What am I doing

Hey! “cc” is the c language compiler. You can possibly map it to gcc by setting the “CC” environment variable to point to your gcc binary. gcc can compile both c and c++. For example:

$export CC=/usr/local/bin/gcc

I hope that helps!

Di d you do the following:
./configure
./make
?

actually thats:
./configure
make

Yeah.
I can’t get the configure script to run because I get the error:
configure: error: no acceptable cc found in $path

It might be informative that before the error I recieve this:
checking for gcc …. no
checking for cc … no

Which makes me think something is wrong and the script not being able to find the gcc. I am looking into it now.

after looking in my local/bin directory it doesnt show the gcc directory. Is Hilary right? should it be there? Is gcc easy enough to install? I contacted 1and1.

Hey! “cc” is the c language compiler. You can possibly map it to gcc by setting the “CC” environment variable to point to your gcc binary. gcc can compile both c and c++. For example:

$export CC=/usr/local/bin/gcc

I hope that helps!

$ ls /usr/bin | grep gcc
It’s not the easiest thing to install. 1 and 1 should have it installed and available for your use uneless they are really anal.

there isn’t a directory in usr/bin named gcc or cc and the list is so long when you cd to that directory and then dir -list. I cannot either find it nor can change to it. And the code didn’t work.

Thanks a ton Nate. is there a command to check if it is installed? it may be the squid config file just not being able to see it.

by the way what does the usr/bin hold? Are they files for installation. I see tomcat4 and java. that will be next.

Di d you do the following:
./configure
./make
?

actually thats:
./configure
make

I found usr/lib/gcc-lib

$ echo $PATH
$ find / -name gcc -print 2/dev/null

I will look into it tomorrow

Yeah.
I can’t get the configure script to run because I get the error:
configure: error: no acceptable cc found in $path

It might be informative that before the error I recieve this:
checking for gcc …. no
checking for cc … no

Which makes me think something is wrong and the script not being able to find the gcc. I am looking into it now.

Yes! There were already answers to this question before I even saw the post!

What distro is this again? (I know you mentioned FCS above, but I don’t remember if that was on your side, or on the host server too) Depending on the distro, they may have binary packages available (rpm, etc) that don’t require you to recompile the source at all; just a thought – I’m sure you already looked for this.

It might be in /usr/bin and you will be looking for an executable named gcc not a directory. Try:
$ ls /usr/bin | grep gcc
It’s not the easiest thing to install. 1 and 1 should have it installed and available for your use uneless they are really anal.

there isn’t a directory in usr/bin named gcc or cc and the list is so long when you cd to that directory and then dir -list. I cannot either find it nor can change to it. And the code didn’t work.

Thanks a ton Nate. is there a command to check if it is installed? it may be the squid config file just not being able to see it.

Don’t type the ‘$’ character. Start with the “ls”. I tried using the code tags so the pipe (‘|’) wouldn’t look like an I. Anyway, that will cut down the amount of stuff that gets printed. /usr/bin is the typical place that executables go as well as /usr/local/bin like hilary said. I’m guessing that gcc is not installed in /usr/bin though because the command “dir” that you used above probably is which means /usr/bin is in your path. What’s the output from these two commands?
$ echo $PATH
$ find / -name gcc -print 2>/dev/null

Yes! There were already answers to this question before I even saw the post!

What distro is this again? (I know you mentioned FCS above, but I don’t remember if that was on your side, or on the host server too) Depending on the distro, they may have binary packages available (rpm, etc) that don’t require you to recompile the source at all; just a thought – I’m sure you already looked for this.

Fedora Core 2 is preinstalled on your server.

Newly installed Root-Servers always contain the latest security updates. For this
reason there might be slight deviations from this listing.

Kernel: 2.4.24
gcc: 2.95.4

Services:
sendmail MTA (Mail Transfer Agent)
sshd SSH Daemon
dhclient DHCP Client (Dynamic Host Configuration Protocol)
cron Cron Daemon
mysql Mysql Database
xinetd Internet Network Daemon
apache Apache Webserver
nfs Network-Filesystem Support
quota Harddrive Quota System
proftpd FTP Daemon

Versions:
apache-2.0.51
cyrus-sasl 2.1.18-2.2
glibc-2.3.3-27.1
iptables-1.2.9-2.3.1
mutt-1.4.1i
mysql-3.23.58
openssh-3.6.1p2-34
openssl-0.9.7a-35
perl-5.8.3
python-2.3.3

Partitions:
hda1: Linux
hda2: Linux swap
hda4: Extended
hda5: Linux
hda6: Linux
hda7: Linux

/usr/lib/courier-imap/sbin:/usr/lib/courier-imap/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/root/bin

find / -name gcc -print 2/dev/null

Nothing

Nate is this “ls” a “one-s” or a “|-s” or a “l-s”
I am assuming it is an L
Anyways I tried them all and nothing.

I still recommend trying a binary distribution, such as the RPMs at ftp://ftp.squid-cache.org/pub/contrib/RPM-v1.1/

No use in recompiling it unless you need to. I’m assuming that since Fedora descends from RedHat that it handles RPMs OK, although I could be wrong.

Okay I have the rpm. Which one do I need the src or the i386, I am guessing the i386.

After I upload it to the usr/local/ how do I run it? Or do I need to put it somewhere else?

Fedora Core 2 is preinstalled on your server.

Newly installed Root-Servers always contain the latest security updates. For this
reason there might be slight deviations from this listing.

Kernel: 2.4.24
gcc: 2.95.4

Services:
sendmail MTA (Mail Transfer Agent)
sshd SSH Daemon
dhclient DHCP Client (Dynamic Host Configuration Protocol)
cron Cron Daemon
mysql Mysql Database
xinetd Internet Network Daemon
apache Apache Webserver
nfs Network-Filesystem Support
quota Harddrive Quota System
proftpd FTP Daemon

Versions:
apache-2.0.51
cyrus-sasl 2.1.18-2.2
glibc-2.3.3-27.1
iptables-1.2.9-2.3.1
mutt-1.4.1i
mysql-3.23.58
openssh-3.6.1p2-34
openssl-0.9.7a-35
perl-5.8.3
python-2.3.3

Partitions:
hda1: Linux
hda2: Linux swap
hda4: Extended
hda5: Linux
hda6: Linux
hda7: Linux

$ echo $PATH:

/usr/lib/courier-imap/sbin:/usr/lib/courier-imap/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/root/bin

find / -name gcc -print 2>/dev/null

Nothing

Nate is this “ls” a “one-s” or a “|-s” or a “l-s”
I am assuming it is an L
Anyways I tried them all and nothing.

I still recommend trying a binary distribution, such as the RPMs at ftp://ftp.squid-cache.org/pub/contrib/RPM-v1.1/

No use in recompiling it unless you need to. I’m assuming that since Fedora descends from RedHat that it handles RPMs OK, although I could be wrong.

rpm -Uhvf

Okay I have the rpm. Which one do I need the src or the i386, I am guessing the i386.

After I upload it to the usr/local/ how do I run it? Or do I need to put it somewhere else?

You probably only need the i386 one, unless you need to recompile in the future. Once you’ve got the .rpm on your system, you just do something like:

rpm -i whatever.rpm

Although you may want to check the documentation for the rpm command (man rpm), since I don’t use that very much.

Okay I installed it with
rpm -Uhvf
Thanks guy from nasa (shown in the ip address), I guess really smart people like you guys really want to help newbie dumbasses like me.

So I installed it and it is in a couple directories in the system but where is the configure script? since I used the rpm I cannot find it.

this link if you care to find out more. I bet OS X has a utility like rpm. It’s probably better and easier to use, but rpm is the tool that Red Hat (rpm stands for Red Hat Package Manager I believe) and Fedora uses and I like it.

Just to get you started try:
$ rpm -qi squid
which should tell you a bunch about what you just installed. While your at it see that gcc is not installed:
rpm -qi gcc
but it’s not hard to install the rpm if you really need it.

You probably only need the i386 one, unless you need to recompile in the future. Once you’ve got the .rpm on your system, you just do something like:

rpm -i whatever.rpm

Although you may want to check the documentation for the rpm command (man rpm), since I don’t use that very much.

Okay I installed it with
rpm -Uhvf
Thanks guy from nasa (shown in the ip address), I guess really smart people like you guys really want to help newbie dumbasses like me.

So I installed it and it is in a couple directories in the system but where is the configure script? since I used the rpm I cannot find it.

Yes, the secret is finally out – Nate is a rocket scientist. I love those JPL jokes…

Hey, that was me. I swear I was on a break.

I’m just chomping at the bit the give some tech support to someone getting familiar with Linux to help redeem myself for always being ignorant when asked a Windows question. Now, stop looking for the configure script cause there is no need for it. You have installed a pre-compiled binary package. Which is a good thing. I didn’t realize you had administrative control over the machine or that it was running Fedora.

Using rpm’s helps to keep your system clean, organized and easy to update. All the info about the packages you install are put into a database that makes it easy to do things like find out what you have installed and what files a package provides. Check out this link if you care to find out more. I bet OS X has a utility like rpm. It’s probably better and easier to use, but rpm is the tool that Red Hat (rpm stands for Red Hat Package Manager I believe) and Fedora uses and I like it.

Just to get you started try:
$ rpm -qi squid
which should tell you a bunch about what you just installed. While your at it see that gcc is not installed:
rpm -qi gcc
but it’s not hard to install the rpm if you really need it.

Okay cool so it’s installed. now what?

Should I just be able to use the proxy server now, how would I set a different IP, or make sure my firewall is not blocking it?

If I set firefox to the proxy it doesn’t work.

I don’t want to go through it now but I found this:
http://www.tldp.org/linuxfocus/English/March200...

You geeks think this is a good start?

Or is there just a couple things I need to configure?

Off to my PSP.

That page seems like a good start; now that it’s installed all you really need to do is get familiar with the config file, which (I think) is pretty well commented, you might even be able to figure it out just by reading through the config file itself.

One extremely important point I would make is that you do *not* want to allow that port to be open on the firewall. Of course, the docs you read probably tell you that you do, because the idea (usually) is you set the browser on your workstation (lets call it “W”) to point to the address of the server (“S”), and the appropriate port (3128 by default, but you can change this).

Actually, let me take one more step back and say that the first thing you need to do (and maybe you already have) is become *very* familiar with the firewall (iptables probably) configuration on the machine, and make *sure* that everything is closed except for ssh access. You can open up other ports (web, mail, etc) later, once you are more confident that you are doing it securely.

OK, back to the squid configuration. There are certainly ways that you can configure it to be accessible from the outside world (the W to S scenario described above) and restrict it to make sure it’s only you that is using it (passwords, ip restrictions, etc.) but this is tricky, because if you slip up and misconfigure it, it will be an open proxy that other people can use/abuse since it’s on a public server.

The way I do it on my server is that the port that squid is running on is not accessible from outside of that box, so neither I nor anyone else can set my browser to use my proxy server (directly). Rather, I will SSH into the server, and forward my local port 3128 to 127.0.0.1:3128 on the server. Then I set my browser’s proxy to localhost:3128. To the browser, it appears that it is using a proxy server running on my laptop, when in reality, the SSH tunnel is forwarding that through to the port on the server it is connected to. So, from squid’s point of view, I am using the proxy server from the local box, so both sides act as if everything is local, and the best thing is that the traffic between the two boxes is all encrypted through the SSH tunnel.

Confused yet?

Okay cool so it’s installed. now what?

Should I just be able to use the proxy server now, how would I set a different IP, or make sure my firewall is not blocking it?

If I set firefox to the proxy it doesn’t work.

I don’t want to go through it now but I found this:
http://www.tldp.org/linuxfocus/English/March2002/article235.shtml

You geeks think this is a good start?

Or is there just a couple things I need to configure?

Off to my PSP.

That page seems like a good start; now that it’s installed all you really need to do is get familiar with the config file, which (I think) is pretty well commented, you might even be able to figure it out just by reading through the config file itself.

One extremely important point I would make is that you do *not* want to allow that port to be open on the firewall. Of course, the docs you read probably tell you that you do, because the idea (usually) is you set the browser on your workstation (lets call it “W”) to point to the address of the server (“S”), and the appropriate port (3128 by default, but you can change this).

Actually, let me take one more step back and say that the first thing you need to do (and maybe you already have) is become *very* familiar with the firewall (iptables probably) configuration on the machine, and make *sure* that everything is closed except for ssh access. You can open up other ports (web, mail, etc) later, once you are more confident that you are doing it securely.

OK, back to the squid configuration. There are certainly ways that you can configure it to be accessible from the outside world (the W to S scenario described above) and restrict it to make sure it’s only you that is using it (passwords, ip restrictions, etc.) but this is tricky, because if you slip up and misconfigure it, it will be an open proxy that other people can use/abuse since it’s on a public server.

The way I do it on my server is that the port that squid is running on is not accessible from outside of that box, so neither I nor anyone else can set my browser to use my proxy server (directly). Rather, I will SSH into the server, and forward my local port 3128 to 127.0.0.1:3128 on the server. Then I set my browser’s proxy to localhost:3128. To the browser, it appears that it is using a proxy server running on my laptop, when in reality, the SSH tunnel is forwarding that through to the port on the server it is connected to. So, from squid’s point of view, I am using the proxy server from the local box, so both sides act as if everything is local, and the best thing is that the traffic between the two boxes is all encrypted through the SSH tunnel.

Confused yet?

I actually understood it. But I have a few questions. I would rather do it the way you are do it since I most likely will only be using this at work and it seems a lot more secure since I might screw something up if I configure squid wrong or even my firewall.
So,
What configuration do you have your squid set up with? That file is a mile and a half long.
What commands do you run in ssh to forward your port? Remember I am a newbie, 3 weeks old.

And I trust you when you say it is secure but if I use my work proxy to connect via ssh then tunnel my browser through ssh aren’t I using my work proxy to connect to the box through ssh? Or is that the key behind tunneling because it is a direct connection bypassing the proxy at work.

Also I have a module on my plesk that configures my firwall. If I give you my info can you log in and check it out, it’s at its default right now and I can’t figure out if it is setup correctly or if I need to start blocking some shiIt out.

Re: the security of the tunnel, etc. -
That’s the great thing about the ssh tunnel; it doesn’t matter what’s between your computer and the ssh server, because all the packets that leave your pc are encrypted before they leave your pc, and only decrypted on your ssh server. Whether they have a proxy setup or not, they could log any and all the traffic you make anyway, the difference now is that if they did decide to do that all they would be capturing is the encrypted ssh traffic, so it would be useless to them.

The only thing to watch out for is that if you are tunneling everything (even non-private stuff) the admins might notice that your machine has an unusually high amount of traffic on port 22 (SSH) always going to the same server, and they could probably figure out what you’re doing, or at least be suspicious even if they didn’t know what you were doing. They still couldn’t read your traffic, but they could try things like blocking that port (which is no problem since you can use any port, and it’s unlikely they will block all ports). It’s actually more likely that they would restrict you in a non-technical manner; ie: have your boss tell you to knock it off or you’ll get fired. All that being said, a lot of admins do not monitor logs like they should, so they may not notice, and if they do, they might be cool and have no problem with it.

I will try to check out my squid configuration file later and pull out the relevant pieces that you need to watch out for. (It’s been a while since I set it up). I could look at the firewall config too, if you want to call me on my cell phone or just give me the info next time I see you in person.

Thanks, with the default set up can I use the ssh tunnel? It seems like I should, anyways what are the comands to do so. I will be playing with the config file today but I won’t know the commands.

I got it to work.

YES.

I just need to check that I locked it down to my work ip only. Then Jared, we can look at my firewall soon. Or maybe you can check by using the ip on the tagboard.

Thanks.

I actually understood it. But I have a few questions. I would rather do it the way you are do it since I most likely will only be using this at work and it seems a lot more secure since I might screw something up if I configure squid wrong or even my firewall.
So,
What configuration do you have your squid set up with? That file is a mile and a half long.
What commands do you run in ssh to forward your port? Remember I am a newbie, 3 weeks old.

And I trust you when you say it is secure but if I use my work proxy to connect via ssh then tunnel my browser through ssh aren’t I using my work proxy to connect to the box through ssh? Or is that the key behind tunneling because it is a direct connection bypassing the proxy at work.

So I have it set up and I am using my proxy server as we speak. But how secure is it? Can my work see what I am doing? Or capture packets?

It’s pretty fast too, and now I can surf anywhere without a dumb filter hindering my gmail access or my porn access.

Re: the security of the tunnel, etc. -
That’s the great thing about the ssh tunnel; it doesn’t matter what’s between your computer and the ssh server, because all the packets that leave your pc are encrypted before they leave your pc, and only decrypted on your ssh server. Whether they have a proxy setup or not, they could log any and all the traffic you make anyway, the difference now is that if they did decide to do that all they would be capturing is the encrypted ssh traffic, so it would be useless to them.

The only thing to watch out for is that if you are tunneling everything (even non-private stuff) the admins might notice that your machine has an unusually high amount of traffic on port 22 (SSH) always going to the same server, and they could probably figure out what you’re doing, or at least be suspicious even if they didn’t know what you were doing. They still couldn’t read your traffic, but they could try things like blocking that port (which is no problem since you can use any port, and it’s unlikely they will block all ports). It’s actually more likely that they would restrict you in a non-technical manner; ie: have your boss tell you to knock it off or you’ll get fired. All that being said, a lot of admins do not monitor logs like they should, so they may not notice, and if they do, they might be cool and have no problem with it.

I will try to check out my squid configuration file later and pull out the relevant pieces that you need to watch out for. (It’s been a while since I set it up). I could look at the firewall config too, if you want to call me on my cell phone or just give me the info next time I see you in person.

I got it to work.

YES.

I just need to check that I locked it down to my work ip only. Then Jared, we can look at my firewall soon. Or maybe you can check by using the ip on the tagboard.

Thanks.

When your viewing porn and your boss walks into your office they can see what your doing. Busted!

So I have it set up and I am using my proxy server as we speak. But how secure is it? Can my work see what I am doing? Or capture packets?

It’s pretty fast too, and now I can surf anywhere without a dumb filter hindering my gmail access or my porn access.