1. Manuals
  2. Brands
  3. ESET Manuals
  4. Software
  5. GATEWAY SECURITY - FOR LINUX BSD AND SOLARIS
  6. Installation manual

Manual Proxy Configuration Of Squid Web Proxy Cache - ESET GATEWAY SECURITY - FOR LINUX BSD AND SOLARIS Installation Manual

Hide thumbs
Table of Contents

Advertisement

5.2.2

Manual proxy configuration of Squid Web Proxy Cache

The manual HTTP proxy configuration of esets_http with the Squid Web Proxy Cache is illustrated by the right hand
side of Figure 5-2.
The significant difference from the previously described configuration is that ESET Gateway Security is installed on
the HTTP/FTP Gateway between the proxy cache (Squid Web Proxy in this example) and the Internet. Thus, all
inbound HTTP/FTP communications are first scanned for infiltrations and then stored in the dedicated network cache.
In other words, all previously requested source objects present within the proxy cache are already checked for viruses
and no additional checking is necessary when requested again.
In the following example, esets_http is configured to listen on port 8080 of the gateway server, with a local network
IP address of 192.168.1.10, by specifying the following parameters in the [http] section of the ESETS configuration file:
agent_enabled = yes
listen_addr = "192.168.1.10"
listen_port = 8080
Note that the parameter 'listen_addr' can be used to specify the host name visible from the local network and also
can be used to allow esets_http to listen to all interfaces, by entering an address of 0.0.0.0. Use caution in the latter
case, as users outside the local network would be allowed to use the HTTP/FTP scanner unless additional security is
added to prevent this.
To set up Squid to use esets_http as a parent proxy, add the following lines to the Squid configuration file (/etc/
squid/squid.conf):
cache_peer 192.168.1.10 parent 8080 0 no-query default
acl all src 0.0.0.0/0.0.0.0
never_direct allow all
In the example above, Squid has been configured to use HTTP proxy listening at IP address 192.168.1.10 on port
8080 as a parent proxy. All requests processed by Squid will be passed to this destination. The remaining lines are
used to configure error message reporting in the event that the parent proxy is down or becomes unreachable. To
configure Squid to attempt direct connections when the parent proxy is unreachable, add the following parameters to
the Squid configuration file:
cache_peer 192.168.1.10 parent 8080 0 no-query
prefer_direct off
To reread the newly created configuration, reload the ESETS daemon.
11

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the GATEWAY SECURITY - FOR LINUX BSD AND SOLARIS and is the answer not in the manual?

Related Manuals for ESET GATEWAY SECURITY - FOR LINUX BSD AND SOLARIS

Related Content for ESET GATEWAY SECURITY - FOR LINUX BSD AND SOLARIS

This manual is also suitable for:

Gateway security

Table of Contents