2.2.2 -> 2.2.3 ansgar 10.02.2022 --------------- ----------------- - Update core to squid 5.4 2.2.1 -> 2.2.2 ansgar 22.01.2022 --------------- ----------------- - Update core to squid 5.3 2.2.0 -> 2.2.1 ansgar 08.11.2021 --------------- ----------------- - Update core to squid 5.2 - ACL /usr/lib/squid/ext_time_quota_acl Compilation requieres Samba TrivialDB library, that is not available. - Fixed bug in /etc/logrotate.d/squid (Thanks to Taxena Gasparov). - Fixed deinstall script /var/install/deinstall/squid Remove files from APACHE2_DOCUMENT_ROOT, e.g. /usr/share/apache2/www/htdocs/squid.pac /usr/share/apache2/www/htdocs/squidGuard_blocked.gif /usr/share/apache2/www/htdocs/squidGuard_stop.gif - Changes generation of squid.conf.default_eis during package building. Use patch instead of sed. 2.1.11 -> 2.2.0 ansgar 01.08.2021 --------------- ----------------- - Update core to squid 5.1 2.1.10 -> 2.1.11 ansgar 10.08.2021 ---------------- ----------------- - Update core to squid 4.16 - Changes to SquidGuard configuration blacklists http://squidguard.mesd.k12.or.us/blacklists.tgz http://urlblacklist.com/cgi-bin/commercialdownload.pl?type=download&file=bigblacklist no longer exists blacklist http://squidguard.shalla.de/Downloads/shallalist.tar.gz was renamed to http://www.shallalist.de/Downloads/shallalist.tar.gz New default blacklist is http://www.shallalist.de/Downloads/shallalist.tar.gz 2.1.9 -> 2.1.10 ansgar 13.05.2021 --------------- ----------------- - Update core to squid 4.15 - Use cp -p when copying files to cgi directory /var/install/config.d/squid.sh 2.1.8 -> 2.1.9 ansgar 20.02.2021 -------------------------------- - Update core to squid 4.14 2.1.7 -> 2.1.8 ansgar 14.09.2020 -------------------------------- - Update core to squid 4.13 2.1.6 -> 2.1.7 ansgar 25.06.2020 -------------------------------- - Update core to squid 4.12 2.1.5 -> 2.1.6 ansgar 10.05.2020 -------------------------------- - Update core to squid 4.11 - Packages squid now requires libxml2-2 3.0.0 libexpat1 3.0.0 libgnutls30 3.0.0 libkrb5 3.0.0 libatomic1 3.0.0 libnetfilter_conntrack3 3.0.0 glibc 3.0.0 2.1.4 -> 2.1.5 ansgar 20.03.2020 -------------------------------- - Update core to squid 4.10 - Package squid now requires base 2.8.25 libnettle6 2.8.2 libxml2-2 2.8.5 libexpat1 2.8.3 libgnutls30 2.8.8 libkrb5 2.8.5 2.1.3 -> 2.1.4 ansgar 14.12.2019 -------------------------------- - Update core to squid 4.9 - Remove symbols and debug information from cachemgr.cgi - Install /usr/lib/squid/cachemgr.cgi even if already existing in cgi-bin directory. Overwrite old version. - Install /usr/sbin/chpasswd.cgi even if already existing in cgi-bin directory. Overwrite old version. - Changes to some shell scripts using test -n or -z - Check if user squid has an empty password lock the password of the account squid 2.1.2 -> 2.1.3 ansgar 15.07.2019 -------------------------------- - Update core to squid 4.8 - Patched src/security/PeerOptions.h Changed debug level from 0 to 5 See: https://bugs.squid-cache.org/show_bug.cgi?id=4970 - Avoid use of /var/install/packages /tmp/preinstall.sh /var/install/config.d/squid.sh /var/install/config.d/squid_update.sh - Fixed logrotate configuration No call of '/etc/init.d/squid rotate' if squid is not running 2.1.1 -> 2.1.2 ansgar 15.05.2019 -------------------------------- - Update core to squid 4.7 - Changed requirements to actual versions - Create group as system group and user as system user 2.1.0 -> 2.1.1 ansgar 10.03.2019 -------------------------------- - Update core to squid 4.6 - Package squid now requires at least base version 2.8.12 - Avoid fixed GID/UID when creating user and group squid - Remove user and group squid on total deinstall, remove squidpasswd.log - Add comment lines to squid.pac file 2.0.1 -> 2.1.0 ansgar 22.01.2019 -------------------------------- - Update core to squid 4.5 - Enhancements for directory changes in package apache2 2.1.0 - Fixed problem of redirect directive. Thanks to Sven. - Added comments to /etc/logrotate.d/squid and /usr/squidGuard/squidGuard.conf - Refactoring of /etc/init.d/squid and /var/install/config.d/squid.sh - If Squid version 1.9.4 is installed: File /etc/config.d/squid will be saved to /tmp/config_squid_1p9p4 File /usr/local/squidGuard/squidGuard.conf will saved to /tmp/squidGuard.conf.save - If file /etc/config.d/squid does not exists but file /tmp/config_squid_1p9p4 exists, /tmp/config_squid_1p9p4 will be used as old configuration file - Change SQUID_LOGFORMAT 'auto' to 'squid' when updating from Squid 1.9.4 - If an other Squid version is installed File /usr/squidGuard/squidGuard.conf will be saved to /tmp/squidGuard.conf.save - Fixed bug in /var/install/config.d/squid.sh. Make shure /var/squid exists. - Fixed /var/install/deinstall/squid. Remove all squid files and directories on complete uninstall. 2.0.0 -> 2.0.1 ansgar 29.12.2018 -------------------------------- - recompiled Eisfair-1 binaries using -march=i486 1.9.5 -> 2.0.0 -------------- - Update core to squid 4.4 - Moved squid.conf.default_eis, mime.conf and chpasswd.conf.default_eis to /etc/squid - IMPORTANT: squid.conf will be created in /etc/squid - IMPORTANT: chpasswd.conf will be created in /etc/squid - Changed default of START_SQUID to 'no' - Added configuration variable SQUID_MANUAL_CONFIGURATION If SQUID_MANUAL_CONFIGURATION is set to 'yes' you have to configure Squid and all it's components by yourself. No configuration file will be changed automatically. Package now contains files /etc/squid/chpasswd.conf.default_eis instead of /etc/squid/chpasswd.conf and /etc/squid/squid.conf.default_eis /etc/squid/squid.conf on delivery to avoid to replace self configured files. - Removed remaining files for webconf webconf is no longer supported since many versions - Convert file release-notes.txt and squid.txt from ISO-8859 to UTF-8 release-notes.txt will not be included into the package - Update menu setup.services.squid.menu removed files /var/install/bin/squid-show-log-access /var/install/bin/squid-show-log-cache - Make sure the cache structure will not be removed on update - Changed update process to current standard. Files: /etc/check.d/squid /etc/check.d/squid.exp /etc/check.d/squid.ext /etc/default.d/squid will be created using shell script squid_update.sh. Changed access rights to the files to 600 because of security reasons (passwords included). - Removed configuration parameter SQUID_LOG_FQDN from configuration file. TAG: log_fqdn is not longer available. See SQUID_LOGFORMAT for new solution. - Removed configuration parameter SQUID_EMULATE_HTTPD_LOG from configuration file. TAG: emulate_httpd_log is no longer available. See SQUID_LOGFORMAT for new solution. - Configuration parameter SQUID_LANGUAGE was renamed to SQUID_DEFAULT_LANGUAGE - Removed SQUID_LOGFORMAT 'auto'. Added SQUID_LOGFORMAT 'referrer' and 'useragent'. - Removed support for package mysql2squid. Package mysql2squid does no more exist. - ATTENTION When using squidGuard: The package comes with a very old blacklist. Please update the blacklist to an actual version using menu entry "Update squidGuard databases". 1.9.4 -> 1.9.5 -------------- - update core to squid 3.4.8 1.9.3 -> 1.9.4 -------------- - fix creation of cache 1.9.2 -> 1.9.3 -------------- - updated core to squid 3.1.18 - it is now possible to use + in a class configuration. By using + the class is explicitly allowd (M. Roeckrath) - improve startup script - output to console is suppressed and redirected to logfile - fixed check for apache vhosts - fixed initialisation of squid cache 1.9.1 -> 1.9.2 -------------- - fix www user/group on eisfair-2 - updated core to squid 3.1.10 - added missing errorpage.css - removed not existing blacklist - fix several script errors 1.9.0 -> 1.9.1 -------------- - made squid available for eisfair-2 - updated core to squid 3.1.8 - added config dialogs for ece 1.8.0 -> 1.9.0 -------------- - global modifications -------------------- - changed software versions squid from version 2.6.STABLE9 to 2.6.STABLE13 - changed status from stable to testing - modifications for squid ----------------------- - Line http_access deny CONNECT !home was added to squid.conf. Now an appropriate contents of SQUID_ACL_HOME_SRC allows to deny connect to safe ports like 21 (ftp), 443 (https) and 70 (gopher) for dedicated clients. - Changed documentation for SQUID_AUTH_PFILE - new configuration parameters SQUID_LANGUAGE 'de_DE' 'en_US' 'en_GB' or 'fr_FR' Select one of the languages for Squids error messages. Default is en_US. 'en_US' and 'en_GB' are synonyms. SQUID_MESSAGE_TIME 'UTC' or 'local' Message time generated in error messages. Possible values are 'UTC' Universal Time Coordinated (GMT) 'local' local time. SQUID_PORT_OPTIONS Values for http_port option. E.g. 'transparent'. See /etc/squid.conf for a detailed description. SQUID_ALLOW_ICP='no' Accept ICP messages on port 3130 'yes' or 'no'. - modified configuration parameters SQUID_GUARD_CLASS new class 'exception' The special class 'exception' allows to have exceptions from the following classes that block. You have to create the files in directory /usr/local/squidGuard/db/blacklists/exception manually. E.g. if you want to block webradio but allow cnn.com. Thanks to Marcus Roeckrath for his for his proposal and the modifications for the shell scripts. 1.8.0 -> 1.8.1 -------------- - enhanced scripts to be compatible with new versions apache2 package (new handling of APACHE2_SCRIPT_ALIAS) 1.7.1 -> 1.8.0 -------------- - global modifications -------------------- - changed software versions squid from version 2.6.STABLE7 to 2.6.STABLE9 - changed status from testing to stable 1.7.0 -> 1.7.1 -------------- - global modifications -------------------- - changed software versions squid from version 2.6.STABLE6 to 2.6.STABLE7 1.6.1 -> 1.7.0 -------------- - global modifications -------------------- - changed software versions squid from version 2.5.STABLE13 to 2.6.STABLE6 squidGuard from version 1.2.0 to 1.2.0p3 - changed status from stable to testing - modifications for squid ----------------------- - changed /etc/squid.conf and /var/install/config.d/squid.sh tag cache_access_log was renamed to access_log tag redirect_program was renamed to url_rewrite_program tag redirect_children was renamed to url_rewrite_children - new configuration parameters SQUID_ADDITIONAL_SAFE_PORTS='' Additional acl Safe_ports ports. Example: SQUID_ADDITIONAL_SAFE_PORTS='445 22 3001' will add the ports 445,22 and 3001 to the list of 'safe ports'. See /etc/squid.conf for a detailed description of acl aclname port and http_access deny. SQUID_LOGFORMAT='auto' Access log format. Possible values are 'auto', 'squid', 'squidmime', 'common', 'combined' and 'eissquid'. See squid.conf for the defintions of log formats. Format 'eissquid' is like 'squid', except that local time (tl) is used instead of time since epoche. Only format 'auto' will be modified by SQUID_EMULATE_HTTPD_LOG. - enhancements for configuration parameters SQUID_LOG_ACCESS SQUID_LOG_ACCESS='none' disables logging. SQUID_LOG_ACCESS='syslog' logs using the syslog daemon (see SYSLOGD parameter of base parameter). SQUID_LOG_CACHE SQUID_LOG_CACHE='none' disables logging. - check for line "application/x-ns-proxy-autoconfig pac" in Apache's mime.types file is now done on every startup of squid. Former this line was only added when changing squid's configuration but this line was lost when Apache was updated. - Corrected creation of disc cache on startup. Check for $SQUID_CACHE_DIR and $SQUID_CACHE_DIR/00 is done. Advise of Olaf Jaehrling. - modifications for squidGuard ---------------------------- - new configuration parameters SQUID_GUARD_ANONYMOUS_LOGGING='yes' If SQUID_GUARD_ANONYMOUS_LOGGING is set to 'yes' squidGuard does not log the username if a user tries to get a blocked side. If SQUID_GUARD_ANONYMOUS_LOGGING is set to 'no' the username is written to the log file. SQUID_GUARD_NOTBLOCKED_USER='' List of usernames, e.g. 'master admin'. Requests of this users are not handled by squidGuard, so they are able to access urls that are normaly blocked by squidGuard. SQUID_GUARD_NOTBLOCKED_USER does only work if SQUID_AUTH is set to 'yes'. Parameters for blacklist configuration. SQUID_GUARD_BLACKLIST_ACTIVE='1' Blacklist to be used from following list of tested blacklists. SQUID_GUARD_BLACKLIST_N='5' SQUID_GUARD_BLACKLIST_1_URL='http://ftp.teledanmark.no...' SQUID_GUARD_BLACKLIST_1_FILENAME='' SQUID_GUARD_BLACKLIST_1_TYPE='diff' SQUID_GUARD_BLACKLIST_1_OPTION='' SQUID_GUARD_BLACKLIST_N defines a URL, a FILENAME and a TYPE that has to be used. SQUID_GUARD_BLACKLIST_#_URL: URL for download. SQUID_GUARD_BLACKLIST_#_FILENAME: Name of file that will be downloaded. If empty basename URL will be used. SQUID_GUARD_BLACKLIST_#_TYPE: Type of blacklist. 'diff' blacklist contains .diff files. Using this files prebuilt databases can be updated on the fly. 'full' blacklist is a complete update. SQUID_GUARD_BLACKLIST_#_OPTION='' Option 'strip1' or ''. Option to handle unconventional blacklist. If option 'strip1' is set, the blacklist will be extracted directly to directory /usr/local/squidGuard/db/blacklists. First path from filenames will be stripped. The configuration file contains five examples of blacklist URLs. This five examples have been tested. ATTENTION: SQUID_GUARD_BLACKLIST_5_URL This is a commercial managed URL blacklist service. See http://urlblacklist.com/ to subscribe. - enhancements for configuration parameters SQUID_GUARD_CLASS Some blacklists use subdirectories. Corresponding classes will be named dir_subdir e.g. recreation_travel for subdirectory recreation/travel. Use recreation to avtivate all classes in subdirectories of recreation. Classes with leading minus sign (-) will not be used. Eg. 'all -hobby' activates all classes except hobby. - blacklist update using cron SQUID_GUARD_CRON: Use cron to update blacklist 'yes' or 'no'. Default 'no'. SQUID_GUARD_CRON_SCHEDULE: Cron configuration string. Default: '15 0 * * *' Update every day at 00:15. - access to directories /usr/local/squidGuard/db and /usr/local/squidGuard/log is now limited to to preserve privacy and to restrict user from getting information of blacklists 1.6.0 -> 1.6.1 -------------- - global modifications -------------------- - changed software versions squid from version 2.5.STABLE12 to 2.5.STABLE13 1.5.2 -> 1.6.0 -------------- - global modifications -------------------- - changed version from 1.5.2 to 1.6.0 - changed status from testing to stable 1.5.1 -> 1.5.2 -------------- - Correction disastrous authentication bug. Authentication failed for protocol https. Thanks to Stefan Goldbach to remind me again. - Added creation of file /etc/cachemgr.conf cachemgr.cgi shows those hosts that are contained in /etc/cachemgr.conf. 1.5.0 -> 1.5.1 -------------- - Corrected creation of disc cache on startup. - Fixed a lot of problems with usage of apache/apache2. Directory names are take from apache/apache2 Configuration. A warning is displayed, if "Apache Virtual Hosts" are used and the squid installation process has to install files to some Apache directories. - MIME type application/x-ns-proxy-autoconfig pac is added to the Apache MIME configuration file automatically. - Fixed a problem when switching SQUID_GUARD_BUILD_DB from 'yes' to 'no'. The .db files will be deleted when setting SQUID_GUARD_BUILD_DB to 'no'. - Corrected a problem with mysql2squid when changing scheme or turning off authentication. The logger process was not stopped. 1.4.1 -> 1.5.0 -------------- - global modifications -------------------- - changed software versions squid from version 2.5.STABLE7 to 2.5.STABLE12 - Package squid now requires at least base version 1.1.5 - Shell scripts are using EISLIB (/var/install/include/eislib) Package squid no more requires /local/bin/html_colecho. - menu format was changed to the new XML format obsolete shell scripts removed - If SQUID_SCHEME is set to 'ncsa' but no password file exists, an empty password file will be created. The owner and group of the password file will be set to squid:squid in every case. - Fixed bug when deinstalling package squid. User squid will now be removed. - changed generation of squid.pac added entry for https protocol Squid is able to tunnel https. - fixed bugs in /etc/check.d/squid, that causes ECE to abort. Added entry SQUID_LOG_FQDN, corrected entry for SQUID_EMULATE_HTTPD_LOG. - added option forcestart to /etc/init.d/squid - fixed bug (squidGuard blocks) in squid-build-squidguard-db and squid-update-squidguard-db, if configuration file does not exist. - added support for SQUID_SCHEME mysql. Attention: scheme mysql is not included in package squid. - added support for package mysql2squid. (visit pack.eis to search for this package) - added support to hold squids cache in a RAM disc The cache structure will be build at startup, if the structure does not exist. - added the following options to /etc/config.d/squid SQUID_ALLOW_SNMP='no' Accept SNMP messages on port 3401 'yes' or 'no'. Attention: Default is SQUID_ALLOW_SNMP='no'. This is different to squids behavior before version 1.5.0. SQUID_CREDENTIALS_TTL='2 hours' Specifies how long squid assumes an externally validated username:password pair is valid for - in other words how often the helper program is called for that user. Eg. '10 seconds', '1 minute', '5 minutes' or '1 hour' are valid. Default: '2 hours'. For package mysql2squid you should use a low value, e.g. '5 minutes'. - corrected typos in squid-update-squidguard-db and squid_update.sh 1.4.0 -> 1.4.1 -------------- - global modifications -------------------- - Fixed bug when installaing package squid. Owner and rights of /tmp where scambled (Thanks to Christian Schulz). Changed home directory of user squid from /tmp to /home/__dummyhome__. 1.3.2 -> 1.4.0 -------------- - global modifications -------------------- - changed version from 1.3.2 to 1.4.0 - changed status from testing to stable - modified /tmp/change_uid_gid.sh corrected bug for /proc enhanced performance using xargs 1.3.1 -> 1.3.2 -------------- - global modifications -------------------- - This is the first version that was compiled and generated on eisfair using the upcoming eisfair development environment. - changed software versions squid from version 2.5.STABLE6 to 2.5.STABLE7 chpasswd fom verison 1.9.1 to 2.2.1 using http://freshmeat.net/redir/chpasswdforsquid/1268/url_tgz/chpasswd-2.2.1.tar.gz - ATTENTION: UID of user squid has to be changed from 3 to 23 GID of group squid has to be changed from 3 to 23 because UID 3 and GID 3 are reserved for sys:sys If squid is installed this will be done automatically. If squid is not installed nothing has to be done. - If SQUID_INSTALL_CHPASSWD is set to 'yes' and SQUID_AUTH_PFILE does not exist an error message is displayed. Owner and group of SQUID_AUTH_PFILE is set to squid:squid. - corrected ownership of squidGuard logfiles /usr/local/squidGuard/log/tr*.log (Thanks to Jan Vauseweh for his accurate error message) 1.3.0 -> 1.3.1 -------------- - global modifications -------------------- - changed software versions squid from version 2.5.STABLE4 to 2.5.STABLE6 - added support of apache2 for squid and squidguard - removed all links from the distribution file links are created in /tmp/install.sh - changed deinstallation of package squid to strict mode. This means that the following files are removed: /etc/config.d/squid /var/squid/squidpasswd if existing If this user does not own any files or directories it will be deleted squid Group squid will be removed. - minimized number of messages during start and stop of services - minimized number of messages during configuration processes - added the following options to /etc/config.d/squid SQUID_EMULATE_HTTPD_LOG='no' Emulate the log file format which many 'httpd' programs use 'yes' or 'no'. This changes the format of cache access log. - changed generation of squid.pac removed entry for https protocol - changed /var/install/config.d/squid.sh to use /var/install/bin/check-version to detect if perl, samba, apache or apache is installed - modifications for webconf ------------------------- - changed call of add_advancedconfigmenu and del_advancedconfigmenu - changed squid-build-squidguard-db squid-update-squidguard-db to work correctly when SQUID_INSTALL_SQUIDGUARD is set to 'no' 1.2.0 -> 1.3.0 -------------- - global modifications -------------------- - visible_hostname in /etc/squid.conf will now be generated as $HOSTNAME.$DOMAIN_NAME from /etc/config.d/base. This allows Mozilla to recognize that /cgi-bin/chpasswd.cgi does not need to be accessed using the Proxy. - If advanced configuration file handling is available (will be released with eisfair 1.0.5) it will be included into the squid menu structure - fixed a bug in smb_auth (used non existent directories) (Thanks to Sebastian Scholze for his accurate error message) - When using smb authentication it is no longer checked that the server running squid also is configured as primary domain controller. Instead the following text ist displayed: Attention: ========== Samba on this server is not configured as primary domain controller. Make shure that directory /netlogon exists on your primary domain controller and that a file proxyauth with a line containing the word allow exists in /netlogon. You have to create the file proxyauth manually and put the text allow into the file. I tried this configuration version only by using a second eisfair server as PDC. I never checked it with a real Windows(tm) server. 1.1.1 -> 1.2.0 -------------- - global modifications -------------------- - changed version from 1.1.1 to 1.2.0 - changed status from testing to stable - corrected message in /var/install/config.d/squid.sh 1.1.0 -> 1.1.1 -------------- - global modifications -------------------- - default configuration file changed old /etc/config.d/squid.default new /etc/default.d/squid - included check of base package version into /tmp/preinstall.sh - added the following features squid's cache is only initialize/reinitialize if no file named swap.state is found in directory $SQUID_CACHE_DIR. If a file named swap.state is found the message "squid's cache was already initialized" is displayed. New menue point 9: Initialize squid cache was added to the service menu (Thanks to Michael Bierwirth for his proposal) - added the following options to /etc/config.d/squid SQUID_LOG_FQDN='no' Log fully qualified domain names in the access.log 'yes' or 'no'. - correted bug in /etc/check.d/squid SQUID_CACHE_PEER_% is no checked with NONE to allow spaces in SQUID_CACHE_PEER_% - modifications for webconf ------------------------- - corrected fatal bug in /var/install/config.d/squid.sh that occurs when using webconf. errormessage was: cp: missing destination file Try `cp --help' for more information. Default configuration was used instead of the actual user configuration. - corrected bug in /var/install/form/squid Match for SQUID_MAX_LOGSIZE was invalid No configuration could be applied. - modified experimental support for webconf files: /local/bin/html_colecho /var/install/form/squid.main /var/install/form/squid.squidguard.admin /var/install/help/squid webconf 0.40.4 or higher is required 1.0.0 -> 1.1.0 -------------- - global modifications -------------------- - changed software versions squid from version 2.5.STABLE2 to 2.5.STABLE4 BerkeleyDB from version 2.7.7 to 3.2.9 (BerkeleyDB is used by squidGuard) - using /var/install/bin/doc to show all documents and files - added eischk to check the configuration file files: /etc/check.d/squid /etc/check.d/squid.exp - added experimental support for webconf files: /local/bin/html_colecho /var/install/form /var/install/form/squid /var/install/form/squid.main /var/install/form/squid.status /var/install/form/squid.change /var/install/help/ /var/install/help/squid /var/install/prep /var/install/prep/prep_change_squid_status.sh /var/install/prep/prep_squid_status.sh /var/install/servadm /var/install/servadm/clean_squid_status.sh /var/install/servadm/change_squid_status.sh - added menues Show squid package changes Show squid cache access log file Show squid cache log file squidGuard administration Show squidGuard log Build squidGuard databases Update squidGuard databases - modifications for squid ----------------------- - changed ./configure options old option: --enable-delay-pools added option is: --enable-snmp - removed all man pages from the package because of a decision made by the Eisfair Developer Team September, 14th 2003 - obsolet file /var/install/setup.services.squid.menu will be deleted by preinstall.sh - corrected call off /var/install/bin/del-menu when deinstalling squid - modified /etc/init.d/squid added function multi_echo function check_start modified function verify_pidfile function wait_for_termination squid will be terminated using /bin/squid -k shutdown -f /etc/squid.conf - changed the following option to /etc/config.d/squid SQUID_IP_ETH_N='1' Use n'th ethernet card configured in /etc/config.d/base. new: 0 - listen on all local addresses. - added the following options to /etc/config.d/squid SQUID_FILL_FORWARDED_FOR='no' Include system's IP address or name in HTTP requests squid forwards 'yes' or 'no'. SQUID_CACHE_PEER_N='0' Additional cache_peer specifications. Number of additional specifications. SQUID_CACHE_PEER_# Additional cache_peer specification #. - added the following lines to /etc/squid.conf # FTP acl FTP_port port 21 # FTP # FTP http_access allow CONNECT FTP_port CONNECT http_access allow CONNECT Safe_ports # FTP This allows FTP Clients to work through a HTTP Proxy - Connection Tunnel. (Thanks to Stefan Heidrich for his proposal and his skilled help.) - added the following lines to /etc/squid.conf # snmp acl snmppublic snmp_community public snmp_port 3401 snmp_access allow snmppublic all # snmp Squid delivers status and statistic information via SNMP. You could use tools like mrtg http://mrtg.hdl.com/mrtg.html or other snmp applications to work with Squid. (Thanks to Hartmut Broich for his proposal and help.) If you want to disable snmp, please comment out the three lines between # snmp and # snmp. - modifications for squidGuard ---------------------------- - added the following option to /etc/config.d/squid SQUID_GUARD_HTTP_PORT='80' Port to be used by all internal HTTP connections e.g. squidGuard messages, squidGuard images SQUID_GUARD_BUILD_DB='yes' Convert domainlists and urllists to prebuilt databases 'yes' od 'no'. Prebuilt databases will speed up the start of squidGuard. SQUID_GUARD_TR_LOG='no' Log translations to logfiles 'yes' or 'no'. If set to 'yes' translation (blocks) for all classes will be logged. There will be a special logfile for every class (e.g. for class drugs /usr/local/squidGuard/log/tr_drugs.log). This logfiles will be truncated when squidGuard is started. 0.92.1 -> 1.0.0 --------------- - corrected bug in /etc/init.d/squid in function wait_for_termination - directory /usr/local/squidGuard/db/blacklists/individual will be created when installing squid empty files domains, urls and expressions will be created if they do not exist - if directory /usr/local/squidGuard/db/blacklists/individual contains a nonempty file domains, urls or expressions the file will not be removed when deinstalling squid - /usr/share/doc/squid/squid.txt now contains a documentation how to add elements to the blacklist class individual 0.92.0 -> 0.92.1 ---------------- - global modifications -------------------- - new squid release version 2.5 stable 2 - added document /usr/share/doc/squid/squid.8 - Configuration file /etc/config.d/squid will be saved when installing a new version of the squid package. The "old" configuration parameters will be retained unchanged and are transferred into the "new" configuration. - Configuration file /etc/config.d/squid will not be removed when uninstalling the squid package. If you wish to remove the file, please do it by yourself. - added a proxy autoconfiguration file called squid.pac (see SQUID_GEN_PACFILE). - added squidGuard to the package squidGuard is a redirector and access controller. See http://www.squidguard.org/ for a description about the posibilities and the limititations of squidGuard. (see SQUID_INSTALL_SQUIDGUARD and the following SQUID_GUARD_xxxxx options) - added the following option to /etc/config.d/squid SQUID_ACL_HOME_SRC='' Setting for 'acl home src'. This src acl specifies network addresses or a number of client IP addresses that are allowed to use the squid proxy. If SQUID_ACL_HOME_SRC is empty only clients in the network specified by SQUID_IP_ETH_N are allowed to use the proxy. Example: 192.168.1.0/255.255.255.0 192.168.2.0/255.255.255.0 allows clients from the networks 192.168.1.0 and 192.168.2.0. See /etc/squid.conf for a detailed description of src acl. SQUID_MAX_OBJECT_SIZE=4096 squid maximum object size Objects larger than this size will NOT be saved on disk. Value is specified in kilobytes. SQUID_GEN_PACFILE='no' Generate a .pac file named squid.pac 'yes' or 'no'. If set to 'yes' the file will be generated. If set to 'no' an existing file will not be touched. The file will be placed in directory /var/www/htdocs. You could first generate the file, then change SQUID_GEN_PACFILE to 'no' and finetune the file. Probably you will have to add the line application/x-ns-proxy-autoconfig pac to /usr/local/apache/conf/mime.types to make use of the .pac file. You will have to configure the use of the .pac file in your webbrowser. SQUID_INSTALL_SQUIDGUARD='no' Install squidGuard 'yes' or 'no'. SQUID_GUARD_REDIRECT_CHILDREN=4 Number of redirect_children. See: TAG: redirect_children in squid.conf. SQUID_GUARD_CLASS='all' Target classes squidGuard will block. Default 'all' blocks the following classes: ads aggressive audio-video drugs gambling hacking mail porn proxy violence warez. Class individual can be used for a user defined configuration. Set SQUID_GUARD_CLASS to 'drugs porn' if you only want to block classes 'drugs' and 'porn'. SQUID_GUARD_SPECS='all' Target specifications squidGurad will block. Default 'all' will use the following specifications: domains urls expressions. Set SQUID_GUARD_SPECS to 'domains' if you only want to use the domains files. SQUID_GUARD_AUTOCONFIG='yes' If you set SQUID_GUARD_AUTOCONFIG to 'yes' a default configuration for squidGuard will be generated. See /usr/local/squidGuard/squidGuard.conf. If you want to modify the configuration after generation change this setting to 'no'. Please change this option only if you know what you are doing. SQUID_GUARD_CGIAUTOCONFIG='yes' If you set SQUID_GUARD_CGIAUTOCONFIG to 'yes' a default configuration for the redirect statement used in squidGuard.conf will be generated. If you want to modify the configuration after generation change this setting to 'no'. Please change this option only if you know what you are doing. 0.91.0 -> 0.92.0 ---------------- - modified /var/install/config.d/squid.sh to verify in case of smb proxy authentication that samba is configured as primary domain controller added creation of /netlogon/proxyauth optimized sed oparations code was rewritten using functions - modified /var/install/packages/squid translation to english and other modifications - modified /var/install/deinstall/squid added removal of the optional created files /etc/logrotate.d/squid /netlogon/proxyauth - added to /etc/config.squid SQUID_CACHE_MGR Email-address of local cache manager Default is webmaster SQUID_CACHEMGR_PASSWD Cache manager's password. You will need this to access cachemgr.cgi. The password disable will disable access. SQUID_CACHE_PEER Specify other caches in a hierarchy. See /etc/squid.conf for a detailed description of cache_peer. SQUID_INSTALL_CHPASSWD 'yes' or 'no' Install chpasswd.cgi to allow password changing when using ncsa proxy authentication. SQUID_INSTALL_CACHEMGR 'yes' or 'no' Install cachemgr.cgi. When using cachemgr.cgi you will have to replace the default localhost at "Cache Host" with the name of your server. "Manager name" is the name part of the email-address of you local cache manager. "Password" is cache manager's password. - added some files to /var/install/deinstall/squid - revoked read access to /etc/config.d/squid from others - revoked read access to /etc/squid.conf from others 0.90.0 -> 0.91.0 ---------------- - new squid release version 2.5 stable 1 - added visible_hostname to /etc/squid.conf - modified /var/install/config.d/squid.sh to set the right hostname and to set coredump_dir - modified /var/install/deinstall/squid bourne shell compatibility procedure remove_empty_dir corrected - modified /etc/config.d/squid renamed SQUID_START to START_SQUID - modified /var/install/config.d/squid.sh to reflect the above modification - modified /etc/init.d/squid to reflect the above modification corrected an additional error - modified /etc/config.d/squid new variable SQUID_IP_ETH_N use n'th ethernet card configured in /etc/config.d/base - modified /var/install/config.d/squid.sh to reflect the above modification - added logfile_rotate 0 to /etc/squid.conf to allow third-party logfile management to run squid with squid -k rotate - added SQUID_LOG_ROTATE and SQUID_MAX_LOGSIZE to /etc/config.d/squid SQUID_LOG_ROTATE='yes' rotate access log and cache log using logrotate SQUID_LOG_ROTATE='no' do not rotate the log files SQUID_MAX_LOGSIZE Log files are rotated when they grow bigger then SQUID_MAX_LOGSIZE bytes possible values xxx, xxxk or xxxM xxx size in bytes xxxk size in kilobytes xxxM size in megabytes - modified /var/install/config.d/squid.sh to reflect the above modification - added function rotate to /etc/init.d/squid - added proxy authentication to the squid package the following base schemes are supported ncsa_auth pam_auth smb_auth (untested) modified /etc/config.d/squid and /var/install/config.d/squid.sh SQUID_AUTH yes or no SQUID_SCHEME values ncsa | pam | smb SQUID_AUTH_PFILE location of pasword file (only ncsa) - modified /var/install/deinstall/squid added remove-menu 0.10.2 -> 0.90.0 ---------------- - added /usr/share/doc/squid/changes.txt (this file) - added comments to all files in /var/install/bin - renamed /var/install/config.d/squid to /var/install/config.d/squid.sh - removed SQUID_ADRESS and SQUID_ALLOW_IPS from /etc/config.d/squid values are taken from /etc/config.d/base (IP_ETH_1_IPADDR,IP_ETH_1_NETWORK,IP_ETH_1_NETMASK) - added SQUID_START to /etc/config.d/squid SQUID_START='yes' squid will be startet at boot SQUID_START='no' squid will not be startet at boot - modified /etc/config.d/squid changed a lot of comments - modified /var/install/config.d/squid.sh to reflect the changes in /etc/config.d/squid - modified /tmp/install.sh to reflect the changes in /etc/config.d/squid - modified /usr/share/doc/squid/squid.txt to reflect the changes in /etc/config.d/squid - added /tmp/preinstall.sh stop squid before new installation remove some redundant file from version 0.10.2 - changed ./package/usr/share/doc/changes.txt to avoid double restart - modified /etc/init.d/squid changes some comments now squid is invoked with option -D to avoid DNS tests for netscape.com internic.net nlanr.net and microsoft.com reload part modified (sleep 2 included) - added "show squid documentation" to SQUID Proxy Menu /var/install/bin/squid-show-documentation - added file /var/install/deinstall/squid the squid deinstall skript