Following the steps on Penguin Tutor I added a bit of the terminal commands to make some tasks quicker.
Using these instructions will help add more to the OpenDNS Family Shield post.
If you haven’t setup your regional settings yet follow these steps
sudo dpkg-reconfigure keyboard-configuration sudo dpkg-reconfigure tzdata sudo raspi-config sudo nano /home/pi/.xsessionrc
Make sure this is in the .xsessionrc file
setxkbmap us
Install SSH
sudo /etc/init.d/ssh start sudo update-rc.d ssh defaults
Install Squid
sudo apt-get install squid3
Configure a different port on Squid
sed -i 's|http_port 3128|http_port 8888|' /etc/squid3/squid.conf sudo service squid3 restart
apt-get update && apt-get upgrade && apt-get check && apt-get autoremove && apt-get autoclean && apt-get clean
sudo apt-get --assume-yes install ntp
sudo timedatectl set-timezone America/Detroit
sudo service ntp restart
Set DNS resolve addresses
echo nameserver 208.67.222.123 > /etc/resolv.conf echo nameserver 208.67.220.123 >> /etc/resolv.conf
Install MySQL
sudo apt-get --assume-yes install mysql-server mysql-client php5-mysql phpmyadmin sudo mysql_install_db
Secure your MySQL database
sudo /usr/bin/mysql_secure_installation
Show Server IP, this will help later with configurations.
ifconfig eth0 | grep inet | awk '{ print $2 }'
# OR
ip addr show eth0 | grep inet | awk '{ print $2; }' | sed 's/\/.*$//'
curl http://kittell.net/ip.php
Install Apache
sudo apt-get --assume-yes install apache2 apache2-mpm-prefork
Install PHP
sudo apt-get --assume-yes install php5-common php5-cgi php5 php5-mysql php5-cli
Download the full_php_browscap.ini from http://browscap.org/ or download the October 4th, 2015 version and set it up with this code.
cd /etc/php5/ wget http://www.kittell.net/tools/full_php_browscap.ini sed -i 's|;browscap = extra/browscap.ini|browscap = /etc/php5/full_php_browscap.ini|' /etc/php5/apache2/php.ini sudo service apache2 restart
Configure web directory permissions
#Change the directory owner and group sudo chown www-data:www-data /var/www #allow the group to write to the directory sudo chmod 775 /var/www # Add the pi user to the www-data group sudo usermod -a -G www-data pi # Create a link/shortcut to the web root ln -s /var/www/html /home/pi/html
Download and Extract KidSafe Squid App
cd /home/pi/ #wget http://www.penguintutor.com/software/squid-kidsafe/0.2.0/kidsafe-squidapp-0.2.0.tgz wget http://www.penguintutor.com/software/squid-kidsafe/0.2.1/kidsafe-squidapp-0.2.1.tgz cd /opt #sudo tar -zxvf /home/pi/kidsafe-squidapp-0.2.0.tgz sudo tar -zxvf /home/pi/kidsafe-squidapp-0.2.1.tgz
Configure KidSafe
sed -i 's|acl local_acl dst 192.168.0.0/16|acl local_acl dst 192.168.1.0/16|g' /opt/kidsafe/kidsafe.squid3.inc sed -i 's|192.168.0.3|192.168.1.5|g' /opt/kidsafe/kidsafe.squid3.inc
Configure Squid
sed -i 's|# TAG: dns_testnames|include /opt/kidsafe/kidsafe.squid3.inc \n # TAG: dns_testnames|' /etc/squid3/squid.conf
Configure KideSafe Rules
cd /opt/kidsafe sudo chown :www-data . sudo chmod 775 . sudo chown :proxy kidsafe.py sudo chmod 770 kidsafe.py sudo chown :www-data kidsafe.rules kidsafe.session sudo chmod 664 kidsafe.rules kidsafe.session
Restart Squid
sudo service squid3 restart
Download and extract KidSafe Web App
cd /home/pi/ #wget http://www.penguintutor.com/software/squid-kidsafe/0.2.0/kidsafe-webapp-0.2.0.tgz wget http://www.penguintutor.com/software/squid-kidsafe/0.2.1/kidsafe-webapp-0.2.1.tgz cd /var/www/html #tar -xvzf /home/pi/kidsafe-webapp-0.2.0.tgz tar -xvzf /home/pi/kidsafe-webapp-0.2.1.tgz
Install Git
apt-get install git
mkdir /home/pi/GitHub cd /home/pi/GitHub git clone https://github.com/dkittell/KidSafeProxy yes | cp -rf KidSafeProxy/Webapp/kidsafe/ /var/www/html/ yes | cp -rf KidSafeProxy/Squidapp/kidsafe/ /opt/
Create the database for KidSafe
mysql -h localhost -u root -p CREATE DATABASE IF NOT EXISTS kidsafe; CREATE USER 'kidsafe'@'localhost' IDENTIFIED BY 'H386Nhdheinf67190hNHUkdhtodn137bbv'; GRANT ALL ON kidsafe.* TO 'kidsafe'@'localhost'; FLUSH PRIVILEGES; Exit;
Create the tables for KidSafe
cd /home/pi wget http://www.penguintutor.com/software/squid-kidsafe/0.2.1/kidsafe-database.txt mysql -u root -p kidsafe < kidsafe-database.txt
Setup KidSafe log
cd /var/log/squid3 sudo touch kidsafe.log sudo chown :www-data kidsafe.log
Update Squid Config
sed -i 's|# TAG: dns_testnames|include /opt/kidsafe/kidsafe.squid3.inc \n # TAG: dns_testnames|' /etc/squid3/squid.conf
Configure log for KidSafe and Squid
sed -i 's|endscript|# Create new log for kidsafe and set ownership\ntouch /var/log/squid3/kidsafe.log\nchown proxy:www-data /var/log/squid3/kidsafe.log\n endscript|' /etc/logrotate.d/squid3
Reminder: When you do an update from Git, make sure you reconfigure the IP address in the kidsafe config
cd /home/pi/GitHub git clone https://github.com/dkittell/KidSafeProxy yes | cp -rf KidSafeProxy/Webapp/kidsafe/ /var/www/html/ yes | cp -rf KidSafeProxy/Squidapp/kidsafe/ /opt/ sed -i 's|acl local_acl dst 192.168.0.0/16|acl local_acl dst 192.168.1.0/16|g' /opt/kidsafe/kidsafe.squid3.inc cd /opt/kidsafe sudo chown :www-data . sudo chmod 775 . sudo chown :proxy kidsafe.py sudo chmod 770 kidsafe.py sudo chown :www-data kidsafe.rules kidsafe.session sudo chmod 664 kidsafe.rules kidsafe.session sudo service squid3 restart sudo service apache2 restart
List running services
netstat -lepunt
Originally Posted on October 11, 2015
Last Updated on November 20, 2015
Last Updated on November 20, 2015
All information on this site is shared with the intention to help. Before any source code or program is ran on a production (non-development) system it is suggested you test it and fully understand what it is doing not just what it appears it is doing. I accept no responsibility for any damage you may do with this code.