Tag Archives: squid

Mac OS X Mac OS X Server Network Infrastructure Ubuntu Unix

Clear Squid Proxy Caches

Every now and then you run into a problem with a caching server that causes you to need to clear out the cache. If running Squid, you can look in the /etc/squid/squid.conf configuration file and find a setting in that file called the cache_dir, which is a path. For example, we’ll use /var/squid/cache in this article.

squid_logoYou can clear the cache of a Squid proxy then, by deleting that directory:

rm -Rf /var/squid/cache

Then recreate the cache directory:

mkdir /var/squid/cache

Then run squid with a -z option:

squid -z

Then fire up squid again:

squid

Mac OS X Mac OS X Server Mac Security personal public speaking

MacTech Spotlight – Fall 2012

Looks like I’m on the back page of the latest issue of MacTech Magazine (see Table of Contents at http://www.mactech.com/issue-TOCs-2012). And it turns out I’m not there for the reason I usually adorn the back page of magazines; I’m fully clothed and for the most part it’s technical: I’m the MacTech Spotlight. If I keep this up, I’ll be able to keep my clothes on full time in the future. Not sure what will happen to my spot at Sunset and LaBrea now, though…

Anyway, despite featuring me, MacTech is a great magazine. Where else can you find information on Adobe packaging, QuickLook development, building a Squid proxy, HTML5 and CSS3 design, OpenBSM, keeping nasty network attacks out of Mountain Lion and AppleScriptObjC. I mean seriously, great stuff!

Ubuntu Unix

Server Admin on Linux

Apple recently announced the end of the Apple Xserve. The data center is a funny thing, and being such rack space is critical to most who spend a lot of time there. Many of the previous Xserve customers will continue to buy Mac Pro’s and use them in racks as tall Xserves. Others will purchase Mac Mini’s and use them for certain situations. But many will move on to using the same iron in the data center that they use for everything else, finding a way to duplicate or replace the functionality that was previously in the Xserve with something else.

Server Admin is not going to run on Linux. But you can get kinda’ close and if you really miss the GUI for DNS (not likely) and the other services (possible and in some cases highly likely) then you can hax0r the stuff to look as much like Server Admin as you want. In fact, given the number of developers and the open source nature, the tools available on Linux are likely to even blow away what you could do before. However, there’s a much steeper learning curve and that’s why many (not all) in the Xserve camp have stuck it out with Apple all these years.

The easiest and most mature of the solutions that can be used here is Webmin. We’re going to look at installing Webmin on an old Dell Dimension 5150 that’s running Ubuntu Server 10. Warning, there’s gonna’ be some command line here to get ya’ started, but feel free to cut and paste.

First up, install the webmin dependencies. Dependencies are to many the most frustrating thing about working with Open Source software. But never fear, the Webmin team has posted their dependencies as perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime and libio-pty-perl. So, let’s install those with elevated privileges, using apt-get:

apt-get install perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl

Next, let’s install Webmin itself. Download Webmin:

wget http://prdownloads.sourceforge.net/webadmin/webmin_1.520_all.deb

If that fails, check the version at the Webmin site and re-run using the correct URL, listed on the site. Once you’ve downloaded, it’s time to install. One of the reasons (in my opinion) that Ubuntu is so popular is that like Apple they use a package-type of format for installers. Therefore, think of the dpkg command like the installer command in Mac OS X when used with the –install or -i operator. So assuming your working directory is where you downloaded that package to (*.deb)

dpkg -i webmin_1.520_all.deb

Once it’s finished fire up a web browser and go to port 10000 on your box. You should be prompted to authenticate, which can be done using root as the username and the root password of your box as the password. Once done, go to the module page or search for a third party module if the package you’d like isn’t include, and download the modules you need.

I’m not a huge fan of Webmin, but I’ve heard a lot of talk about “wouldn’t it be great if there were something similar to Server Admin”. Well, the way Roles work in Windows Server is similar and Windows Server can pretty much do anything (include make me coffee). If you are averse to Microsoft servers and/or paying per CAL for licensing, plugging modules into Webmin is pretty darn close as well. Looking at services included in Mac OS X Server, Webmin can manage FTP (Frox/WU-FTP/ProFTPd), NFS, Samba, SSH, SpamAssassin, Squid, Apache (and Webalizer), VPN (PPP/PPTP/IPsec), Mail (Dovecot/Postfix/Sendmail/Procmail/Majordomo), database (MySQL/PostgreSQL), Shorewall, LDAP w/ Kerberos, DHCP, Bind, Jabber, CVS/Subversion, VNC and even Bacula (replacing that Time Machine server concept).

You have way more choices (which isn’t always a good thing). Sure, Webmin is not nearly as pretty as Server Admin and it has many of the same issues of interpreting what are in config files and developing a WTF complex if you make a change in one place vs. the other. But it can also manage VMs and do a lot of other things (ie – monitoring). I still prefer Mac OS X Server for a lot of things, but if someone adds Netatalk (trivial), ports the Apple .schema file in and DAViCal/CardDAV, you’ve got a new version of spaghetti open source pretty similar to Server Admin. A little CSS and you can even make it look just like Server Admin.

Not everyone is going to want to use Ubuntu. I personally end up using Redhat more than I do any other flavor of Linux. For Redhat users, getting Webmin installed is actually even easier. Simply run rpm, specifying the package and you’re off to the races:

rpm -U webmin-1.520-1.noarch.rpm

Finally, I really and truly do not condone a knee-jerk reaction to Apple’s decision to terminate the Xserve. Unless Sarah Connor can do something about it I don’t think it’s coming back. If you absolutely have to move certain services to a different 1U box, then here ya’ go. Otherwise, stay with those new MacPro Servers, you’ll be happier with them in the long run!

Ubuntu Unix

Quick Install of Squid and Dans Guardian

To get Squid and Dans Guardian:

apt-get install squid dansguardian

To backup the squid config file:

cp /etc/squid/squid.conf /etc/squid/squid.conf.bak

To make it transparent, uncomment this line from the squid.conf file:

http_port 127.0.0.1:3128 transparent

Add this on the next line:

http_port 8080

Next, backup the dansguardian config file using the following command:

cp /etc/dansguardian/dansguardian.conf /etc/dansguardian/dansguardian.conf.bak

Then change 8080 to 8081

Then change filtergroups to = 2 rather than the default of 1

You can then install the webmin module from:

http://internap.dl.sourceforge.net/sourceforge/dgwebminmodule/dg-0.5.10-pr5.wbm