OPNsense Forum
English Forums => Web Proxy Filtering and Caching => Topic started by: myksto on December 20, 2017, 12:05:01 pm
-
Hi,
I installed lightsquid via command line and everything's ok.
I even succeded in protecting lighteghtsquid reports with a user and a password.
I'm trying to understand how OPNSense manage log files but it's too hard for me.
I know that squid logrotation is off because in squid.conf I find these rows:
"# Disable squid logfile rotate to use system defaults
logfile_rotate 0"
What are "system defaults" and how can be managed?
Some older posts in other forums people talk about the fact than lightsquid manages logrotation but I found no rotation command in crontab.
"root@OPNsense:/usr/local/www/lightsquid/report # crontab -l
SHELL=/bin/sh
PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
#minute hour mday month wday command
1 * * * * (/usr/local/sbin/expiretable -v -t 3600 webConfiguratorlockout) > /dev/null
2 * * * * (/usr/local/sbin/expiretable -v -t 3600 sshlockout) > /dev/null
3 * * * * (/usr/local/sbin/expiretable -v -t 3600 virusprot) > /dev/null
5 * * * * (/usr/local/etc/rc.expireaccounts) > /dev/null
1 1 * * * (/usr/local/etc/rc.update_alias_url_data) > /dev/null
6 1 * * * (/usr/local/etc/rc.update_urltables) > /dev/null
*/4 * * * * (/usr/local/sbin/ping_hosts.sh) > /dev/null
1 3 1 * * (/usr/local/etc/rc.update_bogons cron) > /dev/null "
I would like to keep squid logs for future "investigations" but all logs are deleted after 10 days and lightsquid reports too.
Is there a way to tell "system defaults" how to differently manage logs?
Best regards, Michele.
-
Squid log rotation is managed by newsyslog:
https://github.com/opnsense/core/blob/master/src/opnsense/service/templates/OPNsense/Proxy/newsyslog.conf
The config file written is under /etc/newsyslog.conf.d/squid
You can override these templates and make them persist through firmware update, but for now I'm leaving it at that :)
Maybe all you need is a similar file for lightsquid.
Cheers,
Franco
-
Hi Franco and thanks for your explanation.
Unfortunately there's a few stuff on lightsquid on the web. Maybe bacause it's not more developed since 2009.
I'm now trying Sarg I used some year ago. Last version was developed in 2015 (not new but newer than lightsquid). It was a bit hard to make it work but I finally succeded in.
Cheers.
-
Yay, glad to hear. If you feel like sharing your integration steps maybe somebody will step in and add a plugin at some point in time. Only a thought. :)
Cheers,
Franco
-
Hi Franco and sorry for the late.
I'm still testing Sarg but in few days I hope I'll post a step by step integration process of the software inside OPNSense.
Cheers, Michele.
-
Hi Michele,
Thanks for the update. There is no need to rush... it's been kind of busy lately getting ready for 18.1 and all. :)
Cheers,
Franco
-
... I'll post a step by step integration process of the software inside OPNSense...
Hi Michele,
You have everything worked out? Can describe the process?
Andrew
-
Hello and sorry for the lat
I installed Sarg in one of my installation of OPNSense.
A did a "step by step" guide and I have it in my office's server, I'm out now.
If you like I can post it as soon as I'll reach my office.
Cheers,
Michele.
-
Hello!
I also set the sarg to the Opnsense server. But did not integrate into it.
The configuration is done by changing the /usr/local/etc/sarg.conf file
Made changes for authorization in the file /usr/local/etc/inc/plugins.inc.d/webgui.inc
1. Added "mod_auth" to the server.modules
2. Added the line $lighty_config = "include \"/usr/local/etc/lighttpd/conf.d/auth.conf\"\n"
3. Specified the authorization parameters in the file /usr/local/etc/lighttpd/conf.d/auth.conf
~~~~~~
auth.backend = "plain"
auth.backend.plain.userfile = "/usr/local/etc/lighttpd/lighttpd.user"
auth.require = ( "/squid-reports/" =>
(
"method" => "basic",
"realm" => "Sarg Authentication",
"require" => "user=browser"
),
)
~~~~~~~~
If you can, write down your steps.
-
I posted my "step by step" guide in this thread:
https://forum.opnsense.org/index.php?topic=9510.0
Hope it helps.
Cheers,
Michele.