999,13 → 999,16 |
echo "cache_mem 256 MB" >> /etc/squid/squid.conf |
echo "maximum_object_size_in_memory 4096 KB" >> /etc/squid/squid.conf |
echo "maximum_object_size 4096 KB" >> /etc/squid/squid.conf |
# anonymisation de la version de squid |
# anonymisation of squid version |
echo "via off" >> /etc/squid/squid.conf |
# suppression de la primitive http 'X_forwarded' |
# remove the 'X_forwarded' http option |
echo "forwarded_for delete" >> /etc/squid/squid.conf |
# pour éviter les message d'erreur lors des changement d'état des interfaces réseaux |
# linked squid output in HAVP input |
echo "cache_peer 127.0.0.1 parent 8090 0 no-query default" >> /etc/squid/squid.conf |
echo "never_direct allow all" >> /etc/squid/squid.conf |
# avoid error messages on network interfaces state changes |
$SED "s?^SQUID_AUTO_RELOAD.*?SQUID_AUTO_RELOAD=no?g" /etc/sysconfig/squid |
# Initialisation du cache de Squid |
# Squid cache init |
/usr/sbin/squid -z |
} # End of param_squid () |
|
1024,8 → 1027,8 |
$SED "s?^language =.*?language = french?g" $DIR_DG/dansguardian.conf |
# on limite l'écoute de Dansguardian côté LAN |
$SED "s?^filterip.*?filterip = $PRIVATE_IP?g" $DIR_DG/dansguardian.conf |
# on chaîne Dansguardian au proxy antivirus HAVP |
$SED "s?^proxyport.*?proxyport = 8090?g" $DIR_DG/dansguardian.conf |
# on chaîne Dansguardian au proxy cache SQUID |
$SED "s?^proxyport.*?proxyport = 3128?g" $DIR_DG/dansguardian.conf |
# on remplace la page d'interception (template) |
cp -f $DIR_CONF/template.html /usr/share/dansguardian/languages/ukenglish/ |
cp -f $DIR_CONF/template-fr.html /usr/share/dansguardian/languages/french/template.html |
1077,13 → 1080,13 |
# configuration d'HAVP |
[ -e /etc/havp/havp.config.default ] || cp /etc/havp/havp.config /etc/havp/havp.config.default |
$SED "/^REMOVETHISLINE/d" /etc/havp/havp.config |
$SED "s?^# PARENTPROXY.*?PARENTPROXY 127.0.0.1?g" /etc/havp/havp.config # datas come from DG |
$SED "s?^# PARENTPORT.*?PARENTPORT 3128?g" /etc/havp/havp.config # datas are send to squid (3128) |
$SED "s?^# PORT.*?PORT 8090?g" /etc/havp/havp.config # datas come on 8090 |
$SED "s?^# BIND_ADDRESS.*?BIND_ADDRESS 127.0.0.1?g" /etc/havp/havp.config # we listen only on loopback |
$SED "s?^ENABLECLAMLIB.*?ENABLECLAMLIB true?g" /etc/havp/havp.config # active libclamav AV |
$SED "s?^# LOG_OKS.*?LOG_OKS false?g" /etc/havp/havp.config # log only when malware matches |
$SED "s?^# SERVERNUMBER.*?SERVERNUMBER 10?g" /etc/havp/havp.config # 10 daemons are started simultaneously |
$SED "s?^# SCANIMAGES.*?SCANIMAGES false?g" /etc/havp/havp.config # doesn't scan image files |
$SED "s?^# SKIPMIME.*?SKIPMIME image\/\* video\/\* audio\/\*?g" /etc/havp/havp.config # doesn't scan some multimedia files |
# remplacement du fichier d'initialisation |
[ -e /etc/init.d/havp.default ] || cp /etc/init.d/havp /etc/init.d/havp.default |
cp -f $DIR_CONF/havp-init /etc/init.d/havp |