DISQUS

Hello! Dan Cameron is using DISQUS, a powerful comment system, to manage its comments. Learn more.

Community Page

dancameron.org Jump to website »

Subscribe
- New Comments
Community
Top Commenters
- dancameron
  138 comments · 4 points
- stevehahn
  8 comments · 1 points
- sunburntkamel
  4 comments · 1 points
- Jason Hansen
  4 comments · 2 points
- Sid Savara
  3 comments · 1 points
Popular Threads
- Social Networks Ruin Relationships
  3 weeks ago · 14 comments
- I’m Awesome, are you?
  5 days ago · 1 comment
- Appmodo: Official AT&T iPhone Tethering to Cost $55 Per Month
  2 weeks ago · 1 comment
Recent Comments
- So you do look at the silly photos I share on Google Reader.
  5 days ago by Jason Brooks
  
  in I’m Awesome, are you?
- I have investigated 1&1 thoroughly and found their major tricks using PayPal. They are crooks and steal money deliberately as their main business. That's why do not be surprised at anything...
  1 week ago by Steve
  
  in 1and1 scams
- This is the reason I alluded to yesterday for being happy about the iPhone tethering; the more popular it gets, hopefully the more pressure there will be to re-evaluate this insane pricing for...
  2 weeks ago by JaredB
  
  in Appmodo: Official AT&T iPhone Tethering to Cost $55 Per Month
- Pretty much, and that just might fit into 140 characters.
  2 weeks ago by dancameron
  
  in Social Networks Ruin Relationships
- So what you are saying is that social net working sites speed the process up in regards to how fast you get to know a person and either like or dislike them?
  2 weeks ago by Emiloly
  
  in Social Networks Ruin Relationships

Dan Cameron

wordpress enthusiest

Jump to original thread »

What am I doing at Scattered

Started by dancameron · 10 months ago

No excerpt available. Jump to website »

33 comments

hilary
4 years ago

Hey! "cc" is the c language compiler. You can possibly map it to gcc by setting the "CC" environment variable to point to your gcc binary. gcc can compile both c and c++. For example:

$export CC=/usr/local/bin/gcc

I hope that helps! :-)

reply

Nate
4 years ago

Di d you do the following:
./configure
./make
?

reply

Nate
4 years ago

actually thats:
./configure
make

reply

Dan
4 years ago

Yeah.
I can't get the configure script to run because I get the error:
configure: error: no acceptable cc found in $path

reply

Dan
4 years ago

It might be informative that before the error I recieve this:
checking for gcc .... no
checking for cc ... no

Which makes me think something is wrong and the script not being able to find the gcc. I am looking into it now.

reply

Dan
4 years ago

after looking in my local/bin directory it doesnt show the gcc directory. Is Hilary right? should it be there? Is gcc easy enough to install? I contacted 1and1.

reply

Nate
4 years ago

$ ls /usr/bin | grep gcc
It's not the easiest thing to install. 1 and 1 should have it installed and available for your use uneless they are really anal.

reply

Dan
4 years ago

there isn't a directory in usr/bin named gcc or cc and the list is so long when you cd to that directory and then dir -list. I cannot either find it nor can change to it. And the code didn't work.

Thanks a ton Nate. is there a command to check if it is installed? it may be the squid config file just not being able to see it.

reply

Dan
4 years ago

by the way what does the usr/bin hold? Are they files for installation. I see tomcat4 and java. that will be next.

reply

Dan
4 years ago

I found usr/lib/gcc-lib

reply

Nate
4 years ago

$ echo $PATH
$ find / -name gcc -print 2/dev/null

reply

Dan
4 years ago

I will look into it tomorrow

reply

JaredB
4 years ago

Yes! There were already answers to this question before I even saw the post!

What distro is this again? (I know you mentioned FCS above, but I don't remember if that was on your side, or on the host server too) Depending on the distro, they may have binary packages available (rpm, etc) that don't require you to recompile the source at all; just a thought - I'm sure you already looked for this.

reply

Dan
4 years ago

Fedora Core 2 is preinstalled on your server.

Newly installed Root-Servers always contain the latest security updates. For this
reason there might be slight deviations from this listing.

Kernel: 2.4.24
gcc: 2.95.4

Services:
sendmail MTA (Mail Transfer Agent)
sshd SSH Daemon
dhclient DHCP Client (Dynamic Host Configuration Protocol)
cron Cron Daemon
mysql Mysql Database
xinetd Internet Network Daemon
apache Apache Webserver
nfs Network-Filesystem Support
quota Harddrive Quota System
proftpd FTP Daemon

Versions:
apache-2.0.51
cyrus-sasl 2.1.18-2.2
glibc-2.3.3-27.1
iptables-1.2.9-2.3.1
mutt-1.4.1i
mysql-3.23.58
openssh-3.6.1p2-34
openssl-0.9.7a-35
perl-5.8.3
python-2.3.3

Partitions:
hda1: Linux
hda2: Linux swap
hda4: Extended
hda5: Linux
hda6: Linux
hda7: Linux

reply

Dan
4 years ago

/usr/lib/courier-imap/sbin:/usr/lib/courier-imap/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/root/bin

find / -name gcc -print 2/dev/null

Nothing

reply

Dan
4 years ago

Nate is this "ls" a "one-s" or a "|-s" or a "l-s"
I am assuming it is an L
Anyways I tried them all and nothing.

reply

JaredB
4 years ago

I still recommend trying a binary distribution, such as the RPMs at ftp://ftp.squid-cache.org/pub/contrib/RPM-v1.1/

No use in recompiling it unless you need to. I'm assuming that since Fedora descends from RedHat that it handles RPMs OK, although I could be wrong.

reply

Dan
4 years ago

Okay I have the rpm. Which one do I need the src or the i386, I am guessing the i386.

After I upload it to the usr/local/ how do I run it? Or do I need to put it somewhere else?

reply

Anonymous
4 years ago

rpm -Uhvf

reply

JaredB
4 years ago

You probably only need the i386 one, unless you need to recompile in the future. Once you've got the .rpm on your system, you just do something like:

rpm -i whatever.rpm

Although you may want to check the documentation for the rpm command (man rpm), since I don't use that very much.

reply

Dan
4 years ago

Okay I installed it with
rpm -Uhvf
Thanks guy from nasa (shown in the ip address), I guess really smart people like you guys really want to help newbie dumbasses like me.

So I installed it and it is in a couple directories in the system but where is the configure script? since I used the rpm I cannot find it.

reply

Nate
4 years ago

this link if you care to find out more. I bet OS X has a utility like rpm. It's probably better and easier to use, but rpm is the tool that Red Hat (rpm stands for Red Hat Package Manager I believe) and Fedora uses and I like it.

Just to get you started try:
$ rpm -qi squid
which should tell you a bunch about what you just installed. While your at it see that gcc is not installed:
rpm -qi gcc
but it's not hard to install the rpm if you really need it.

reply

JaredB
4 years ago

Yes, the secret is finally out - Nate is a rocket scientist. I love those JPL jokes...

reply

Dan
4 years ago

Okay cool so it's installed. now what?

Should I just be able to use the proxy server now, how would I set a different IP, or make sure my firewall is not blocking it?

If I set firefox to the proxy it doesn't work.

reply

Dan
4 years ago

I don't want to go through it now but I found this:
http://www.tldp.org/linuxfocus/English/March200...

You geeks think this is a good start?

Or is there just a couple things I need to configure?

Off to my PSP.

reply

JaredB
4 years ago

That page seems like a good start; now that it's installed all you really need to do is get familiar with the config file, which (I think) is pretty well commented, you might even be able to figure it out just by reading through the config file itself.

One extremely important point I would make is that you do *not* want to allow that port to be open on the firewall. Of course, the docs you read probably tell you that you do, because the idea (usually) is you set the browser on your workstation (lets call it "W") to point to the address of the server ("S"), and the appropriate port (3128 by default, but you can change this).

Actually, let me take one more step back and say that the first thing you need to do (and maybe you already have) is become *very* familiar with the firewall (iptables probably) configuration on the machine, and make *sure* that everything is closed except for ssh access. You can open up other ports (web, mail, etc) later, once you are more confident that you are doing it securely.

OK, back to the squid configuration. There are certainly ways that you can configure it to be accessible from the outside world (the W to S scenario described above) and restrict it to make sure it's only you that is using it (passwords, ip restrictions, etc.) but this is tricky, because if you slip up and misconfigure it, it will be an open proxy that other people can use/abuse since it's on a public server.

The way I do it on my server is that the port that squid is running on is not accessible from outside of that box, so neither I nor anyone else can set my browser to use my proxy server (directly). Rather, I will SSH into the server, and forward my local port 3128 to 127.0.0.1:3128 on the server. Then I set my browser's proxy to localhost:3128. To the browser, it appears that it is using a proxy server running on my laptop, when in reality, the SSH tunnel is forwarding that through to the port on the server it is connected to. So, from squid's point of view, I am using the proxy server from the local box, so both sides act as if everything is local, and the best thing is that the traffic between the two boxes is all encrypted through the SSH tunnel.

Confused yet?

reply

Dan
4 years ago

I actually understood it. But I have a few questions. I would rather do it the way you are do it since I most likely will only be using this at work and it seems a lot more secure since I might screw something up if I configure squid wrong or even my firewall.
So,
What configuration do you have your squid set up with? That file is a mile and a half long.
What commands do you run in ssh to forward your port? Remember I am a newbie, 3 weeks old.

And I trust you when you say it is secure but if I use my work proxy to connect via ssh then tunnel my browser through ssh aren't I using my work proxy to connect to the box through ssh? Or is that the key behind tunneling because it is a direct connection bypassing the proxy at work.

reply

Dan
4 years ago

Also I have a module on my plesk that configures my firwall. If I give you my info can you log in and check it out, it's at its default right now and I can't figure out if it is setup correctly or if I need to start blocking some shiIt out.

reply

JaredB
4 years ago

Re: the security of the tunnel, etc. -
That's the great thing about the ssh tunnel; it doesn't matter what's between your computer and the ssh server, because all the packets that leave your pc are encrypted before they leave your pc, and only decrypted on your ssh server. Whether they have a proxy setup or not, they could log any and all the traffic you make anyway, the difference now is that if they did decide to do that all they would be capturing is the encrypted ssh traffic, so it would be useless to them.

The only thing to watch out for is that if you are tunneling everything (even non-private stuff) the admins might notice that your machine has an unusually high amount of traffic on port 22 (SSH) always going to the same server, and they could probably figure out what you're doing, or at least be suspicious even if they didn't know what you were doing. They still couldn't read your traffic, but they could try things like blocking that port (which is no problem since you can use any port, and it's unlikely they will block all ports). It's actually more likely that they would restrict you in a non-technical manner; ie: have your boss tell you to knock it off or you'll get fired. All that being said, a lot of admins do not monitor logs like they should, so they may not notice, and if they do, they might be cool and have no problem with it.

I will try to check out my squid configuration file later and pull out the relevant pieces that you need to watch out for. (It's been a while since I set it up). I could look at the firewall config too, if you want to call me on my cell phone or just give me the info next time I see you in person.

reply

Dan
4 years ago

Thanks, with the default set up can I use the ssh tunnel? It seems like I should, anyways what are the comands to do so. I will be playing with the config file today but I won't know the commands.

reply

Dan
4 years ago

I got it to work.

YES.

I just need to check that I locked it down to my work ip only. Then Jared, we can look at my firewall soon. Or maybe you can check by using the ip on the tagboard.

Thanks.

reply

Dan
4 years ago

So I have it set up and I am using my proxy server as we speak. But how secure is it? Can my work see what I am doing? Or capture packets?

It's pretty fast too, and now I can surf anywhere without a dumb filter hindering my gmail access or my porn access.

reply

Nate
4 years ago

When your viewing porn and your boss walks into your office they can see what your doing. Busted!

reply

Add New Comment

Returning? Login