sometimes it is necessary to do some actions with squid (eproxy) on eSafe on the command-line. For instance, you want a quick stop-and-start of squid or do some debugging. The following options can be used in the CLI environment;
Usage: squid [-hvzCDFNRYX] [-d level] [-s | -l facility] [-f config-file] [-u port] [-k signal]
-d level Write debugging to stderr also.
-f file Use given config-file instead of
/opt/eproxy/etc/squid.conf
-h Print help message.
-k reconfigure|rotate|shutdown|interrupt|kill|debug|check|parse
Parse configuration file, then send signal to
running copy (except -k parse) and exit.
-s | -l facility
Enable logging to syslog.
-u port Specify ICP port number (default: 3130), disable with 0.
-v Print version.
-z Create swap directories
-C Do not catch fatal signals.
-D Disable initial DNS tests.
-F Don’t serve any requests until store is rebuilt.
-N No daemon mode.
-R Do not set REUSEADDR on port.
-S Double-check swap during rebuild.
-X Force full debugging.
-Y Only return UDP_HIT or UDP_MISS_NOFETCH during fast reload.
For instance, when you want to stop-and-start squid (to flush DNS cache), you can use the following;
# /opt/eproxy/sbin/squid –k shutdown
# /opt/eproxy/sbin/squid
Here are some handy tips and tricks to use with eSafe Gateway:
Commands:
# netconfig – quick configure your nic
# service network restart – restart the networking service
# /opt/eSafe/esgstop – stop the eSafe services
# /opt/eSafe/esgstart – start the eSafe services
# /opt/eSafe/esgmenu – launch initial wizard after installation
# /opt/eSafe/esgaddon – launch addon db download (spam or url)
# /opt/eSafe/esver – eSafe version info
miscellaneous:
# /opt/eSafe/update_info.txt – info about last update
Technorati Tags:
esafe,
squidWith the release of esafe Gateway 7.1, a new setup method is introduced: eSafe Proxy. Don’t confuse this one with eSafe Forwarding Proxy. Well, the difference between these two is that eSafe Proxy has a Squid proxy (Aladdin named it eproxy) already installed with it where eSafe Forwarding Proxy hasn’t (the last one has only the files!). The eproxy can be used as a parent proxy for the web scanning component of eSafe Gateway with or without authentication against AD, LDAP, etc.
But when you choose the traditional eSafe Forwarding Proxy, the eproxy is not activated. You have to do some things to get it work. I want to enable eproxy to use it as a parent proxy for the web component of eSafe.
I used the following steps to enable eproxy:
The eproxy files are under /opt/eproxy. When I first started eproxy, I got the following output:
# /opt/eproxy/sbin/squid start
FATAL: No port defined
Squid Cache (Version 2.6.STABLE18): Terminated abnormally.
CPU Usage: 0.010 seconds = 0.000 user + 0.010 sys
Maximum Resident Size: 0 KB
Page faults with physical i/o: 218
Aborted
So the first thing I had to do is to change the squid config file for the portnumber it’s listening on (normally it’s default..). The config file is located at /opt/eproxy/etc/squid.conf. Edit rule number 936 of this file in deleting the # in front of http_port 3128.
Now eproxy can be started normally.
The only thing left is to make sure squid will be started when the eSafe server reboots. This can be done by making a symbolic link under /etc/rc.d/rc3.d.
# ln -s /opt/eproxy/sbin/squid S90squid
This should do the job.