Rikunj wrote:
> Yes, it is.
> *
> url_regex*: URL regular expression pattern matching
> http://www.squid-cache.org/Doc/FAQ/FAQ-10.html#ss10.4
>
> Rikunj
>
I don't think I'm going to get this just by looking at the
documentation. I only understand technical things when I begin to see
what was going on in the mind of the person who designed it. Here all
the documentation seems to assume you already understand most of the
concepts.
I'm using squid 2.5.STABLE10 and squidguard 1.2.0 on SuSE 10.0.
At present out squidguard.conf looks like this:
--------------BEGIN squidguard.conf---------------------
logdir /var/log/squidGuard
dbhome /var/lib/squidGuard/db/blacklists
dest prospect-goodstuff {
domainlist prospect-goodstuff/domains
urllist prospect-goodstuff/urls
expressionlist prospect-goodstuff/expressions
}
dest prospect-badstuff {
domainlist prospect-badstuff/domains
urllist prospect-badstuff/urls
expressionlist prospect-badstuff/expressions
}
dest adult {
domainlist adult/domains
urllist adult/urls
expressionlist adult/expressions
expressionlist adult/very_restrictive_expression
}
dest agressif {
domainlist agressif/domains
urllist agressif/urls
expressionlist agressif/expressions
}
dest audio-video {
domainlist audio-video/domains
urllist audio-video/urls
expressionlist audio-video/expressions
}
dest dangerous_material {
domainlist dangerous_material/domains
urllist dangerous_material/urls
expressionlist dangerous_material/expressions
}
...
dest warez {
domainlist warez/domains
urllist warez/urls
expressionlist warez/expressions
}
acl {
default {
pass prospect-goodstuff !prospect-badstuff !adult !agressif
!audio-video !dangerous_material ... !warez all
redirect
http://localhost/cgi-bin/squidGuard?clientaddr=%a&clientname=%n&clientuser=%i&clientgroup=%s&url=%u
}
}
---------------END squidguard.conf----------------------
All the lists except the first two (names beginning prospect) are
re-downloaded regularly by a cron job running as root which then does
the following:
--------------------BEGIN----------------
cd ~
chown -R squid:nogroup /var/lib/squidGuard/db
echo Compiling...
/usr/sbin/squidGuard -C all
chown -R squid:nogroup /var/lib/squidGuard/db
echo Reconfiguring...
/usr/sbin/squid -k reconfigure
chown -R squid:nogroup /var/lib/squidGuard/db
echo Done.
---------------------END-----------------
I have two problems at the moment.
1. Expressions I've added in .../prospect-badstuff/expressions appear to
be totally ignored.
------------- BEGIN .../prospect-badstuff/expressions --------
(^|[-\.\?+=/_&])(rude1|rude2|rude3|rude4|rude5|...)([-\.\?+=/_&]|$)
(^|[-\.\?+=/_&])(hot|hardcore|big|cyber|hard|huge|mega|small|soft|super|tiny)?(bad1|bad2|bad3|bad4|bad5|...|xxx+)s?([-\.\?+=/_&]|$)
-------------- END .../prospect-badstuff/expressions ---------
For example URLs with rude1 in them are not blocked.
2. I'm unsure what is supposed to go in the domains files such as
.../prospect-goodstuff/domains. By trial and error I've found adding
both domain.com and www.domain.com works well enough but I really want
to match domain.com and anything.domain.com. I found some documentation
that suggested I put .domain.com in the domains file but that doesn't
appear to match anything at all.
3. Blocked squid attempts to redirect https: URLs to "http:443". Can I
make an error message show instead?
Please help.
TIA
-- Brian Gregory. brian.gregory05@btconnect.com Computer Room Volunteer. Therapy Centre. Prospect Park Hospital.Received on Thu Jul 27 2006 - 05:55:48 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Aug 01 2006 - 12:00:02 MDT