Forums

mARCOS
mARCOS
Offline
Resolved
0 votes
blocking and filtering https sites like facebook youtube hotmail etc, with or without transparent proxy using diladele web safety (http://www.diladele.com/) , filter the search results of google and other search engines, blocking the safe search

bloquear y filtrar sitios https como facebook youtube hotmail etc, con o sin proxy transparente, usando diladele web safety, filtrar las busquedas de google y otros buscadores, bloqueando la busqueda segura

first, we assume that we have installed ClearOS in gateway mode x64
lo primero, asumimos que tenemos instalado clearOs x64 en modo gateway
This site http://sichent.wordpress.com/2014/04/10/transparent-ssl-https-filtering-on-centos/ explains how to do it in centos 6, adapt it a bit to realize it on ClearOS
En este sitio http://sichent.wordpress.com/2014/04/10/transparent-ssl-https-filtering-on-centos/ se explica como realizarlo en centos 6, lo adapte un poco para realizarlo en clearOs

if you already have installed on the webproxy and ClearOS content filter, we have to uninstall
si ya tenemos instalado en el clearOs el webproxy y el content filter, tenemos que desinstalarlo

yum remove squid
https://www.dropbox.com/s/ided3uj3xeec2br/01%20remove%20squid.jpeg?dl=0



1-) yum update
2-) yum install python-setuptools python-ldap
3-) easy_install django==1.5
4-) easy_install argparse
5-) yum install httpd php mod_wsgi
6-) chkconfig httpd on
7-) echo "WSGISocketPrefix /var/run/wsgi" >> /etc/httpd/conf.d/wsgi.conf
8-) service httpd restart
9-) wget http://updates.diladele.com/qlproxy/binaries/3.4.0.9307/amd64/release/centos6/qlproxy-3.4.0-9307.x86_64.rpm
10-) yum --nogpgcheck localinstall qlproxy-3.3.0-E807.x86_64.rpm
11-) service httpd restart

at this point you can review the safety web diladele installed correctly
http: // ClearOs_IP

en este punto pueden revisar que el diladele web safety esta instalado correctamente
https://www.dropbox.com/s/tk92z46ohpu0pza/vista%20previa%20diladele.jpeg?dl=0

Now we are positioned in the / home and we download items needed to install squid, and are as follows

ahora nos posicionamos en la carpeta /home y descargamos los elementos necesarios para instalar squid, y son los siguientes
12-) cd /home
13-) wget ftp://ftp.pbone.net/mirror/ftp5.gwdg.de/pub/opensuse/repositories/devel:/languages:/perl/CentOS_5/x86_64/perl-Crypt-OpenSSL-X509-1.800.2-1.2.x86_64.rpm
14-) wget https://www.dropbox.com/s/iqqdxe89lc75cmn/squid.tar.gz
15-) wget https://www.dropbox.com/s/8luhj2b6fxq627y/script.tar.gz
16-) tar -xvzf squid.tar.gz
17-) tar -xvzf script.tar.gz
18-) sh 04_tools.sh
19-) sh 06_install.sh
20-) cp squid.conf /etc/squid/squid.conf
scripts are for centos so here throwing some errors packages or packages not found, those errors are normal for the installation in ClearOS and do not affect the result
los scripts son para centos asique lanzan algunos errores de paquetes, o paquetes no encontrados, esos errores son normales para la instalacion en clearOs y no afectan al resultado
now restart squid service
service squid restart

if we want transparent proxy, add the following to the custom firewall rules
si queremos que sea proxy transparente, añadimos las siguientes reglas al custom firewall
iptables -A INPUT -i eth0 -p tcp --dport 3126 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 3127 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 3128 -j ACCEPT
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3126
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 3127

https://www.dropbox.com/s/frow7pbwhzsw8x2/custom%20firewall.jpeg

Now you need to download and install the certificates on the clients and customize the filter

ahora hay que descargar los certificados e instalarlos en los clientes, y personalizar el filtro

https://www.dropbox.com/s/u5albwjsdkud8qk/vista%20previa%20diladele%202.jpeg?dl=0
if you want I can prepare squid for ClearOS x86
si quieren puedo preparar el squid para clearOs x86
Please let me know if it worked for you
por favor dejame saber si funcionó para vos
Wednesday, September 24 2014, 05:33 PM
Share this post:
Responses (4)
  • Accepted Answer

    mARCOS
    mARCOS
    Offline
    Thursday, October 02 2014, 12:39 PM - #Permalink
    Resolved
    0 votes
    The reply is currently minimized Show
  • Accepted Answer

    Jose Luis
    Jose Luis
    Offline
    Friday, December 19 2014, 12:41 AM - #Permalink
    Resolved
    0 votes
    Dear Friend

    Please I need your help, I have installed ClearOS 6.5
      I'm installing as you indicate but I get the following problem in installing

      yum install python-setuptools python-ldap

    No package python-setuptools available.
    No package python-ldap available.


    yum install httpd php mod_wsgi

    Mod_wsgi package not available

    Thank you very much in advance
    ....................................................................
    Estimado Amigo

    Por favor necesito tu ayuda, tengo instalado ClearOS 6.5
    estoy instalando como indicas pero me sale en siguiente problema la instalar.

    yum install python-setuptools python-ldap

    No package python-setuptools available.
    No package python-ldap available.


    yum install httpd php mod_wsgi

    No package mod_wsgi available

    Muchas Gracias de antemano
    The reply is currently minimized Show
  • Accepted Answer

    mARCOS
    mARCOS
    Offline
    Friday, December 19 2014, 10:57 AM - #Permalink
    Resolved
    0 votes
    Seguramente tiene que ver con los repositorios que tenes instalado, fijate en los mios
    https://www.dropbox.com/s/gkv39nzsqpc364r/software%20repository2.png
    https://www.dropbox.com/s/2xcg7rbm9sh1f47/list.png
    The reply is currently minimized Show
  • Accepted Answer

    Friday, December 19 2014, 08:08 PM - #Permalink
    Resolved
    0 votes
    yum install python-setuptools python-ldap --enablerepo=clearos-core

    mod_wsgi is only available in clearos-test for the moment so use it at your risk.
    The reply is currently minimized Show
Your Reply