-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Rick,
You're right. That's exactly what I want squidGuard does: to DENY rather than
redirect. But I don't how to do it. I've put windowsupdate.microsoft.com into
the 'banneddestination' list, and that's what squidGuard does: redirecting
the request to "denied web page".
How to make squidGuard to DENY request rather than redirecting?
Below is my squidGuard.conf:
- ----------
#----------------------------------------------------------------
# SquidGuard CONFIGURATION FILE
#----------------------------------------------------------------
# CONFIGURATION DIRECTORIES
dbhome /usr/share/squidGuard-1.2.0/db
logdir /var/log/squidGuard
# TIME RULES:
# abbrev for weekdays:
# s = sun, m = mon, t =tue, w = wed, h = thu, f = fri, a = sat
time workhours {
weekly s 06:00-23:00
weekly m 06:00-23:00
weekly t 06:00-23:00
weekly w 06:00-23:00
weekly h 06:00-23:00
weekly f 06:00-23:00
weekly a 06:00-23:00
}
# SOURCE ADDRESSES:
src privilegedsource {
iplist privilegedsource/ips
}
src bannedsource {
iplist bannedsource/ips
}
src lansource {
ip 192.168.0.1-192.168.0.254
iplist lansource/lan
}
# DESTINATION CLASSES:
dest porn {
domainlist porn/domains
urllist porn/urls
expressionlist porn/expressions
}
dest adult {
domainlist adult/domains
urllist adult/urls
expressionlist adult/expressions
}
dest audio-video {
domainlist audio-video/domains
urllist audio-video/urls
}
dest forums {
domainlist forums/domains
urllist forums/urls
expressionlist forums/expressions
}
dest hacking {
domainlist hacking/domains
urllist hacking/urls
}
dest redirector {
domainlist redirector/domains
urllist redirector/urls
expressionlist redirector/expressions
}
dest warez {
domainlist warez/domains
urllist warez/urls
}
dest ads {
domainlist ads/domains
urllist ads/urls
}
dest aggressive {
domainlist aggressive/domains
urllist aggressive/urls
}
dest drugs {
domainlist drugs/domains
urllist drugs/urls
}
dest gambling {
domainlist gambling/domains
urllist gambling/urls
}
dest publicite {
domainlist publicite/domains
urllist publicite/urls
expressionlist publicite/expressions
}
dest violence {
domainlist violence/domains
urllist violence/urls
expressionlist violence/expressions
}
dest banneddestination {
domainlist banneddestination/domains
urllist banneddestination/urls
expressionlist banneddestination/expressions
}
dest advertising {
domainlist advertising/domains
urllist advertising/urls
redirect http://127.0.0.1/cgi-bin/nulbanner.png
log /var/log/squidGuard/advertising.log
}
# ACLs
acl {
privilegedsource {
pass !advertising all
redirect
http://127.0.0.1/cgi-bin/squidGuard.cgi?clientaddr=%a&srcclass=%s&targetclass=%t&url=%u
}
bannedsource {
pass none
redirect
http://127.0.0.1/cgi-bin/squidGuard.cgi?clientaddr=%a&srcclass=%s&targetclass=%t&url=%u
}
lansource {
pass !porn !adult !audio-video !ads !aggressive !drugs
!gambling !publicite !violence !banneddestination !advertising all
redirect
http://127.0.0.1/cgi-bin/squidGuard.cgi?clientaddr=%a&srcclass=%s&targetclass=%t&url=%u
}
default {
pass none
redirect
http://127.0.0.1/cgi-bin/squidGuard.cgi?clientaddr=%a&srcclass=%s&targetclass=%t&url=%u
}
}
Thanks.
- --
- --
This message was compose on a 100% GNU/Linux machine
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE/RIUdUrYxG8KGMVERAqfzAJwPN+XByeqlsXY+0pcYr91jyHLKjwCcDLrd
HjWyW+GTRFzq+DVFF/bv09c=
=NUQ7
-----END PGP SIGNATURE-----
Received on Thu Aug 21 2003 - 02:39:58 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:19:02 MST
