Gentoo + Squid + Radius Auth + sslBump + remote SquidClamav + SquidGuard // intransparent official proxy in corporate environment

What to know: Squid caches and breaks clients encryption in MITM style. After clients request he establishes conections to both server and client. To the server he impersonates a client and checks servers certificates. Dismissed Server certs will be reported to the real client. To the client he acts like a server. After a succeful […]

BASH | Shalla | Squid acl import error | blacklist import // deduplicate shalla blacklists

# SLOW function dedup () { declare -a A_IN=(“${!1}”) declare -a A_OUT=(“${!1}”) for A_IN_ELEM in “${A_IN[@]}”; do II=-1 for A_OUT_ELEM in “${A_OUT[@]}”; do II=$(( $II + 1 )) [[ “x$A_OUT_ELEM” == “x$A_IN_ELEM” ]] && continue [[ “x$A_OUT_ELEM” == “x” ]] && continue echo “$A_OUT_ELEM” | grep -w “$A_IN_ELEM” > /dev/null if [ $? -eq 0 […]

Radius testing

Avoid all these linux console tools named like ‘radiusclient’. Install freeradius Test your stuff with # radtest USERNAME USERPASS HOST 0 THESECRET Testing with SQUID: # /usr/libexec/squid/basic_radius_auth -h HOST -w SECRET Then type USERNAME USERPASS at the prompt. Will return OK or ERR…