Squid_Openldap_Extmail 安装
前面已经说了 Openldap,extmail,dovecot的相关配置.现在把本机再装了一个squid,使用openldap认证.
配置如下:
Squid Setup
./configure --prefix=/usr/local/squid --enable-basic-auth-helpers=LDAP
make all && make install
#创建缓存目录
/usr/local/squid/sbin/squid -z
#调试,正常可以看见 Ready to serve requests.
/usr/local/squid/sbin/squid -NCD1
basic_ldap_auth -b "dc=test.com" -w bian -f "(&(objectClass=extmailUser)(mail=%s)(active=1))"
#输入邮箱+空格+密码 测试一下,提示OK就没问题
chown -R nobody var
squid.conf 配置如下:
[*]#-----------------------------
[*]auth_param basic program /usr/local/squid/libexec/basic_ldap_auth -b "dc=test.com" -w bian -f "(&(objectClass=extmailUser)(mail=%s)(active=1))"
[*]
[*]
[*]acl ldapauth proxy_auth REQUIRED
[*]#定义认证进程数,启动进程数,空闲进程数
[*]auth_param basic children 5 startup=0 idle=1
[*]#定义Web浏览器显示用户名/密码对话框时的领域内容
[*]auth_param basic realm OTNET Squid Test
[*]#定义认证通过后有效时间
[*]auth_param basic credentialsttl 2 hours
[*]http_access allow ldap-auth
[*]http_access deny all
[*]
[*]cache_mem 64 MB#缓存占内存大小
[*]maximum_object_size 4096 KB #最大缓存块
[*]#usf:缓存存储格式,目录,占用空间,子目录数,二级目录数
[*]cache_dir ufs /usr/local/squid/var/cache 100 16 256
[*]#-----------------------------
主要那个ldap查询参数折腾了好一会...
现在记录一下!
附一段重启Squid的脚本:
[*]#!/bin/bash
[*]#squid clean swap and restart script
[*]
[*]SQUID_DIR=/usr/local/squid/
[*]CACHE_DIR=${SQUID_DIR}var/cache
[*]
[*]. /etc/init.d/functions
[*]
[*]killproc ${SQUID_DIR}sbin/squid
[*]rm -rf $CACHE_DIR/*
[*]
[*]${SQUID_DIR}sbin/squid -z>/dev/null 2>&1
[*]
[*]if [ $? -eq 0 ]
[*]then
[*] daemon ${SQUID_DIR}sbin/squid
[*]fi
[*]exit $?
页:
[1]