proxy server

Andrew P. infofarmer at
Thu Oct 13 09:39:41 PDT 2005

On 10/13/05, Dave <dmehler26 at> wrote:
> Hi,
> I've been checking out this thread on squid. I've got squid right now doing
> transparent proxying with pf and that is working reat! But i'd like to
> extend it to do what your doing:
> ftp-proxying, currently i use ftp-proxy out of inetd and only passive client
> connections from behind the nat work, active doesn't
> addblocking, i'll take your suggestion and use adzap
> and i'd like to use dansguardian for content filtering, but it requires
> apache on the gateway box i don't know if i like that, is there a way around
> that dependency?
>     Do you have a howto or notes for setting all this up?
> Thanks.
> Dave.

Not really. In fact it wasn't me who set this all up,
I just happen to manage it all now. You'll have
to read through all squid faqs to make it shine.

Adzap doesn't require anything at all (except for
perl, of course), but it doesn't harm if you have
a local webserver to serve some static content.
thttpd is the right solution for this, but Apache
won't hurt even on a very loaded production

You'll also want to process squid logs. If you
have a spare box - that's fine, you can do it
all there. But we've found it quite comfortable
to do all processing on the proxy itself,
in the night. We use calamaris and sarg
(and it helps to have apache on the proxy,
to the results), and we're looking at other
analyzers, too.

I don't remember any major problem with
our proxy (except for some failing hardware),
there's nothing tricky in setting it up and
maintaining it. If you'll have a specific
issue, I'll be very glad to try and help you out.

Andrew P.

More information about the freebsd-questions mailing list