InterSafe WebFilterをCentOS5.7(32bit)にインストール。 XenServer上のCentOSにインストールしたため、Readme.txtに仮想環境を使用する場合は [VMware vSphere4.1(ESX4.1およびESXi4.1)環境] では64bit OS 環境には対応しておりません。とあるので32bitにした。また5.7はkernel-xen-2.6.18,glibc-2.5なので条件に合う。
ここから登録してDownloadする。登録後メールにライセンス番号が来る。
Polxy版をDLし、HTTPS解析のチェックを入れた。パッチ「is70_lin_hf2.tar]もDLしておく
$ tar zxvf setup_lin_0715.tgz $ cd setup $ su # ./setup.sh Preparing to install... Extracting the JRE from the installer archive... Unpacking the JRE... Extracting the installation resources from the installer archive... Configuring the installer for this system's environment... Launching installer... Preparing CONSOLE Mode Installation... =============================================================================== InterSafe WebFilter Ver.7.0 build0715(created with InstallAnywhere by Macrovision) ---------------------------------------------------------------------------------- =============================================================================== Introduction ------------ By following the instructions in InstallAnywhere, you can easily install InterSafe WebFilter Ver.7.0 build0715. (略) You may cancel this installation at any time by typing 'quit'. PRESS <ENTER> TO CONTINUE: =============================================================================== License Agreement ----------------- You must accept the following license agreement to install and use InterSafe WebFilter Ver.7.0 build0715. [使 用 許 諾 契 約 書] IS-LISENCE_201101 (略) For inquiries please contact: Oracle Corporation, 500 Oracle Parkway, Redwood Shores, California 94065, USA. DO YOU ACCEPT THE TERMS OF THIS LICENSE AGREEMENT? (Y/N): Y =============================================================================== Select InterSafe WebFilter Ver.7.0 build0715 folder ----------------------------------------------------- Only normal-width Alphanumeric character and '_' or '-' are allowed to use as install folder name. Whole folder path's length is restricted within 128 characters. Select install folder. Where Would You Like to Install? Default Install Folder: /usr/local/intersafe ENTER AN ABSOLUTE PATH, OR PRESS <ENTER> TO ACCEPT THE DEFAULT : =============================================================================== confirm ------- It installs to this folder. /usr/local/intersafe PRESS <ENTER> TO CONTINUE: =============================================================================== Choose Install Set ------------------ Please choose the Install Set to be installed by this installer. ->1- Proxy 2- ICAP 3- Squid ENTER THE NUMBER FOR THE INSTALL SET, OR PRESS <ENTER> TO ACCEPT THE DEFAULT : 1 =============================================================================== Stop of running service ----------------------- If any process of InterSafe WebFilter or other programs are currently running,please stop them. PRESS <ENTER> TO CONTINUE: =============================================================================== Choose Server Type ------------------ Please select server type ->1- Master Server 2- Slave Server ENTER THE NUMBER FOR YOUR CHOICE, OR PRESS <ENTER> TO ACCEPT THE DEFAULT: : 1 =============================================================================== Select Master ip ---------------- Please select the IP address which it utilizes as Master ->1- 192.168.31.5 ENTER THE NUMBER OF THE DESIRED CHOICE, OR PRESS <ENTER> TO ACCEPT THE DEFAULT: Server IP: 192.168.31.5 IS THIS CORRECT? (Y/N): Y =============================================================================== Selection of user addition -------------------------- Is the owner of the file which it installs set? When automatic setting is selected, the intersafe group and the intersafe user are drawn up ->1- Automatic setting 2- Manual setting ENTER THE NUMBER FOR YOUR CHOICE, OR PRESS <ENTER> TO ACCEPT THE DEFAULT: : 1 =============================================================================== Confirm execute user account ---------------------------- The owner is set in the user and the group below User:intersafe Group:intersafe PRESS <ENTER> TO CONTINUE: =============================================================================== Automatic start setting ----------------------- ->1- Automatic start registers 2- Automatic start does not register ENTER THE NUMBER FOR YOUR CHOICE, OR PRESS <ENTER> TO ACCEPT THE DEFAULT: : 1 =============================================================================== Pre-Installation Summary ------------------------ Please Review the Following Before Continuing: Product Name: InterSafe WebFilter Ver.7.0 build0715 Install Folder: /usr/local/intersafe Product Components: Proxy Server Type: MASTER Server IP: 192.168.31.5 Automatic start setting: TRUE Owner: intersafe Group: intersafe LANG: en_US.UTF-8 Disk Space Information (for Installation Target): Required: 145,803,582 bytes Available: 17,002,639,360 bytes PRESS <ENTER> TO CONTINUE: =============================================================================== Installing... ------------- [==================|==================|==================|==================] [------------------|------------------|------------------|------------------] =============================================================================== Install Complete ---------------- InterSafe WebFilter Ver.7.0 build0715 was installed in the following location. /usr/local/intersafe Please start InterSafe WebFilter Ver.7.0 build0715 service manually. Do not interrupt the installer until prompt is displayed. PRESS <ENTER> TO EXIT THE INSTALLER:
# cd /usr/local/intersafe/bin
# ./amsadmin start Starting amsadmin services:
# ./amsweb start Starting amsweb services: Using CATALINA_BASE: /usr/local/intersafe/tomcat Using CATALINA_HOME: /usr/local/intersafe/tomcat Using CATALINA_TMPDIR: /usr/local/intersafe/tomcat/temp Using JRE_HOME: /usr/local/intersafe/jre Using CLASSPATH: /usr/local/intersafe/tomcat/bin/bootstrap.jar
# ./amsproxy start Starting amsproxy services:
# ./amsproxy stop Shutting down amsproxy services:
# ./amsweb stop Shutting down amsweb services: Using CATALINA_BASE: /usr/local/intersafe/tomcat Using CATALINA_HOME: /usr/local/intersafe/tomcat Using CATALINA_TMPDIR: /usr/local/intersafe/tomcat/temp Using JRE_HOME: /usr/local/intersafe/jre Using CLASSPATH: /usr/local/intersafe/tomcat/bin/bootstrap.jar
# ./amsadmin stop Shutting down amsadmin services:
あとはWebから設定する。
ID:root Pass:root
アクセス先
http://(IPアドレス):2319/index.html
rootパスワード変更
がある。
リンク先は/usr/local/intersafe/bin/amsmain
以下のコマンドでも起動する
# /etc/rc.d/rc3.d/S98amsmain start Starting amsadmin services: Starting amsproxy services: Starting amsweb services: Using CATALINA_BASE: /usr/local/intersafe/tomcat Using CATALINA_HOME: /usr/local/intersafe/tomcat Using CATALINA_TMPDIR: /usr/local/intersafe/tomcat/temp Using JRE_HOME: /usr/local/intersafe/java/64jre Using CLASSPATH: /usr/local/intersafe/tomcat/bin/bootstrap.jar
サービス停止
# cd /usr/local/intersafe/bin # ./amsproxy stop # ./amsweb stop # ./amsadmin stop
OSのIPアドレス変更
IP変更箇所 以下のファイルのアドレスを変更
intersafe/conf/sys/server_list.dat
0,デフォルトサーバ,10.99.99.69,20120704153917,-1 ^^^^^^^^^^^IPアドレス
intersafe/conf/proxy.inf
[SYSTEM_GLOBAL] MASTER_ADMIN_HOST=10.99.99.69 <==IPアドレス WWW_ADMIN_PORT=2319
サービス起動
# cd /usr/local/intersafe/bin # ./amsadmin start # ./amsweb start # ./amsproxy start
Webでログイン後 「システム管理」->「ダウンロード情報」で
モジュール情報: Build番号 0715
を確認
すべてのサービスを停止(管理サービス、拡張Web サービス、フィルタリングサービス)
# tar zxvf is70_lin_hf2.tar.gz # cd is70_lin_hf2 #./intersafe_v70_b0721_unix.sh Preparing to install... Extracting the JRE from the installer archive... Unpacking the JRE... Extracting the installation resources from the installer archive... Configuring the installer for this system's environment... Launching installer... Preparing CONSOLE Mode Installation... =============================================================================== InterSafe WebFilter Ver.7.0 build0721(created with InstallAnywhere by Macrovision) ---------------------------------------------------------------------------------- =============================================================================== Introduction ------------ By following the instructions in InstallAnywhere, you can easily install InterSafe WebFilter Ver.7.0 build0721. Please close all programs before continuing installation. Respond to each prompt to proceed to the next step in the installation. If you want to change something on a previous step, type 'back'. You may cancel this installation at any time by typing 'quit'. PRESS <ENTER> TO CONTINUE: =============================================================================== Stop ams service ---------------- Press ENTER to stop current process of the product and start patch installation. PRESS <ENTER> TO CONTINUE: =============================================================================== Installing... ------------- [==================|==================|==================|==================] [------------------|------------------|------------------|------------------]
=============================================================================== Start ams service ----------------- Press ENTER to start the process of the product. PRESS <ENTER> TO CONTINUE: =============================================================================== Install Complete ---------------- InterSafe WebFilter Ver.7.0 build0721 was installed in the following location. /usr/local/intersafe Do not interrupt the installer until prompt is displayed. PRESS <ENTER> TO EXIT THE INSTALLER:
Webでログイン後 「システム管理」->「ダウンロード情報」で
モジュール情報: Build番号 0721
に変更になったことを確認
確認としてこのサイトで指定されたURLがブロックされればOK
もしうまくブロックされない場合は
システム管理 -> ダウンロード設定
ダウンロード情報の選択の「選択」」や データベースの「更新」でうまくいった。
システム管理 -> サーバ設定 ->選択
すべて同じportを指定した場合は HTTPのプロセス数がすべてのPortのプロセス数になる。HTTPS,FTP OVER HTTPのプロセス数は無視される(仕様のようだ)
Google検索でHitした文字からリンクを辿るときブロックするページでメッセージを出さない
対処方法
「例外URL登録へ」
メインカテゴリ:許可カテゴリ サブカテゴリ: 許可カテゴリ 登録形式 : 通常URL URL : http://www.google.co.jp/url 有効期限 有効期限なし
でOK
ブロック画面URL指定
システム管理 -> 管理画面
URLデフォルト http://intersafe.netstar.jp/
注)各変更時
フィルタリングサービスの再起動が必要な場合がある
# ./amsproxy restart Restarting amsproxy services:
IPアドレス直接入力でアクセスが禁止できない場合の対策
ここまでですべてのIPアドレスでのアクセスを禁止するので以下の設定で許可アドレスを指定
IPアドレスをレンジで登録する事が可能です。 録形式で「IPアドレスレンジ指定URL」を選択してください。
カテゴリ別ルールを変更した場合必ず「スケジュール設定へ」で再度設定しないと有効にならない。(サポートセンターより)
以下ファイルに
intersafe/logs/InterSafe_adm.log
以下のようなエラーが連続して出る場合はfiltering serviceが起動していない可能性ががある。
WARN 2012-08-13 03:22:40,344 [Thread-5] 000100 Failed to connect due to the \ following reason in confirming status of filtering service.
intersafe/hs_err_pid3278.logのようなエラーは上記状態が続いて、javaのruntimeがエラーする場合に生じる。
また、bin/amsproxy start時にエラーが出て起動できない
InterSafe_http.logにはアクセスログが記録されるようだ