Re: [squid-users] rebuillding centos squid.src.rpm to support --enable-follow-x-forwarded-for

Divan Santana wrote:
> Hi Everyone,
>
> This is the first time I am using this mailing list :)
>
> Hoping someone can please help me :)
> I have searched different documentation and tried lots but no luck yet.
>
> I want to use Dansguardian with squid and with ACLS with IP addresses but to
> my current squid-2.5.STABLE6 rpm build on Centos4.3.
>

Here's where the trouble starts. Squid 2.5 didn't support
follow-x-forwarded-for without a patch
(http://devel.squid-cache.org/follow_xff/index.html).

> So I need this section to work in squid.conf
> ----------------------------------------------------------------------------------------------------
> # TAG: follow_x_forwarded_for
> # Note: This option is only available if Squid is rebuilt with the
> # -DFOLLOW_X_FORWARDED_FOR option
> ----------------------------------------------------------------------------------------------------
>
> What I did was downloaded the src.rpm to /root
> Then did:
> rpm -Uvh squid-2.5.STABLE6-3.4E.12.src.rpm
> vi /usr/src/redhat/SPECS/squid.spec
> Add --enable-follow-x-forwarded-for \ to “# Configure the package” section
>

Here, you'll also need to download the patch, and add it to the patch
list in the SPEC file. Be aware, that it is unlikely to apply cleanly,
and will likely take some massaging.

> rpmbuild -bb modified.spec
>
> And then installed the .rpm it created for me.
>
> I edited squid.conf and did this:
> acl dansguardian src 127.0.0.1
> follow_x_forwarded_for allow dansguardian
> follow_x_forwarded_for deny all
> acl_uses_indirect_client on
> log_uses_indirect_client on
>
> But squid still doesn't recognize this?
>
> Any ideas what I did wrong or didn't do??
>
> In Ubuntu 6.10 I did the following and got it working no problems:
> apt-get source squid
> apt-get build-dep squid
> apt-get install devscripts build-essential fakeroot
> cd squid-2.6.1
>

See here? Ubuntu is using Squid 2.6. That makes all the difference in
the world.

> vim debian/rules
> Add --enable-follow-x-forwarded-for \ to “# Configure the package” section
> ./configure
> debuild -us -uc -b
> cd ..
> dpkg -i squid??? squid-common???
>
> And this worked, just not sure how to do it on the live CentOS server we have?
>

You might be better off (since you are compiling anyway) grabbing the
Fedora Squid SRPM and using it as a base. Or just compiling from source.

Chris
Received on Fri Mar 30 2007 - 16:55:00 MDT