Setup Your Secure Web Gateway on your preferred Linux distribution

From Secure Web Gateway
Share/Save/Bookmark
Jump to: navigation, search

Overview

SafeSquid Appliance Builder (SAB) is an optimized version of Ubuntu Linux, optimized for easy setup of your secure web gateway. The SAB installs the Ubuntu Linux operating system, downloads and deploys the SafeSquid for Linux installation package, and the necessary dependencies. SafeSquid can also be installed on any other Linux operating system like Red-Hat, SuSe, CentOS, etc.

Choose this method of installation only if you want to setup SafeSquid on already existing infrastructure or if you want to use other Operating System in Linux family other than Ubuntu. It requires some additional configurations like Monit and bind services used by SafeSquid.

Prerequisites

You must be install the required dependencies  and other supporting services required for some modules of SafeSquid to work 

You can check and install required dependencies below

Monit and bind are other supporting Service required for SafeSquid

Check - Configure Monit for SafeSquid Monitoring

Check - Bind Configuration with SafeSquid

Download latest version in Linux server

Go to the linux server and change the directory to “/usr/local/src” by using below command
                                         cd /usr/local/src

Then  use wget command to download the SafeSquid tarball to the Linux machine on which you want to install the Safesquid.It will download the tar file
                             wget http://downloads.safesquid.net/appliance/binary/safesquid_latest.tar.gz

Wget.jpg

Extract the tarball

Extract the files from tar by using below command.
                            tar -zxvf safesquid_latest.tar.gz

The output of the above command is like as below.

Untar1.jpg

Now it  will create the new directory with name "_mkappliance"

Then run the script
                        _mkappliance/installation/setup.sh

You will see something like this

Setupsh.jpg

Now the installation is complete.

Dependency Check 

Then check if any dependencies are missing for SafeSquid working by using the ldd command as shown below.

                                                         ldd /opt/safesquid/bin/safesquid

The sample output of the above command will look like as below

root@safesquid:/opt/safesquid/bin# ldd /opt/safesquid/bin/safesquid
        linux-vdso.so.1 =>  (0x00007ffebebdb000)
        libldap_r-2.4.so.2 => /usr/lib/x86_64-linux-gnu/libldap_r-2.4.so.2 (0x00007ff03107e000)
        libpam.so.0 => /lib/x86_64-linux-gnu/libpam.so.0 (0x00007ff030e70000)
        liblber-2.4.so.2 => /usr/lib/x86_64-linux-gnu/liblber-2.4.so.2 (0x00007ff030c61000)
        libgssapi.so.3 => /usr/lib/x86_64-linux-gnu/libgssapi.so.3 (0x00007ff030a23000)
        libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007ff03081f000)
        libresolv.so.2 => /lib/x86_64-linux-gnu/libresolv.so.2 (0x00007ff030604000)
        libstdc++.so.6 => /usr/lib/x86_64-linux-gnu/libstdc++.so.6 (0x00007ff030300000)
        libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007ff02fffa000)
        libgcc_s.so.1 => /lib/x86_64-linux-gnu/libgcc_s.so.1 (0x00007ff02fde4000)
        libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007ff02fbc6000)
        libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007ff02f7fd000)
        libsasl2.so.2 => /usr/lib/x86_64-linux-gnu/libsasl2.so.2 (0x00007ff02f5e2000)

If any dependency is missing, then you will see same as below 

root@safesquid:/opt/safesquid/bin# ldd /opt/safesquid/bin/safesquid
        linux-vdso.so.1 =>  (0x00007ffebebdb000)
        libldap_r-2.4.so.2 => /usr/lib/x86_64-linux-gnu/libldap_r-2.4.so.2 (0x00007ff03107e000)
        libpam.so.0 => /lib/x86_64-linux-gnu/libpam.so.0 (0x00007ff030e70000)
        liblber-2.4.so.2 => /usr/lib/x86_64-linux-gnu/liblber-2.4.so.2 (0x00007ff030c61000)
        libgssapi.so.3 => /usr/lib/x86_64-linux-gnu/libgssapi.so.3 (0x00007ff030a23000)
        libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007ff03081f000)
        libresolv.so.2 => /lib/x86_64-linux-gnu/libresolv.so.2 (0x00007ff030604000)
        libstdc++.so.6 => /usr/lib/x86_64-linux-gnu/libstdc++.so.6 (0x00007ff030300000)
        libgmp.so.3==> not found
        libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007ff02fffa000)
        libgcc_s.so.1 => /lib/x86_64-linux-gnu/libgcc_s.so.1 (0x00007ff02fde4000)
        libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007ff02fbc6000)
        libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007ff02f7fd000)
        libsasl2.so.2 => /usr/lib/x86_64-linux-gnu/libsasl2.so.2 (0x00007ff02f5e2000)

if you found any dependencies not found then, you should install that dependency to make safesquid work.

Start the SafeSquid

Then start the SafeSquid service by using below command

                           /etc/init.d/safesquid start

Testing

Now check the SafeSquid is running or not by using below commands.

Status check.jpg

By default SafeSquid will listen on PORT 8080. If you observe SafeSquid is listening on any one of the above ports, then you can coform that SafeSquid is started.

Note :This installation does not include the Monit and Bind configurations.

See Also

1. Monit configuration for SafeSquid Monitoring

2. Bind configuration in SafeSquid Server

3. Configure HTTPS inspection

4. Integrate AD or OpenLDAP with SafeSquid