Divan Santana wrote:
Hi Everyone,
This is the first time I am using this mailing list :)
Hoping someone can please help me :)
I have searched different documentation and tried lots but no luck yet.
I want to use Dansguardian with squid and with ACLS with IP addresses but to
my current squid-2.5.STABLE6 rpm build on Centos4.3.
Here's where the trouble starts. Squid 2.5 didn't support
follow-x-forwarded-for without a patch
(http://devel.squid-cache.org/follow_xff/index.html).
So I need this section to work in squid.conf
----------------------------------------------------------------------------------------------------
# TAG: follow_x_forwarded_for
# Note: This option is only available if Squid is rebuilt with the
# -DFOLLOW_X_FORWARDED_FOR option
----------------------------------------------------------------------------------------------------
What I did was downloaded the src.rpm to /root
Then did:
rpm -Uvh squid-2.5.STABLE6-3.4E.12.src.rpm
vi /usr/src/redhat/SPECS/squid.spec
Add --enable-follow-x-forwarded-for \ to “# Configure the package” section
Here, you'll also need to download the patch, and add it to the patch
list in the SPEC file. Be aware, that it is unlikely to apply cleanly,
and will likely take some massaging.
rpmbuild -bb modified.spec
And then installed the .rpm it created for me.
I edited squid.conf and did this:
acl dansguardian src 127.0.0.1
follow_x_forwarded_for allow dansguardian
follow_x_forwarded_for deny all
acl_uses_indirect_client on
log_uses_indirect_client on
But squid still doesn't recognize this?
Any ideas what I did wrong or didn't do??
In Ubuntu 6.10 I did the following and got it working no problems:
apt-get source squid
apt-get build-dep squid
apt-get install devscripts build-essential fakeroot
cd squid-2.6.1
See here? Ubuntu is using Squid 2.6. That makes all the difference in
the world.
vim debian/rules
Add --enable-follow-x-forwarded-for \ to “# Configure the package” section
./configure
debuild -us -uc -b
cd ..
dpkg -i squid??? squid-common???
And this worked, just not sure how to do it on the live CentOS server we have?
You might be better off (since you are compiling anyway) grabbing the
Fedora Squid SRPM and using it as a base. Or just compiling from source.
Chris