ENVIRONMENT VARIABLES FOR SQUIDWALL
- default: "/var/log/squid/squidwall.log"
- contains the filename of the logfile of squidwall
- have to be writeable by the squid user or group
- default: "127.0.0.1:3128"
- contains ip:port of the squid webcache
- this cache shouldn't be redirected to squidwall :)
- default "127.0.0.1:3310"
- ip:port of the TCP/IP deamon of clamd
- look for TCPSocket and TCPAddr in clamd.conf
- default "/var/lib/clamav/clamd.sock"
- look for LocalSocket and FixStaleSocket in clamd.conf
- default: 60000
- max length, which should be send to clamd for scanning
- also the max length, which is used for the content scanning
- default: 100
- default: unset
- if set, each incoming request of squid will be logged to squidwall.log
- default: unset
- if set, each outcoming answer of squidwall to squid will be logged
- default: "http://www.example.org/?network=x&reason=url&"
- default: "http://www.example.org/?network=x&reason=cont&"
- default: "http://www.example.org/?network=x&reason=host&"
- default: "http://www.example.org/?network=x&reason=user&"
- default: "http://www.example.org/img/t.png"
- default: "http://www.example.org/?network=x&reason=virus&"
- default: "http://$SERVER/inet/"
- default: "http://www.example.org/img/"
- default: "/etc/squidwall/hosts"
- directory for the hosts definitions
- default: "/etc/squidwall/users"
- directory for the username definitions
- default: "/etc/squidwall/redirects"
- directory with symbolic links for redirection purposes
- default: "/etc/squidwall/bfilters"
- directory for the definitions of the banner filters
- default: "/etc/squidwall/bcfilters"
- directory for the definitions of the regex.7 banner (http header) filters
- default: "/etc/squidwall/brfilters"
- directory for the definitions of the regex.7 banner (url) filters
- default: "/etc/squidwall/cfilters"
- directory for the definitions of the content filters
- default: "/etc/squidwall/crfilters"
- directory for the definitions of the regex.7 content filters
- default: "/etc/squidwall/pfilters"
- directory for the definitions of the phrase filter
- default: "/etc/squidwall/ufilters"
- directory for the definitions of the url blacklist
- default: "/etc/squidwall/urfilters"
- directory for the definitions of the regex.7 url blacklist
- default: "/etc/squidwall/wfilters"
- directory for the definitions of the url whitelist
- default: "/etc/squidwall/wrfilters"
- directory for the definitions of the regex.7 url whitelist
|last change: 2013-03-19 @ 23:20|
- two new environment variables which can be used for debugging new
configurations or errors
-> $LOG_IN is set to the whole incoming request of squid
-> $LOG_OUT is set to the output given by squidwall
- fixed the new timestamping... strftime sets the last byte to 0 ;)
- made the tai64n logging optional, see params.h for details
-> default logging is now done in this format: "%Y-%m-%d %H:%M:%S"
- disabled the debugging @ params.h
- fixed warning when compiling md5.c
- added redir_defaultsite, which is used as default rewrite url, when
$REDIR_DEFAULTSITE is set and all wfilter sites failed
-> a simple method for an whitefilter only list
- squid url_rewrite_concurrency detection had a bug, which causes problems
on sites beginning with numbers
- this is maybe not the last 0.4 version ;)
- use wrfilter @ content level instead @ url level
- this is the last 0.4 version
- use socket_tcp4b instead of socket_tcp4
- changed the call to write/read in buffer_init()
- added handling of changed squid 2.6 redirector interface
- fixed connection error handling
- added a small fix, so this version can be used with squid 2.6 now
- changed the md5 and sha1 url filters, they use now only the hostname
- removed the webinterface from contrib, it may be downloaded seperatly
- added the User-Agent Header in the http request (wikipedia didn't work)
- fixed bug: when clamd connection fails, no filter was applied
- 2 new url filters: ufilters_md5 and ufilter_sha1
- url shortcuts can be defined @ /etc/squidwall/redirects
- clamav socket support
- easy access to the webinterface via http://squidwall/ is now possible
- fixed some compiler warnings
- improved the antivirus scanning
- fixed antivirus scanning
- removed documentation, I have a wiki for this now!
- added some new filter variants
- all filters are defined now @ /etc/squidwall/filters/*
- clamd version is only read, when needed
- added phrase filter
- improved the content scanning et all
- use of the structure list_head (from linux kernel)
- memory usage is much better now :)
- splitted the filters directory into different parts:
- url filter with regex.7 expression matching
- url filter with case-insensitive string matching
- content filter with regex.7 expression matching
- content filter with case-insensitive string matching
- added missing die_nomem() calls
- added url/content regex matching for blacklisting
-> real content scanning
- changed also the naming of some functions
- tested squidwall with 40.000 host entries and 40.000 user entries
-> bad performance ... version 0.3 will change the bad memory usage!
- initial idea and concept
- the antivirus scanning works
- user/ip based control isn't done yet
- added user/host stuff
- added some docs
- released version 0.1
|last change: 2013-03-19 @ 21:07|
Thanks to those people for success and failure reports, images, code, ideas and
JP = Jörg Petermann <firstname.lastname@example.org>
- the two images virus.gif and stop.jpg
|last change: 2008-03-10 @ 17:50|
- improve the webinterface:
- add more languages to it
- use more / all features of squidwall
- add learning and classifiying of the sqlite cached pages
- add pthread support for squid 2.6 and share the in memory cache (possible?)
|last change: 2006-07-06 @ 11:09|
- squidwall can only handle "HTTP GET" requests
- it does not scan the whole GET REQUEST, when scanning for viruses
-> only 100K or whatever you set as MAXSIZE is scanned
|last change: 2010-11-11 @ 11:55|