Squid, lightsquid and logrotate

Started by myksto, December 20, 2017, 12:05:01 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 20, 2017, 12:05:01 PM
Hi,
I installed lightsquid via command line and everything's ok.
I even succeded in protecting lighteghtsquid reports with a user and a password.
I'm trying to understand how OPNSense manage log files but it's too hard for me.
I know that squid logrotation is off because in squid.conf I find these rows:

"# Disable squid logfile rotate to use system defaults
logfile_rotate 0"

What are "system defaults" and how can be managed?
Some older posts in other forums people talk about the fact than lightsquid manages logrotation but I found no rotation command in crontab.

"root@OPNsense:/usr/local/www/lightsquid/report # crontab -l
SHELL=/bin/sh
PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
#minute hour    mday    month   wday    command
1       *       *       *       *       (/usr/local/sbin/expiretable -v -t 3600 webConfiguratorlockout) > /dev/null
2       *       *       *       *       (/usr/local/sbin/expiretable -v -t 3600 sshlockout) > /dev/null
3       *       *       *       *       (/usr/local/sbin/expiretable -v -t 3600 virusprot) > /dev/null
5       *       *       *       *       (/usr/local/etc/rc.expireaccounts) > /dev/null
1       1       *       *       *       (/usr/local/etc/rc.update_alias_url_data) > /dev/null
6       1       *       *       *       (/usr/local/etc/rc.update_urltables) > /dev/null
*/4     *       *       *       *       (/usr/local/sbin/ping_hosts.sh) > /dev/null
1       3       1       *       *       (/usr/local/etc/rc.update_bogons cron) > /dev/null "

I would like to keep squid logs for future "investigations" but all logs are deleted after 10 days and lightsquid reports too.
Is there a way to tell "system defaults" how to differently manage logs?

Best regards, Michele.
December 20, 2017, 05:07:27 PM #1
Squid log rotation is managed by newsyslog:

https://github.com/opnsense/core/blob/master/src/opnsense/service/templates/OPNsense/Proxy/newsyslog.conf

The config file written is under /etc/newsyslog.conf.d/squid

You can override these templates and make them persist through firmware update, but for now I'm leaving it at that :)

Maybe all you need is a similar file for lightsquid.


Cheers,
Franco
December 22, 2017, 03:59:19 PM #2
Hi Franco and thanks for your explanation.
Unfortunately there's a few stuff on lightsquid on the web. Maybe bacause it's not more developed since 2009.
I'm now trying Sarg I used some year ago. Last version was developed in 2015 (not new but newer than lightsquid). It was a bit hard to make it work but I finally succeded in.

Cheers.
December 24, 2017, 02:55:17 PM #3
Yay, glad to hear. If you feel like sharing your integration steps maybe somebody will step in and add a plugin at some point in time. Only a thought. :)


Cheers,
Franco
January 16, 2018, 11:40:42 AM #4
Hi Franco and sorry for the late.
I'm still testing Sarg but in few days I hope I'll post a step by step integration process of the software inside OPNSense.

Cheers, Michele.
January 17, 2018, 10:11:53 PM #5
Hi Michele,

Thanks for the update. There is no need to rush... it's been kind of busy lately getting ready for 18.1 and all. :)


Cheers,
Franco
August 17, 2018, 01:59:55 PM #6
Quote from: myksto on January 16, 2018, 11:40:42 AM
... I'll post a step by step integration process of the software inside OPNSense...
Hi Michele,
You have everything worked out? Can describe the process?

Andrew
August 28, 2018, 09:26:58 AM #7
Hello and sorry for the lat
I installed Sarg in one of my installation of OPNSense.
A did a "step by step" guide and I have it in my office's server, I'm out now.
If you like I can post it as soon as I'll reach my office.

Cheers,

Michele.
August 28, 2018, 10:52:04 AM #8
Hello!
I also set the sarg to the Opnsense server. But did not integrate into it.
The configuration is done by changing the /usr/local/etc/sarg.conf file
Made changes for authorization in the file /usr/local/etc/inc/plugins.inc.d/webgui.inc
1. Added "mod_auth" to the server.modules
2. Added the line $lighty_config = "include \"/usr/local/etc/lighttpd/conf.d/auth.conf\"\n"
3. Specified the authorization parameters in the file /usr/local/etc/lighttpd/conf.d/auth.conf
~~~~~~
auth.backend                 = "plain"
auth.backend.plain.userfile  = "/usr/local/etc/lighttpd/lighttpd.user"

auth.require               = ( "/squid-reports/" =>
                               (
                                 "method"  => "basic",
                                 "realm"   => "Sarg Authentication",
                                 "require" => "user=browser"
                               ),
                             )
~~~~~~~~
If you can, write down your steps.
August 28, 2018, 04:47:06 PM #9
I posted my "step by step" guide in this thread:
https://forum.opnsense.org/index.php?topic=9510.0

Hope it helps.

Cheers,

Michele.
Print
Go Up Pages1
User actions