Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Web Proxy Filtering and Caching
(Moderator:
fabian
) »
Squid, lightsquid and logrotate
« previous
next »
Print
Pages: [
1
]
Author
Topic: Squid, lightsquid and logrotate (Read 10695 times)
myksto
Full Member
Posts: 106
Karma: 6
Squid, lightsquid and logrotate
«
on:
December 20, 2017, 12:05:01 pm »
Hi,
I installed lightsquid via command line and everything's ok.
I even succeded in protecting lighteghtsquid reports with a user and a password.
I'm trying to understand how OPNSense manage log files but it's too hard for me.
I know that squid logrotation is off because in squid.conf I find these rows:
"#
Disable squid logfile rotate to use system defaults
logfile_rotate 0
"
What are "
system defaults
" and how can be managed?
Some older posts in other forums people talk about the fact than lightsquid manages logrotation but I found no rotation command in crontab.
"
root@OPNsense:/usr/local/www/lightsquid/report # crontab -l
SHELL=/bin/sh
PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
#minute hour mday month wday command
1 * * * * (/usr/local/sbin/expiretable -v -t 3600 webConfiguratorlockout) > /dev/null
2 * * * * (/usr/local/sbin/expiretable -v -t 3600 sshlockout) > /dev/null
3 * * * * (/usr/local/sbin/expiretable -v -t 3600 virusprot) > /dev/null
5 * * * * (/usr/local/etc/rc.expireaccounts) > /dev/null
1 1 * * * (/usr/local/etc/rc.update_alias_url_data) > /dev/null
6 1 * * * (/usr/local/etc/rc.update_urltables) > /dev/null
*/4 * * * * (/usr/local/sbin/ping_hosts.sh) > /dev/null
1 3 1 * * (/usr/local/etc/rc.update_bogons cron) > /dev/null
"
I would like to keep squid logs for future "investigations" but all logs are deleted after 10 days and lightsquid reports too.
Is there a way to tell "system defaults" how to differently manage logs?
Best regards, Michele.
Logged
franco
Administrator
Hero Member
Posts: 17659
Karma: 1611
Re: Squid, lightsquid and logrotate
«
Reply #1 on:
December 20, 2017, 05:07:27 pm »
Squid log rotation is managed by newsyslog:
https://github.com/opnsense/core/blob/master/src/opnsense/service/templates/OPNsense/Proxy/newsyslog.conf
The config file written is under /etc/newsyslog.conf.d/squid
You can override these templates and make them persist through firmware update, but for now I'm leaving it at that
Maybe all you need is a similar file for lightsquid.
Cheers,
Franco
Logged
myksto
Full Member
Posts: 106
Karma: 6
Re: Squid, lightsquid and logrotate
«
Reply #2 on:
December 22, 2017, 03:59:19 pm »
Hi Franco and thanks for your explanation.
Unfortunately there's a few stuff on lightsquid on the web. Maybe bacause it's not more developed since 2009.
I'm now trying Sarg I used some year ago. Last version was developed in 2015 (not new but newer than lightsquid). It was a bit hard to make it work but I finally succeded in.
Cheers.
Logged
franco
Administrator
Hero Member
Posts: 17659
Karma: 1611
Re: Squid, lightsquid and logrotate
«
Reply #3 on:
December 24, 2017, 02:55:17 pm »
Yay, glad to hear. If you feel like sharing your integration steps maybe somebody will step in and add a plugin at some point in time. Only a thought.
Cheers,
Franco
Logged
myksto
Full Member
Posts: 106
Karma: 6
Re: Squid, lightsquid and logrotate
«
Reply #4 on:
January 16, 2018, 11:40:42 am »
Hi Franco and sorry for the late.
I'm still testing Sarg but in few days I hope I'll post a step by step integration process of the software inside OPNSense.
Cheers, Michele.
Logged
franco
Administrator
Hero Member
Posts: 17659
Karma: 1611
Re: Squid, lightsquid and logrotate
«
Reply #5 on:
January 17, 2018, 10:11:53 pm »
Hi Michele,
Thanks for the update. There is no need to rush... it's been kind of busy lately getting ready for 18.1 and all.
Cheers,
Franco
Logged
urfin73
Newbie
Posts: 12
Karma: 0
Re: Squid, lightsquid and logrotate
«
Reply #6 on:
August 17, 2018, 01:59:55 pm »
Quote from: myksto on January 16, 2018, 11:40:42 am
... I'll post a step by step integration process of the software inside OPNSense...
Hi Michele,
You have everything worked out? Can describe the process?
Andrew
Logged
myksto
Full Member
Posts: 106
Karma: 6
Re: Squid, lightsquid and logrotate
«
Reply #7 on:
August 28, 2018, 09:26:58 am »
Hello and sorry for the lat
I installed Sarg in one of my installation of OPNSense.
A did a "step by step" guide and I have it in my office's server, I'm out now.
If you like I can post it as soon as I'll reach my office.
Cheers,
Michele.
Logged
urfin73
Newbie
Posts: 12
Karma: 0
Re: Squid, lightsquid and logrotate
«
Reply #8 on:
August 28, 2018, 10:52:04 am »
Hello!
I also set the sarg to the Opnsense server. But did not integrate into it.
The configuration is done by changing the /usr/local/etc/sarg.conf file
Made changes for authorization in the file /usr/local/etc/inc/plugins.inc.d/webgui.inc
1. Added "mod_auth" to the server.modules
2. Added the line $lighty_config = "include \"/usr/local/etc/lighttpd/conf.d/auth.conf\"\n"
3. Specified the authorization parameters in the file /usr/local/etc/lighttpd/conf.d/auth.conf
~~~~~~
auth.backend = "plain"
auth.backend.plain.userfile = "/usr/local/etc/lighttpd/lighttpd.user"
auth.require = ( "/squid-reports/" =>
(
"method" => "basic",
"realm" => "Sarg Authentication",
"require" => "user=browser"
),
)
~~~~~~~~
If you can, write down your steps.
Logged
myksto
Full Member
Posts: 106
Karma: 6
Re: Squid, lightsquid and logrotate
«
Reply #9 on:
August 28, 2018, 04:47:06 pm »
I posted my "step by step" guide in this thread:
https://forum.opnsense.org/index.php?topic=9510.0
Hope it helps.
Cheers,
Michele.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Web Proxy Filtering and Caching
(Moderator:
fabian
) »
Squid, lightsquid and logrotate