Squid, lightsquid and logrotate

[myksto]

Hi,
I installed lightsquid via command line and everything's ok.
I even succeded in protecting lighteghtsquid reports with a user and a password.
I'm trying to understand how OPNSense manage log files but it's too hard for me.
I know that squid logrotation is off because in squid.conf I find these rows:

"# Disable squid logfile rotate to use system defaults
logfile_rotate 0"

What are "system defaults" and how can be managed?
Some older posts in other forums people talk about the fact than lightsquid manages logrotation but I found no rotation command in crontab.

"root@OPNsense:/usr/local/www/lightsquid/report # crontab -l
SHELL=/bin/sh
PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
#minute hour    mday    month   wday    command
1       *       *       *       *       (/usr/local/sbin/expiretable -v -t 3600 webConfiguratorlockout) > /dev/null
2       *       *       *       *       (/usr/local/sbin/expiretable -v -t 3600 sshlockout) > /dev/null
3       *       *       *       *       (/usr/local/sbin/expiretable -v -t 3600 virusprot) > /dev/null
5       *       *       *       *       (/usr/local/etc/rc.expireaccounts) > /dev/null
1       1       *       *       *       (/usr/local/etc/rc.update_alias_url_data) > /dev/null
6       1       *       *       *       (/usr/local/etc/rc.update_urltables) > /dev/null
*/4     *       *       *       *       (/usr/local/sbin/ping_hosts.sh) > /dev/null
1       3       1       *       *       (/usr/local/etc/rc.update_bogons cron) > /dev/null "

I would like to keep squid logs for future "investigations" but all logs are deleted after 10 days and lightsquid reports too.
Is there a way to tell "system defaults" how to differently manage logs?

Best regards, Michele.

[franco]

Squid log rotation is managed by newsyslog:

https://github.com/opnsense/core/blob/master/src/opnsense/service/templates/OPNsense/Proxy/newsyslog.conf

The config file written is under /etc/newsyslog.conf.d/squid

You can override these templates and make them persist through firmware update, but for now I'm leaving it at that

Maybe all you need is a similar file for lightsquid.


Cheers,
Franco

[myksto]

Hi Franco and thanks for your explanation.
Unfortunately there's a few stuff on lightsquid on the web. Maybe bacause it's not more developed since 2009.
I'm now trying Sarg I used some year ago. Last version was developed in 2015 (not new but newer than lightsquid). It was a bit hard to make it work but I finally succeded in.

Cheers.

[franco]

Yay, glad to hear. If you feel like sharing your integration steps maybe somebody will step in and add a plugin at some point in time. Only a thought.


Cheers,
Franco

[myksto]

Hi Franco and sorry for the late.
I'm still testing Sarg but in few days I hope I'll post a step by step integration process of the software inside OPNSense.

Cheers, Michele.

[franco]

Hi Michele,

Thanks for the update. There is no need to rush... it's been kind of busy lately getting ready for 18.1 and all.


Cheers,
Franco

[urfin73]

... I'll post a step by step integration process of the software inside OPNSense...

Hi Michele,
You have everything worked out? Can describe the process?

Andrew

[myksto]

Hello and sorry for the lat
I installed Sarg in one of my installation of OPNSense.
A did a "step by step" guide and I have it in my office's server, I'm out now.
If you like I can post it as soon as I'll reach my office.

Cheers,

Michele.

[urfin73]

Hello!
I also set the sarg to the Opnsense server. But did not integrate into it.
The configuration is done by changing the /usr/local/etc/sarg.conf file
Made changes for authorization in the file /usr/local/etc/inc/plugins.inc.d/webgui.inc
1. Added "mod_auth" to the server.modules
2. Added the line $lighty_config = "include \"/usr/local/etc/lighttpd/conf.d/auth.conf\"\n"
3. Specified the authorization parameters in the file /usr/local/etc/lighttpd/conf.d/auth.conf
~~~~~~
auth.backend                 = "plain"
auth.backend.plain.userfile  = "/usr/local/etc/lighttpd/lighttpd.user"

auth.require               = ( "/squid-reports/" =>
                               (
                                 "method"  => "basic",
                                 "realm"   => "Sarg Authentication",
                                 "require" => "user=browser"
                               ),
                             )
~~~~~~~~
If you can, write down your steps.

[myksto]

I posted my "step by step" guide in this thread:
https://forum.opnsense.org/index.php?topic=9510.0

Hope it helps.

Cheers,

Michele.