hostname -f が完全修飾名 (ドメイン名を含むホスト名) を返すことを確認してください。これに失敗した場合、/etc/hosts ファイルを編集して、システムの完全な名前 (たとえば arrakis.falcot.com など) を書き込むべきです。潜在的な名前の衝突を避けるには、ネットワーク管理者に公認コンピュータ名の妥当性を確認するべきです。
/etc/squid/squid.conf configuration file and allowing machines from the local network to run queries through the proxy. The following example shows the modifications made by the Falcot Corp administrators:
例 11.22 The /etc/squid/squid.conf file (excerpts)
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS # include /etc/squid/conf.d/* # Example rule allowing access from your local networks. # Adapt localnet in the ACL section to list your (internal) IP networks # from where browsing should be allowed acl our_networks src 192.168.1.0/24 192.168.2.0/24 http_access allow our_networks http_access allow localhost # And finally deny all other access to this proxy http_access deny all
squid itself does not perform the filtering; this action is delegated to squidGuard. The former must then be configured to interact with the latter. This involves adding the following directive to the /etc/squid/squid.conf file:
url_rewrite_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf
/usr/lib/cgi-bin/squidGuard.cgi CGI program also needs to be installed, using /usr/share/doc/squidguard/examples/squidGuard.cgi as a starting point. Required modifications to this script are the $proxy and $proxymaster variables (the name of the proxy and the administrator's contact email, respectively). The $image and $redirect variables should point to existing images representing the rejection of a query.
systemctl reload squid command. However, since the squidguard package does no filtering by default, it is the administrator's task to define the policy. This can be done by creating the /etc/squid/squidGuard.conf file (using /etc/squidguard/squidGuard.conf.default as template if required).
squidGuard 設定ファイル (またはその中で言及しているドメインまたは URL のリストの 1 つ) を変更したら、毎回 update-squidguard を使って作業データベースを再生成しなければいけません。設定ファイルの構文は以下のウェブサイトで説明されています。