80
#./configure
#make && make install
Setting up auto-updating
#touch /var/log/clam-update.log
#chmod 600 /var/log/clam-update.log
#chown clamav /var/log/clam-update.log
Edit the configuration file in /usr/local/etc/freshclam.conf:
UpdateLogFile /var/log/clam-update.log
Add the closest mirrors database into /usr/local/etc/freshclam.conf server freshclam will attempt to download the newest virus database from.
DatabaseMirror clamav.ialfa.net
DatabaseMirror clamavdb.hostlink.com.hk
DatabaseMirror database.clamav.net
Enable On-access scanning
Copy kernel-source-2.4.20-8.i386.rpm from second disk to /usr/local/src
#rpm –ivh kernel-source-2.4.20-8.i386.rpm
#tar –xzvf dazuko-2.0.4.tar.gz
#./configure
#make
#/sbin/insmod dazuko.o
#mknod -m 600 /dev/dazuko c 254 0
#chown root:root /dev/dazuko
Protect a whole system, add the following lines to /usr/local/etc/clamd.conf
ClamukoScanOnAccess
ClamukoIncludePath /
ClamukoIncludePath /var
ClamukoIncludePath /cache1
ClamukoIncludePath /cache2
ClamukoExcludePath /proc
Add the following line to the crontab of the root users:
35 * * * * /usr/local/bin/freshclam --quiet
Squid Analysis Report Generator
Download the following file and save it to /usr/local/src
#wget http://jaist.dl.sourceforge.net/sourceforge/sarg/sarg-2.0.2.tar.gz
#tar –xzvf sarg-2.0.2.tar.gz
#cd sarg-2.0.2
#mkdir /var/www/html/sarg
#./configure --enable-sysconfdir=/etc/squid --enable-html=/var/www/html/sarg
#wget http://sarg.sourceforge.net/sarg-2.0.2-version.patch.gz
#make
#gzip -d sarg-2.0.2-version.patch.gz
#patch -p0<sarg-2.0.2-version.patch
#make install
#export LC_ALL=C
Create sarg.daily sard.weekly sarg.monthly in /usr/sbin, Please refer to Appendix II;
#chmod 755 /usr/sbin/sarg.*
Create password file for allow user authentication in User Reports using .htaccess
#/usr/bin/htpasswd -c /usr/local/sarg/passwd admin
#chmod 644 /usr/local/sarg/passwd
Install change passwd tools for User need to access User Reports
#http://jaist.dl.sourceforge.net/sourceforge/orsochpasswd/chpasswd-2.2.2.tar.gz
#tar zxvf chpasswd-2.2.2.tar.gz
#cd chpasswd-2.2.2
#./configure --enable-cgidir=/var/www/cgi-bin
#make && make install
#vi /usr/local/etc/chpasswd/chpasswd.conf
password_file /usr/local/sarg/passwd
header "Change Your Proxy Server User Access Reports Account Password"
minimum_length 7
enable_log /usr/local/etc/chpasswd/chpasswd.log
#chown apache.apache /usr/local/sarg/passwd
#touch /var/www/html/sarg/.htaccess
#vi /var/www/html/sarg/.htaccess
AuthUserFile /usr/local/sarg/passwd
AuthName "SARG, Restricted Access"
AuthType Basic
Require user admin
Create Script file to generate user reports
#mkdir /var/www/html/sarg/daily
#mkdir /var/www/html/sarg/weekly
#mkdir /var/www/html/sarg/monthly
Add the following line using crontab -e
05 0 * * * root /usr/sbin/sarg.daily
15 0 * * 1 root /usr/sbin/sarg.weekly
30 1 1 * * root /usr/sbin/sarg.monthly
Modify /etc/sarg/sarg.conf file please refer to Appendix III;
MRTG-2.10.15 compiling and installation procedure
SNMP configure
Insert the second disk and install net-snmp
#mount /dev/cdrom
#cd /mnt/cdrom/RedHat/RPMS/
#rpm –ivh net-snmp-*
#vi /etc/snmp/snmpd.conf
view mib2 included.iso.org.dod.internet.mgmt.mib-2 fc
change access notConfigGroup 「」 any noauth exact systemview none none
to access notConfigGroup 「」 any noauth exact mib2 none none
#ln –s /etc/rc.d/init.d/snmpd /etc/rc3.d/S88snmpd
Download the following file and save it to /usr/local/src
#wget http://people.ee.ethz.ch/~oetiker/webtools/mrtg/pub/mrtg-2.11.0.tar.gz
#tar xvzf mrtg-2.11.0.tar.gz
#mkdir /var/mrtg-2
# ./configure --prefix=/var/mrtg-2
--with-gd=/usr/include
--with-gd-lib=/usr/lib
--with-gd-inc=/usr/include
--with-png=/usr/include
--with-zlib=/usr/include
#make
#make install
#mkdir –p /var/www/html/mrtg/images
#cp images/*.* /var/www/html/mrtg/images/
#cd /usr/local/mrtg-2/bin
#/usr/local/mrtg-2/bin/cfgmaker --output=/usr/local/mrtg-2/bin/mrtg.cfg public@localhost
#vi /usr/local/mrtg-2/bin/mrtg.cfg
WorkDir: /var/www/html/mrtg
#/usr/local/mrtg-2/bin/indexmaker --output=/var/www/html/mrtg/index.html /usr/local/mrtg-2/bin/mrtg.cfg
Run the following command three times:
# env LANG=C /usr/local/mrtg-2/bin/mrtg /usr/local/mrtg-2/bin/mrtg.cfg
Add the following line using crontab –e:
*/5 * * * * env LANG=C /usr/local/mrtg-2/bin/mrtg /usr/local/mrtg-2/bin/mrtg.cfg
Appendix I:
/etc/squid/squidGuard.conf
dbhome /usr/local/squidguard/db/blacklists
logdir /var/log/squidguard
# DESTINATION CLASSES:
destination bl_ads {
domainlist ads/domains
urllist ads/urls
redirect http://10.160.1.114:8000/images/1x1.gif
log ads.log
}
destination bl_aggressive {
domainlist aggressive/domains
urllist aggressive/urls
redirect http://10.160.1.114:8000/cgi-bin/squidGuard.cgi?clientaddr=%a&clientname=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u
log stopped.log
}
destination bl_drugs {
domainlist drugs/domains
urllist drugs/urls
redirect http://10.160.1.114:8000/cgi-bin/squidGuard.cgi?clientaddr=%a&clientname=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u
log stopped.log
}
destination bl_gambling {
domainlist gambling/domains
urllist gambling/urls
redirect http://10.160.1.114:8000/cgi-bin/squidGuard.cgi?clientaddr=%a&clientname=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u
log stopped.log
}
destination bl_hacking {
domainlist hacking/domains
urllist hacking/urls
log stopped.log
redirect http://10.160.1.114:8000/cgi-bin/squidGuard.cgi?clientaddr=%a&clientname=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u
}
destination bl_porn {
domainlist porn/domains
urllist porn/urls
expressionlist porn/expressions
redirect http://10.160.1.114:8000/cgi-bin/squidGuard.cgi?clientaddr=%a&clientname=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u
log stopped.log
}
destination bl_violence {
domainlist violence/domains
urllist violence/urls
redirect http://10.160.1.114:8000/cgi-bin/squidGuard.cgi?clientaddr=%a&clientname=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u
log stopped.log
}
acl {
default {
pass !bl_ads !bl_aggressive !bl_drugs !bl_gambling !bl_hacking !bl_porn !bl_violence all
}
}
Appendix II:
/usr/sbin/sarg.daily
#!/bin/bash
#Get yesterday date
YESTERDAY=$(date --date "1 day ago" +%d/%m/%Y)
export LC_ALL=C
/usr/sbin/sarg -o /var/www/html/sarg/daily –f /usr/local/sarg/sarg.conf –l /var/log/squid/access.log -d $YESTERDAY >; /dev/null 2>;&1
exit 0
/usr/sbin/sarg.weekly
#!/bin/bash
#Generate Access.log for correct weekly reports
cat /var/log/squid/access.log.0 /var/log/squid/access.log >; /var/log/squid/access.log.week
#Get yesterday date
YESTERDAY=$(date --date "1 days ago" +%d/%m/%Y)
#Get one week ago date
WEEKAGO=$(date --date "7 days ago" +%d/%m/%Y)
export LC_ALL=C
/usr/sbin/sarg -l /var/log/squid/access.log.week -o /var/www/html/sarg/weekly –f /usr/local/sarg/sarg.conf -d $WEEKAGO-$YESTERDAY >; /dev/null 2>;&1
exit 0
/usr/sbin/sarg.monthly
#!/bin/bash
#Get yesterday date
YESTERDAY=$(date --date "1 day ago" +%d/%m/%Y)
#Get 1 month ago date
MONTHAGO=$(date --date "1 month ago" +%d/%m/%Y)
export LC_ALL=C
/usr/sbin/sarg –l /var/log/squid/access.log -o /var/www/html/sarg/monthly –f /usr/local/sarg/sarg.conf -d $MONTHAGO-$YESTERDAY >; /dev/null 2>;&1
/etc/rc.d/init.d/squid -k rotate
exit 0
Appendix III:
/usr/local/sarg/sarg.conf
title "Company Name. Proxy Server User Access Reports"
temporary_dir /tmp
records_without_userid ignore
use_comma yes
topsites_num 100
max_elapsed 28800000
report_type topsites users_sites date_time denied auth_failures site_user_time_date
topuser_num 0
displayed_values abbreviation
authfail_report_limit 50
denied_report_limit 50
#siteusers_report_limit 0
squidguard_report_limit 50
user_report_limit 50
download_suffix "zip,arj,iso,cab,com,mdb,exe,mp3,avi,mpg,mpeg,ZIP,RAR,EXE,ARJ,CAB,MDB,MP3,AVI,MPG,MPEG"
《解決方案》
企業解決方案實踐squid+squidGuard+sarg+clamav+mrtg
中文的可理解性要強一點!還是看中文更有幫助!
《解決方案》
企業解決方案實踐squid+squidGuard+sarg+clamav+mrtg
加精了,再接再勵!謝謝樓主。
《解決方案》
企業解決方案實踐squid+squidGuard+sarg+clamav+mrtg
不錯
《解決方案》
企業解決方案實踐squid+squidGuard+sarg+clamav+mrtg
seewo
謝謝這麼好的貼子
不過有幾個問題還要請教
1.能不能把squid 防病毒的部分再詳細說明一下?我非常感興趣。
如何作On-access scanning?
是用 dazuko作On-access scanning嗎 ?
是clamd.conf中的 ClamukoScanOnAccess起作用嗎?
另外Clamuko是否大量消耗系統資源,容易導致
It is very likely it will hang up your system.
kernel-source-2.4.20-8.i386.rpm 是不是只是更新內核?
另外我個人認為在Firewall前加Anti-Virus Walll可能會效果更好,
不過Anti-Virus Walll不是中小企業所能承擔的
2.關於認證部分 既然使用NTLM,為什麼又要使用password file,那用戶管理是不是很麻煩?
3.關於流量監控
squid 好像並沒有用snmp編譯,mrtg如何得到流量的數據?
如果方便的話,請告知聯繫方法,可以互相交流
MSN:qinzhen0721@hotmail.com
《解決方案》
企業解決方案實踐squid+squidGuard+sarg+clamav+mrtg
感謝樓上各位的關注, 本人參考本論壇很多有價值的文章才促成此文. 在些先謝謝各位啦. 以上各步已經經過實踐, 希望能拋磚引玉,吸引更多人關注, 最後形成一個完善的企業解決方案,
經過二三個月的實踐證明, Cllamuko 並不佔用很多系統資源, 現在小範圍在試用(20個用戶吧, 過年後可能在公司全球範圍內使用這個解決方案了)
Dazuko: 它的簡介里說是 An Open Solution to Facilitate "On-Access " scanning. 它本身不做殺毒, 它只是為一些第三方的應用軟體(如:殺毒引擎clamAV )提供一個簡單界面去控制文件的訪問. 你可以訪問 http://www.dazuko.org/ 得到更多資訊.
至於kernel-source-2.4.20-8.i386.rpm 因為安裝需要內核源, 這只是內核源.
因公司內部客戶端都裝有Mcafee Viruscan Enterprise 7.1.0 , 故在代理伺服器端只要對內存及cache提供保護就可以了, 從實際情況來看, 病毒庫升級也很快
認證部分 NTLM用來做用戶上網時用戶認證;而使用password file,是提供部門經理許可權去訪問 用戶上網記錄的, 這些用戶不多.
Allow User authentication to access Proxy Server User Access Reports http://10.160.1.114:8000/sarg
Change User Password for Access Proxy Server User at:
http://10.160.1.114:8000/cgi-bin/chpasswd.cgi
Monitor Squid Object Cache via Web interface:
http://10.160.1.114:8000/cgi-bin/cachemgr.cgi
關於流量監控
Linux 默認安裝了snmp 在第二部分你應該看到SNMP配置的一些細節.
我的聯繫方式其實在配置文件里有:
MSN: seewo@msn.com
《解決方案》
企業解決方案實踐squid+squidGuard+sarg+clamav+mrtg
up
我將按樓主的用一下謝謝
《解決方案》
企業解決方案實踐squid+squidGuard+sarg+clamav+mrtg
好文章!
