Menu

InstallationGuide

Menne Kamminga

This is a quick installation guide for IcapPFD to set up a web filtering proxy server.

This guide is for system administrators / power users.

Requirements
Install IcapPFD

First of all, download the latest version of IcapPFD from this website.

Now: execute the following command in you console:

tar zxvf icappfd-0.2.tar.gz
cd icappfd-0.2/build/
cmake ../
make
make install

Now there should be an icappfd executable in /usr/local/sbin and a icappfd.conf in /usr/local/etc/

Install phraselists

unzip and install the phraselist you downloaded using the following commands

mkdir /usr/local/etc/icappfd
cd /usr/local/etc/icappfd
unzip /where/ever/you/downloaded/the/phraselists/phraselistsoct23.zip
mv _current\ phraselists lists
mv lists/weightedphraselist.DG\ 2.9.x lists/weightedphraselist

Edit the /usr/local/etc/icappfd.conf and change at the very least the .Include<> statement to match where you installed the phraselist.

Setting up squid

Edit /etc/squid3/squid.conf and add the following lines:

#this replaces the Accept-Encoding header so icappf is sure to read the content.
request_header_access Accept-Encoding deny all
request_header_replace Accept-Encoding gzip

#Acl's because it is only interesting to scan HTML/Text content:
acl htmlfiles rep_mime_type text/html
acl htmlfiles rep_mime_type application/json
acl htmlfiles rep_mime_type text/xml

#Only scan normal traffic
acl normal_status http_status 200

#Enable sending traffic trough the scanner:
icap_enable on
icap_service service_resp respmod_precache bypass=0 icap://127.0.0.1:1344/response
adaptation_access service_resp allow htmlfiles normal_status
Finishing up

To finish up issue the following commands:

#To start icappfd
icappfd

#To see if icappfd loaded: it should display a line icappfd and a version nr.
tail /var/log/messages

#Reload squid
service squid3 reload

#extra: to reload icappfd:
killall -HUP icappfd