ICAP Phrase Filter Daemon Wiki
ICAP Daemon that implements content scanning
Status: Beta
Brought to you by:
menne386
This is a quick installation guide for IcapPFD to set up a web filtering proxy server.
This guide is for system administrators / power users.
First of all, download the latest version of IcapPFD from this website.
Now: execute the following command in you console:
tar zxvf icappfd-0.2.tar.gz
cd icappfd-0.2/build/
cmake ../
make
make install
Now there should be an icappfd executable in /usr/local/sbin and a icappfd.conf in /usr/local/etc/
unzip and install the phraselist you downloaded using the following commands
mkdir /usr/local/etc/icappfd
cd /usr/local/etc/icappfd
unzip /where/ever/you/downloaded/the/phraselists/phraselistsoct23.zip
mv _current\ phraselists lists
mv lists/weightedphraselist.DG\ 2.9.x lists/weightedphraselist
Edit the /usr/local/etc/icappfd.conf and change at the very least the .Include<> statement to match where you installed the phraselist.
Edit /etc/squid3/squid.conf and add the following lines:
#this replaces the Accept-Encoding header so icappf is sure to read the content.
request_header_access Accept-Encoding deny all
request_header_replace Accept-Encoding gzip
#Acl's because it is only interesting to scan HTML/Text content:
acl htmlfiles rep_mime_type text/html
acl htmlfiles rep_mime_type application/json
acl htmlfiles rep_mime_type text/xml
#Only scan normal traffic
acl normal_status http_status 200
#Enable sending traffic trough the scanner:
icap_enable on
icap_service service_resp respmod_precache bypass=0 icap://127.0.0.1:1344/response
adaptation_access service_resp allow htmlfiles normal_status
To finish up issue the following commands:
#To start icappfd
icappfd
#To see if icappfd loaded: it should display a line icappfd and a version nr.
tail /var/log/messages
#Reload squid
service squid3 reload
#extra: to reload icappfd:
killall -HUP icappfd