Manual Proxy Configuration Of Squid Web Proxy Cache - ESET GATEWAY SECURITY Installation Manual

To configure Firefox to use esets_http, click Tools > Options from the main menu, and click
Advanced. Click the Network tab and then click the Settings... button. In the Connection
Settings window, select the Manual Proxy Configuration option. Finally, enter the host name
or IP address in the HTTP Proxy (or FTP Proxy) field, and enter the Port values which esets_http
listens on (in this example, IP address 192.168.1.10 and port 8080 shall be specified). To reread
the newly created configuration, reload the ESETS daemon.
It should be noted that the configuration described here is not optimal for networks with
a large number of client computers. This is because the HTTP cache (if any) is present only in
the user agent–thus, the same source object is scanned multiple times when requested from
different user agents.

5.2.2. Manual proxy configuration of Squid Web Proxy Cache

The manual HTTP proxy configuration of esets_http with the Squid Web Proxy Cache is
illustrated by the right hand side of Figure 5-2.
The significant difference from the previously described configuration is that ESET Gateway
Security is installed on the HTTP/FTP Gateway between the proxy cache (Squid Web Proxy in
this example) and the Internet. Thus, all inbound HTTP/FTP communications are first scanned
for infiltrations and then stored in the dedicated network cache. In other words, all previously
requested source objects present within the proxy cache are already checked for viruses and no
additional checking is necessary when requested again.
In the following example, esets_http is configured to listen on port 8080 of the gateway
server, with a local network IP address of 192.168.1.10, by specifying the following parameters in
the [http] section of the ESETS configuration file:
agent_enabled = yes
listen_addr = "192.168.1.10"
listen_port = 8080
Note that the parameter 'listen_addr' can be used to specify the host name visible from the
local network and also can be used to allow esets_http to listen to all interfaces, by entering an
address of 0.0.0.0. Use caution in the latter case, as users outside the local network would be
allowed to use the HTTP/FTP scanner unless additional security is added to prevent this.
To set up Squid to use esets_http as a parent proxy, add the following lines to the Squid
configuration file (/etc/squid/squid.conf ):
cache_peer 192.168.1.10 parent 8080 0 no-query default
acl all src 0.0.0.0/0.0.0.0
never_direct allow all
In the example above, Squid has been configured to use HTTP proxy listening at IP address
192.168.1.10 on port 8080 as a parent proxy. All requests processed by Squid will be passed to
this destination. The remaining lines are used to configure error message reporting in the event
that the parent proxy is down or becomes unreachable. To configure Squid to attempt direct
connections when the parent proxy is unreachable, add the following parameters to the Squid
configuration file:
18 ESET Gateway Security