Content
Dateianzeige für squid (2.2.3)
usr/share/doc/squid/changes.txt2.2.2 -> 2.2.3 ansgar 10.02.2022
--------------- -----------------
- Update core to squid 5.4
2.2.1 -> 2.2.2 ansgar 22.01.2022
--------------- -----------------
- Update core to squid 5.3
2.2.0 -> 2.2.1 ansgar 08.11.2021
--------------- -----------------
- Update core to squid 5.2
- ACL /usr/lib/squid/ext_time_quota_acl
Compilation requieres Samba TrivialDB library,
that is not available.
- Fixed bug in /etc/logrotate.d/squid
(Thanks to Taxena Gasparov).
- Fixed deinstall script /var/install/deinstall/squid
Remove files from APACHE2_DOCUMENT_ROOT, e.g.
/usr/share/apache2/www/htdocs/squid.pac
/usr/share/apache2/www/htdocs/squidGuard_blocked.gif
/usr/share/apache2/www/htdocs/squidGuard_stop.gif
- Changes generation of squid.conf.default_eis
during package building.
Use patch instead of sed.
2.1.11 -> 2.2.0 ansgar 01.08.2021
--------------- -----------------
- Update core to squid 5.1
2.1.10 -> 2.1.11 ansgar 10.08.2021
---------------- -----------------
- Update core to squid 4.16
- Changes to SquidGuard configuration
blacklists
http://squidguard.mesd.k12.or.us/blacklists.tgz
http://urlblacklist.com/cgi-bin/commercialdownload.pl?type=download&file=bigblacklist
no longer exists
blacklist
http://squidguard.shalla.de/Downloads/shallalist.tar.gz
was renamed to
http://www.shallalist.de/Downloads/shallalist.tar.gz
New default blacklist is
http://www.shallalist.de/Downloads/shallalist.tar.gz
2.1.9 -> 2.1.10 ansgar 13.05.2021
--------------- -----------------
- Update core to squid 4.15
- Use cp -p when copying files to cgi directory
/var/install/config.d/squid.sh
2.1.8 -> 2.1.9 ansgar 20.02.2021
--------------------------------
- Update core to squid 4.14
2.1.7 -> 2.1.8 ansgar 14.09.2020
--------------------------------
- Update core to squid 4.13
2.1.6 -> 2.1.7 ansgar 25.06.2020
--------------------------------
- Update core to squid 4.12
2.1.5 -> 2.1.6 ansgar 10.05.2020
--------------------------------
- Update core to squid 4.11
- Packages squid now requires
libxml2-2 3.0.0
libexpat1 3.0.0
libgnutls30 3.0.0
libkrb5 3.0.0
libatomic1 3.0.0
libnetfilter_conntrack3 3.0.0
glibc 3.0.0
2.1.4 -> 2.1.5 ansgar 20.03.2020
--------------------------------
- Update core to squid 4.10
- Package squid now requires
base 2.8.25
libnettle6 2.8.2
libxml2-2 2.8.5
libexpat1 2.8.3
libgnutls30 2.8.8
libkrb5 2.8.5
2.1.3 -> 2.1.4 ansgar 14.12.2019
--------------------------------
- Update core to squid 4.9
- Remove symbols and debug information from cachemgr.cgi
- Install /usr/lib/squid/cachemgr.cgi even if already
existing in cgi-bin directory. Overwrite old version.
- Install /usr/sbin/chpasswd.cgi even if already
existing in cgi-bin directory. Overwrite old version.
- Changes to some shell scripts using test -n or -z
- Check if user squid has an empty password
lock the password of the account squid
2.1.2 -> 2.1.3 ansgar 15.07.2019
--------------------------------
- Update core to squid 4.8
- Patched src/security/PeerOptions.h
Changed debug level from 0 to 5
See: https://bugs.squid-cache.org/show_bug.cgi?id=4970
- Avoid use of /var/install/packages
/tmp/preinstall.sh
/var/install/config.d/squid.sh
/var/install/config.d/squid_update.sh
- Fixed logrotate configuration
No call of '/etc/init.d/squid rotate' if squid
is not running
2.1.1 -> 2.1.2 ansgar 15.05.2019
--------------------------------
- Update core to squid 4.7
- Changed requirements to actual versions
- Create group as system group and user as system user
2.1.0 -> 2.1.1 ansgar 10.03.2019
--------------------------------
- Update core to squid 4.6
- Package squid now requires at least base version 2.8.12
- Avoid fixed GID/UID when creating user and group squid
- Remove user and group squid on total deinstall, remove squidpasswd.log
- Add comment lines to squid.pac file
2.0.1 -> 2.1.0 ansgar 22.01.2019
--------------------------------
- Update core to squid 4.5
- Enhancements for directory changes in package apache2 2.1.0
- Fixed problem of redirect directive.
Thanks to Sven.
- Added comments to /etc/logrotate.d/squid and
/usr/squidGuard/squidGuard.conf
- Refactoring of /etc/init.d/squid and
/var/install/config.d/squid.sh
- If Squid version 1.9.4 is installed:
File /etc/config.d/squid will be saved to /tmp/config_squid_1p9p4
File /usr/local/squidGuard/squidGuard.conf will saved to /tmp/squidGuard.conf.save
- If file /etc/config.d/squid does not exists but file /tmp/config_squid_1p9p4
exists, /tmp/config_squid_1p9p4 will be used as old configuration file
- Change SQUID_LOGFORMAT 'auto' to 'squid' when updating from Squid 1.9.4
- If an other Squid version is installed
File /usr/squidGuard/squidGuard.conf will be saved to /tmp/squidGuard.conf.save
- Fixed bug in /var/install/config.d/squid.sh.
Make shure /var/squid exists.
- Fixed /var/install/deinstall/squid.
Remove all squid files and directories on complete uninstall.
2.0.0 -> 2.0.1 ansgar 29.12.2018
--------------------------------
- recompiled Eisfair-1 binaries using -march=i486
1.9.5 -> 2.0.0
--------------
- Update core to squid 4.4
- Moved squid.conf.default_eis, mime.conf and
chpasswd.conf.default_eis to /etc/squid
- IMPORTANT: squid.conf will be created in /etc/squid
- IMPORTANT: chpasswd.conf will be created in /etc/squid
- Changed default of START_SQUID to 'no'
- Added configuration variable SQUID_MANUAL_CONFIGURATION
If SQUID_MANUAL_CONFIGURATION is set to 'yes' you have
to configure Squid and all it's components by yourself.
No configuration file will be changed automatically.
Package now contains files
/etc/squid/chpasswd.conf.default_eis instead of
/etc/squid/chpasswd.conf
and
/etc/squid/squid.conf.default_eis
/etc/squid/squid.conf
on delivery to avoid to replace self configured files.
- Removed remaining files for webconf
webconf is no longer supported since many versions
- Convert file release-notes.txt and squid.txt
from ISO-8859 to UTF-8
release-notes.txt will not be included into the package
- Update menu setup.services.squid.menu
removed files
/var/install/bin/squid-show-log-access
/var/install/bin/squid-show-log-cache
- Make sure the cache structure will not be removed on update
- Changed update process to current standard.
Files:
/etc/check.d/squid
/etc/check.d/squid.exp
/etc/check.d/squid.ext
/etc/default.d/squid
will be created using shell script squid_update.sh.
Changed access rights to the files to 600 because
of security reasons (passwords included).
- Removed configuration parameter SQUID_LOG_FQDN from
configuration file.
TAG: log_fqdn is not longer available.
See SQUID_LOGFORMAT for new solution.
- Removed configuration parameter SQUID_EMULATE_HTTPD_LOG
from configuration file.
TAG: emulate_httpd_log is no longer available.
See SQUID_LOGFORMAT for new solution.
- Configuration parameter SQUID_LANGUAGE was renamed to
SQUID_DEFAULT_LANGUAGE
- Removed SQUID_LOGFORMAT 'auto'.
Added SQUID_LOGFORMAT 'referrer' and 'useragent'.
- Removed support for package mysql2squid.
Package mysql2squid does no more exist.
- ATTENTION When using squidGuard:
The package comes with a very old blacklist.
Please update the blacklist to an actual version using
menu entry "Update squidGuard databases".
1.9.4 -> 1.9.5
--------------
- update core to squid 3.4.8
1.9.3 -> 1.9.4
--------------
- fix creation of cache
1.9.2 -> 1.9.3
--------------
- updated core to squid 3.1.18
- it is now possible to use + in a class configuration. By using + the class
is explicitly allowd (M. Roeckrath)
- improve startup script - output to console is suppressed and redirected
to logfile
- fixed check for apache vhosts
- fixed initialisation of squid cache
1.9.1 -> 1.9.2
--------------
- fix www user/group on eisfair-2
- updated core to squid 3.1.10
- added missing errorpage.css
- removed not existing blacklist
- fix several script errors
1.9.0 -> 1.9.1
--------------
- made squid available for eisfair-2
- updated core to squid 3.1.8
- added config dialogs for ece
1.8.0 -> 1.9.0
--------------
- global modifications
--------------------
- changed software versions
squid from version 2.6.STABLE9 to 2.6.STABLE13
- changed status from stable to testing
- modifications for squid
-----------------------
- Line
http_access deny CONNECT !home
was added to squid.conf.
Now an appropriate contents of SQUID_ACL_HOME_SRC
allows to deny connect to safe ports like 21 (ftp),
443 (https) and 70 (gopher) for dedicated clients.
- Changed documentation for SQUID_AUTH_PFILE
- new configuration parameters
SQUID_LANGUAGE 'de_DE' 'en_US' 'en_GB' or 'fr_FR'
Select one of the languages for Squids error messages.
Default is en_US. 'en_US' and 'en_GB' are synonyms.
SQUID_MESSAGE_TIME 'UTC' or 'local'
Message time generated in error messages.
Possible values are
'UTC' Universal Time Coordinated (GMT)
'local' local time.
SQUID_PORT_OPTIONS
Values for http_port option. E.g. 'transparent'.
See /etc/squid.conf for a detailed description.
SQUID_ALLOW_ICP='no'
Accept ICP messages on port 3130 'yes' or 'no'.
- modified configuration parameters
SQUID_GUARD_CLASS new class 'exception'
The special class 'exception' allows
to have exceptions from the following
classes that block. You have to create
the files in directory
/usr/local/squidGuard/db/blacklists/exception
manually.
E.g. if you want to block webradio but allow
cnn.com.
Thanks to Marcus Roeckrath for his for his proposal
and the modifications for the shell scripts.
1.8.0 -> 1.8.1
--------------
- enhanced scripts to be compatible with new versions apache2 package
(new handling of APACHE2_SCRIPT_ALIAS)
1.7.1 -> 1.8.0
--------------
- global modifications
--------------------
- changed software versions
squid from version 2.6.STABLE7 to 2.6.STABLE9
- changed status from testing to stable
1.7.0 -> 1.7.1
--------------
- global modifications
--------------------
- changed software versions
squid from version 2.6.STABLE6 to 2.6.STABLE7
1.6.1 -> 1.7.0
--------------
- global modifications
--------------------
- changed software versions
squid from version 2.5.STABLE13 to 2.6.STABLE6
squidGuard from version 1.2.0 to 1.2.0p3
- changed status from stable to testing
- modifications for squid
-----------------------
- changed /etc/squid.conf and /var/install/config.d/squid.sh
tag cache_access_log was renamed to access_log
tag redirect_program was renamed to url_rewrite_program
tag redirect_children was renamed to url_rewrite_children
- new configuration parameters
SQUID_ADDITIONAL_SAFE_PORTS=''
Additional acl Safe_ports ports.
Example:
SQUID_ADDITIONAL_SAFE_PORTS='445 22 3001'
will add the ports 445,22 and 3001 to
the list of 'safe ports'.
See /etc/squid.conf for a detailed
description of acl aclname port
and http_access deny.
SQUID_LOGFORMAT='auto'
Access log format. Possible values
are 'auto', 'squid', 'squidmime', 'common',
'combined' and 'eissquid'. See squid.conf
for the defintions of log formats.
Format 'eissquid' is like 'squid', except
that local time (tl) is used instead of
time since epoche. Only format 'auto' will
be modified by SQUID_EMULATE_HTTPD_LOG.
- enhancements for configuration parameters
SQUID_LOG_ACCESS
SQUID_LOG_ACCESS='none' disables logging.
SQUID_LOG_ACCESS='syslog' logs using the
syslog daemon (see SYSLOGD parameter of
base parameter).
SQUID_LOG_CACHE
SQUID_LOG_CACHE='none' disables logging.
- check for line "application/x-ns-proxy-autoconfig pac"
in Apache's mime.types file is now done on every
startup of squid. Former this line was only added
when changing squid's configuration but this line was
lost when Apache was updated.
- Corrected creation of disc cache on startup.
Check for $SQUID_CACHE_DIR and $SQUID_CACHE_DIR/00
is done. Advise of Olaf Jaehrling.
- modifications for squidGuard
----------------------------
- new configuration parameters
SQUID_GUARD_ANONYMOUS_LOGGING='yes'
If SQUID_GUARD_ANONYMOUS_LOGGING is set to 'yes'
squidGuard does not log the username
if a user tries to get a blocked side.
If SQUID_GUARD_ANONYMOUS_LOGGING is set to 'no'
the username is written to the log file.
SQUID_GUARD_NOTBLOCKED_USER=''
List of usernames, e.g. 'master admin'.
Requests of this users are not handled by
squidGuard, so they are able to access
urls that are normaly blocked by squidGuard.
SQUID_GUARD_NOTBLOCKED_USER does only work
if SQUID_AUTH is set to 'yes'.
Parameters for blacklist configuration.
SQUID_GUARD_BLACKLIST_ACTIVE='1'
Blacklist to be used from following
list of tested blacklists.
SQUID_GUARD_BLACKLIST_N='5'
SQUID_GUARD_BLACKLIST_1_URL='http://ftp.teledanmark.no...'
SQUID_GUARD_BLACKLIST_1_FILENAME=''
SQUID_GUARD_BLACKLIST_1_TYPE='diff'
SQUID_GUARD_BLACKLIST_1_OPTION=''
SQUID_GUARD_BLACKLIST_N defines a URL,
a FILENAME and a TYPE that has to be used.
SQUID_GUARD_BLACKLIST_#_URL:
URL for download.
SQUID_GUARD_BLACKLIST_#_FILENAME:
Name of file that will be downloaded.
If empty basename URL will be used.
SQUID_GUARD_BLACKLIST_#_TYPE:
Type of blacklist.
'diff' blacklist contains .diff files.
Using this files prebuilt databases can
be updated on the fly.
'full' blacklist is a complete update.
SQUID_GUARD_BLACKLIST_#_OPTION=''
Option 'strip1' or ''.
Option to handle unconventional blacklist.
If option 'strip1' is set, the blacklist
will be extracted directly to directory
/usr/local/squidGuard/db/blacklists.
First path from filenames will be stripped.
The configuration file contains five examples
of blacklist URLs. This five examples have been
tested.
ATTENTION: SQUID_GUARD_BLACKLIST_5_URL
This is a commercial managed
URL blacklist service.
See http://urlblacklist.com/ to subscribe.
- enhancements for configuration parameters
SQUID_GUARD_CLASS
Some blacklists use subdirectories.
Corresponding classes will be named
dir_subdir e.g. recreation_travel
for subdirectory recreation/travel.
Use recreation to avtivate all classes
in subdirectories of recreation.
Classes with leading minus sign (-)
will not be used. Eg. 'all -hobby'
activates all classes except hobby.
- blacklist update using cron
SQUID_GUARD_CRON:
Use cron to update blacklist 'yes' or 'no'.
Default 'no'.
SQUID_GUARD_CRON_SCHEDULE:
Cron configuration string.
Default: '15 0 * * *'
Update every day at 00:15.
- access to directories /usr/local/squidGuard/db and
/usr/local/squidGuard/log is now limited to to preserve
privacy and to restrict user from getting information
of blacklists
1.6.0 -> 1.6.1
--------------
- global modifications
--------------------
- changed software versions
squid from version 2.5.STABLE12 to 2.5.STABLE13
1.5.2 -> 1.6.0
--------------
- global modifications
--------------------
- changed version from 1.5.2 to 1.6.0
- changed status from testing to stable
1.5.1 -> 1.5.2
--------------
- Correction disastrous authentication bug.
Authentication failed for protocol https.
Thanks to Stefan Goldbach to remind me again.
- Added creation of file /etc/cachemgr.conf
cachemgr.cgi shows those hosts that are
contained in /etc/cachemgr.conf.
1.5.0 -> 1.5.1
--------------
- Corrected creation of disc cache on startup.
- Fixed a lot of problems with usage of apache/apache2.
Directory names are take from apache/apache2 Configuration.
A warning is displayed, if "Apache Virtual Hosts" are
used and the squid installation process has to install
files to some Apache directories.
- MIME type
application/x-ns-proxy-autoconfig pac
is added to the Apache MIME configuration file
automatically.
- Fixed a problem when switching SQUID_GUARD_BUILD_DB
from 'yes' to 'no'.
The .db files will be deleted when setting
SQUID_GUARD_BUILD_DB to 'no'.
- Corrected a problem with mysql2squid when changing scheme
or turning off authentication.
The logger process was not stopped.
1.4.1 -> 1.5.0
--------------
- global modifications
--------------------
- changed software versions
squid from version 2.5.STABLE7 to 2.5.STABLE12
- Package squid now requires at least base version 1.1.5
- Shell scripts are using EISLIB (/var/install/include/eislib)
Package squid no more requires /local/bin/html_colecho.
- menu format was changed to the new XML format
obsolete shell scripts removed
- If SQUID_SCHEME is set to 'ncsa' but no password file
exists, an empty password file will be created.
The owner and group of the password file will be
set to squid:squid in every case.
- Fixed bug when deinstalling package squid.
User squid will now be removed.
- changed generation of squid.pac
added entry for https protocol
Squid is able to tunnel https.
- fixed bugs in /etc/check.d/squid, that causes
ECE to abort. Added entry SQUID_LOG_FQDN, corrected
entry for SQUID_EMULATE_HTTPD_LOG.
- added option forcestart to
/etc/init.d/squid
- fixed bug (squidGuard blocks) in
squid-build-squidguard-db and
squid-update-squidguard-db, if configuration
file does not exist.
- added support for SQUID_SCHEME mysql.
Attention: scheme mysql is not included
in package squid.
- added support for package mysql2squid.
(visit pack.eis to search for this package)
- added support to hold squids cache in a RAM disc
The cache structure will be build at startup, if
the structure does not exist.
- added the following options to /etc/config.d/squid
SQUID_ALLOW_SNMP='no'
Accept SNMP messages on port 3401 'yes' or 'no'.
Attention:
Default is SQUID_ALLOW_SNMP='no'.
This is different to squids behavior before
version 1.5.0.
SQUID_CREDENTIALS_TTL='2 hours'
Specifies how long squid assumes an externally
validated username:password pair is valid for -
in other words how often the helper program is
called for that user. Eg. '10 seconds', '1 minute',
'5 minutes' or '1 hour' are valid.
Default: '2 hours'.
For package mysql2squid you should use a low
value, e.g. '5 minutes'.
- corrected typos in
squid-update-squidguard-db and
squid_update.sh
1.4.0 -> 1.4.1
--------------
- global modifications
--------------------
- Fixed bug when installaing package squid.
Owner and rights of /tmp where scambled
(Thanks to Christian Schulz).
Changed home directory of user squid
from /tmp to /home/__dummyhome__.
1.3.2 -> 1.4.0
--------------
- global modifications
--------------------
- changed version from 1.3.2 to 1.4.0
- changed status from testing to stable
- modified /tmp/change_uid_gid.sh
corrected bug for /proc
enhanced performance using xargs
1.3.1 -> 1.3.2
--------------
- global modifications
--------------------
- This is the first version that was compiled and generated
on eisfair using the upcoming eisfair development environment.
- changed software versions
squid from version 2.5.STABLE6 to 2.5.STABLE7
chpasswd fom verison 1.9.1 to 2.2.1
using
http://freshmeat.net/redir/chpasswdforsquid/1268/url_tgz/chpasswd-2.2.1.tar.gz
- ATTENTION:
UID of user squid has to be changed from 3 to 23
GID of group squid has to be changed from 3 to 23
because UID 3 and GID 3 are reserved for sys:sys
If squid is installed this will be done automatically.
If squid is not installed nothing has to be done.
- If SQUID_INSTALL_CHPASSWD is set to 'yes'
and SQUID_AUTH_PFILE does not exist an error message
is displayed.
Owner and group of SQUID_AUTH_PFILE is set to squid:squid.
- corrected ownership of squidGuard logfiles
/usr/local/squidGuard/log/tr*.log
(Thanks to Jan Vauseweh for his accurate error message)
1.3.0 -> 1.3.1
--------------
- global modifications
--------------------
- changed software versions
squid from version 2.5.STABLE4 to 2.5.STABLE6
- added support of apache2 for squid and squidguard
- removed all links from the distribution file
links are created in /tmp/install.sh
- changed deinstallation of package squid to
strict mode. This means that the following
files are removed:
/etc/config.d/squid
/var/squid/squidpasswd if existing
If this user does not own any files or directories
it will be deleted
squid
Group squid will be removed.
- minimized number of messages during start and
stop of services
- minimized number of messages during configuration
processes
- added the following options to /etc/config.d/squid
SQUID_EMULATE_HTTPD_LOG='no'
Emulate the log file format which many
'httpd' programs use 'yes' or 'no'.
This changes the format of cache access log.
- changed generation of squid.pac
removed entry for https protocol
- changed /var/install/config.d/squid.sh
to use /var/install/bin/check-version to detect
if perl, samba, apache or apache is installed
- modifications for webconf
-------------------------
- changed call of add_advancedconfigmenu
and del_advancedconfigmenu
- changed squid-build-squidguard-db
squid-update-squidguard-db
to work correctly when
SQUID_INSTALL_SQUIDGUARD is set to 'no'
1.2.0 -> 1.3.0
--------------
- global modifications
--------------------
- visible_hostname in /etc/squid.conf
will now be generated as
$HOSTNAME.$DOMAIN_NAME
from /etc/config.d/base.
This allows Mozilla to recognize
that /cgi-bin/chpasswd.cgi
does not need to be accessed using
the Proxy.
- If advanced configuration file handling is available
(will be released with eisfair 1.0.5)
it will be included into the squid menu structure
- fixed a bug in smb_auth (used non existent directories)
(Thanks to Sebastian Scholze for his accurate error message)
- When using smb authentication it is no longer
checked that the server running squid also
is configured as primary domain controller.
Instead the following text ist displayed:
Attention:
==========
Samba on this server is not configured as primary
domain controller. Make shure that directory /netlogon
exists on your primary domain controller and that a
file proxyauth with a line containing the word allow
exists in /netlogon.
You have to create the file proxyauth manually
and put the text allow into the file.
I tried this configuration version only by using
a second eisfair server as PDC. I never checked
it with a real Windows(tm) server.
1.1.1 -> 1.2.0
--------------
- global modifications
--------------------
- changed version from 1.1.1 to 1.2.0
- changed status from testing to stable
- corrected message in
/var/install/config.d/squid.sh
1.1.0 -> 1.1.1
--------------
- global modifications
--------------------
- default configuration file changed
old /etc/config.d/squid.default
new /etc/default.d/squid
- included check of base package version
into /tmp/preinstall.sh
- added the following features
squid's cache is only initialize/reinitialize
if no file named swap.state is found in directory
$SQUID_CACHE_DIR.
If a file named swap.state is found the message
"squid's cache was already initialized" is displayed.
New menue point
9: Initialize squid cache
was added to the service menu
(Thanks to Michael Bierwirth for his proposal)
- added the following options to /etc/config.d/squid
SQUID_LOG_FQDN='no'
Log fully qualified domain names
in the access.log 'yes' or 'no'.
- correted bug in /etc/check.d/squid
SQUID_CACHE_PEER_% is no checked with NONE
to allow spaces in SQUID_CACHE_PEER_%
- modifications for webconf
-------------------------
- corrected fatal bug in /var/install/config.d/squid.sh
that occurs when using webconf.
errormessage was:
cp: missing destination file
Try `cp --help' for more information.
Default configuration was used instead
of the actual user configuration.
- corrected bug in /var/install/form/squid
Match for SQUID_MAX_LOGSIZE was invalid
No configuration could be applied.
- modified experimental support for webconf
files:
/local/bin/html_colecho
/var/install/form/squid.main
/var/install/form/squid.squidguard.admin
/var/install/help/squid
webconf 0.40.4 or higher is required
1.0.0 -> 1.1.0
--------------
- global modifications
--------------------
- changed software versions
squid from version 2.5.STABLE2 to 2.5.STABLE4
BerkeleyDB from version 2.7.7 to 3.2.9
(BerkeleyDB is used by squidGuard)
- using /var/install/bin/doc
to show all documents and files
- added eischk to check the configuration file
files:
/etc/check.d/squid
/etc/check.d/squid.exp
- added experimental support for webconf
files:
/local/bin/html_colecho
/var/install/form
/var/install/form/squid
/var/install/form/squid.main
/var/install/form/squid.status
/var/install/form/squid.change
/var/install/help/
/var/install/help/squid
/var/install/prep
/var/install/prep/prep_change_squid_status.sh
/var/install/prep/prep_squid_status.sh
/var/install/servadm
/var/install/servadm/clean_squid_status.sh
/var/install/servadm/change_squid_status.sh
- added menues
Show squid package changes
Show squid cache access log file
Show squid cache log file
squidGuard administration
Show squidGuard log
Build squidGuard databases
Update squidGuard databases
- modifications for squid
-----------------------
- changed ./configure options
old option:
--enable-delay-pools
added option is:
--enable-snmp
- removed all man pages from the package
because of a decision made by the
Eisfair Developer Team September, 14th 2003
- obsolet file
/var/install/setup.services.squid.menu
will be deleted by preinstall.sh
- corrected call off /var/install/bin/del-menu
when deinstalling squid
- modified /etc/init.d/squid
added function multi_echo
function check_start
modified function verify_pidfile
function wait_for_termination
squid will be terminated using
/bin/squid -k shutdown -f /etc/squid.conf
- changed the following option to /etc/config.d/squid
SQUID_IP_ETH_N='1'
Use n'th ethernet card
configured in /etc/config.d/base.
new:
0 - listen on all local addresses.
- added the following options to /etc/config.d/squid
SQUID_FILL_FORWARDED_FOR='no'
Include system's IP address or name
in HTTP requests squid forwards
'yes' or 'no'.
SQUID_CACHE_PEER_N='0'
Additional cache_peer specifications.
Number of additional specifications.
SQUID_CACHE_PEER_#
Additional cache_peer specification #.
- added the following lines to /etc/squid.conf
# FTP
acl FTP_port port 21
# FTP
# FTP
http_access allow CONNECT FTP_port CONNECT
http_access allow CONNECT Safe_ports
# FTP
This allows FTP Clients to work through
a HTTP Proxy - Connection Tunnel.
(Thanks to Stefan Heidrich for his proposal
and his skilled help.)
- added the following lines to /etc/squid.conf
# snmp
acl snmppublic snmp_community public
snmp_port 3401
snmp_access allow snmppublic all
# snmp
Squid delivers status and statistic information
via SNMP. You could use tools like mrtg
http://mrtg.hdl.com/mrtg.html or other snmp
applications to work with Squid.
(Thanks to Hartmut Broich for his proposal
and help.)
If you want to disable snmp, please
comment out the three lines between
# snmp and # snmp.
- modifications for squidGuard
----------------------------
- added the following option to /etc/config.d/squid
SQUID_GUARD_HTTP_PORT='80'
Port to be used by all internal HTTP connections
e.g. squidGuard messages, squidGuard images
SQUID_GUARD_BUILD_DB='yes'
Convert domainlists and urllists to
prebuilt databases 'yes' od 'no'.
Prebuilt databases will speed up
the start of squidGuard.
SQUID_GUARD_TR_LOG='no'
Log translations to logfiles 'yes' or 'no'.
If set to 'yes' translation (blocks)
for all classes will be logged.
There will be a special logfile for
every class (e.g. for class drugs
/usr/local/squidGuard/log/tr_drugs.log).
This logfiles will be truncated when
squidGuard is started.
0.92.1 -> 1.0.0
---------------
- corrected bug in
/etc/init.d/squid in function
wait_for_termination
- directory
/usr/local/squidGuard/db/blacklists/individual
will be created when installing squid
empty files domains, urls and expressions
will be created if they do not exist
- if directory
/usr/local/squidGuard/db/blacklists/individual
contains a nonempty file domains, urls or
expressions the file will not be removed
when deinstalling squid
- /usr/share/doc/squid/squid.txt now contains
a documentation how to add elements to
the blacklist class individual
0.92.0 -> 0.92.1
----------------
- global modifications
--------------------
- new squid release version 2.5 stable 2
- added document /usr/share/doc/squid/squid.8
- Configuration file /etc/config.d/squid
will be saved when installing a new version
of the squid package.
The "old" configuration parameters will be
retained unchanged and are transferred into
the "new" configuration.
- Configuration file /etc/config.d/squid
will not be removed when uninstalling
the squid package.
If you wish to remove the file,
please do it by yourself.
- added a proxy autoconfiguration file
called squid.pac (see SQUID_GEN_PACFILE).
- added squidGuard to the package
squidGuard is a redirector and access controller.
See http://www.squidguard.org/ for a description about
the posibilities and the limititations of squidGuard.
(see SQUID_INSTALL_SQUIDGUARD and the following
SQUID_GUARD_xxxxx options)
- added the following option to /etc/config.d/squid
SQUID_ACL_HOME_SRC=''
Setting for 'acl home src'.
This src acl specifies network addresses or
a number of client IP addresses that are
allowed to use the squid proxy.
If SQUID_ACL_HOME_SRC is empty only clients
in the network specified by SQUID_IP_ETH_N
are allowed to use the proxy.
Example:
192.168.1.0/255.255.255.0 192.168.2.0/255.255.255.0
allows clients from the networks
192.168.1.0 and 192.168.2.0.
See /etc/squid.conf for a detailed
description of src acl.
SQUID_MAX_OBJECT_SIZE=4096
squid maximum object size
Objects larger than this size will NOT
be saved on disk.
Value is specified in kilobytes.
SQUID_GEN_PACFILE='no'
Generate a .pac file named squid.pac
'yes' or 'no'.
If set to 'yes' the file will be generated.
If set to 'no' an existing file will not
be touched.
The file will be placed in directory
/var/www/htdocs.
You could first generate the file, then
change SQUID_GEN_PACFILE to 'no' and
finetune the file.
Probably you will have to add the line
application/x-ns-proxy-autoconfig pac
to /usr/local/apache/conf/mime.types
to make use of the .pac file.
You will have to configure the use of
the .pac file in your webbrowser.
SQUID_INSTALL_SQUIDGUARD='no'
Install squidGuard 'yes' or 'no'.
SQUID_GUARD_REDIRECT_CHILDREN=4
Number of redirect_children.
See: TAG: redirect_children in squid.conf.
SQUID_GUARD_CLASS='all'
Target classes squidGuard will block.
Default 'all' blocks the following
classes: ads aggressive audio-video
drugs gambling hacking mail
porn proxy violence warez.
Class individual can be used for a
user defined configuration.
Set SQUID_GUARD_CLASS to 'drugs porn'
if you only want to block classes
'drugs' and 'porn'.
SQUID_GUARD_SPECS='all'
Target specifications squidGurad will
block. Default 'all' will use the
following specifications:
domains urls expressions.
Set SQUID_GUARD_SPECS to 'domains'
if you only want to use the domains
files.
SQUID_GUARD_AUTOCONFIG='yes'
If you set SQUID_GUARD_AUTOCONFIG to
'yes' a default configuration for
squidGuard will be generated.
See /usr/local/squidGuard/squidGuard.conf.
If you want to modify the configuration
after generation change this setting
to 'no'.
Please change this option only if you know
what you are doing.
SQUID_GUARD_CGIAUTOCONFIG='yes'
If you set SQUID_GUARD_CGIAUTOCONFIG
to 'yes' a default configuration for
the redirect statement used in
squidGuard.conf will be generated.
If you want to modify the configuration
after generation change this setting
to 'no'.
Please change this option only if you know
what you are doing.
0.91.0 -> 0.92.0
----------------
- modified /var/install/config.d/squid.sh
to verify in case of smb proxy authentication
that samba is configured as primary domain controller
added creation of /netlogon/proxyauth
optimized sed oparations
code was rewritten using functions
- modified /var/install/packages/squid
translation to english and other
modifications
- modified /var/install/deinstall/squid
added removal of the optional created files
/etc/logrotate.d/squid
/netlogon/proxyauth
- added to /etc/config.squid
SQUID_CACHE_MGR
Email-address of local cache manager
Default is webmaster
SQUID_CACHEMGR_PASSWD
Cache manager's password.
You will need this to access cachemgr.cgi.
The password disable will disable access.
SQUID_CACHE_PEER
Specify other caches in a hierarchy.
See /etc/squid.conf for a detailed
description of cache_peer.
SQUID_INSTALL_CHPASSWD
'yes' or 'no'
Install chpasswd.cgi to allow
password changing when using
ncsa proxy authentication.
SQUID_INSTALL_CACHEMGR
'yes' or 'no'
Install cachemgr.cgi.
When using cachemgr.cgi you will have
to replace the default localhost at
"Cache Host" with the name of your server.
"Manager name" is the name part of the
email-address of you local cache manager.
"Password" is cache manager's password.
- added some files to /var/install/deinstall/squid
- revoked read access to /etc/config.d/squid from others
- revoked read access to /etc/squid.conf from others
0.90.0 -> 0.91.0
----------------
- new squid release version 2.5 stable 1
- added visible_hostname to /etc/squid.conf
- modified /var/install/config.d/squid.sh
to set the right hostname
and to set coredump_dir
- modified /var/install/deinstall/squid
bourne shell compatibility
procedure remove_empty_dir corrected
- modified /etc/config.d/squid
renamed SQUID_START to START_SQUID
- modified /var/install/config.d/squid.sh
to reflect the above modification
- modified /etc/init.d/squid
to reflect the above modification
corrected an additional error
- modified /etc/config.d/squid
new variable SQUID_IP_ETH_N
use n'th ethernet card configured
in /etc/config.d/base
- modified /var/install/config.d/squid.sh
to reflect the above modification
- added logfile_rotate 0 to /etc/squid.conf
to allow third-party logfile management
to run squid with squid -k rotate
- added SQUID_LOG_ROTATE and
SQUID_MAX_LOGSIZE to /etc/config.d/squid
SQUID_LOG_ROTATE='yes' rotate access log and
cache log using logrotate
SQUID_LOG_ROTATE='no' do not rotate the log files
SQUID_MAX_LOGSIZE Log files are rotated when they
grow bigger then SQUID_MAX_LOGSIZE bytes
possible values xxx, xxxk or xxxM
xxx size in bytes
xxxk size in kilobytes
xxxM size in megabytes
- modified /var/install/config.d/squid.sh
to reflect the above modification
- added function rotate to
/etc/init.d/squid
- added proxy authentication to the squid package
the following base schemes are supported
ncsa_auth
pam_auth
smb_auth (untested)
modified /etc/config.d/squid and
/var/install/config.d/squid.sh
SQUID_AUTH yes or no
SQUID_SCHEME values ncsa | pam | smb
SQUID_AUTH_PFILE location of pasword file
(only ncsa)
- modified /var/install/deinstall/squid
added remove-menu
0.10.2 -> 0.90.0
----------------
- added /usr/share/doc/squid/changes.txt (this file)
- added comments to all files in /var/install/bin
- renamed /var/install/config.d/squid to
/var/install/config.d/squid.sh
- removed SQUID_ADRESS and SQUID_ALLOW_IPS
from /etc/config.d/squid
values are taken from /etc/config.d/base
(IP_ETH_1_IPADDR,IP_ETH_1_NETWORK,IP_ETH_1_NETMASK)
- added SQUID_START to /etc/config.d/squid
SQUID_START='yes' squid will be startet at boot
SQUID_START='no' squid will not be startet at boot
- modified /etc/config.d/squid
changed a lot of comments
- modified /var/install/config.d/squid.sh
to reflect the changes in /etc/config.d/squid
- modified /tmp/install.sh
to reflect the changes in /etc/config.d/squid
- modified /usr/share/doc/squid/squid.txt
to reflect the changes in /etc/config.d/squid
- added /tmp/preinstall.sh
stop squid before new installation
remove some redundant file from version 0.10.2
- changed ./package/usr/share/doc/changes.txt
to avoid double restart
- modified /etc/init.d/squid
changes some comments
now squid is invoked with option -D to avoid
DNS tests for netscape.com internic.net
nlanr.net and microsoft.com
reload part modified (sleep 2 included)
- added "show squid documentation"
to SQUID Proxy Menu
/var/install/bin/squid-show-documentation
- added file /var/install/deinstall/squid
the squid deinstall skript