Re: [squid-users] squid with squidguard issue

From: jeffrey j donovan <donovan_at_beth.k12.pa.us>
Date: Mon, 5 Mar 2012 20:19:05 -0500

On Mar 5, 2012, at 8:40 AM, Muhammad Yousuf Khan wrote:

> can some one plz help. i followed
> http://wiki.debian.org/DebianEdu/HowTo/SquidGuard and using lenny
> squid 2.7 and squidguard 1.2.0
>
> i write the below line at the end of squid.conf
> redirect_program /usr/bin/squidGuard

okay

>
> i denied "ads" in squidGuard.conf and "addme.com" is a domain which i
> am sure is in the list of blocklist database.
> now when i go to "addme.com" it just open the website (which i dont want though)
>
> here is squidGuard.conf rule.
>
> dest adult {
> domainlist ads/domains
> # urllist /var/lib/squidguard/db/blacklists/porn/urls
> # expressionlist adult/expressions
> redirect http://google.com
>
> }

you need to supply a source and destination. basically who is allowed to access squidguard. and then tell squidguard what to do with the clients request,..allow or deny.

eg;
dbhome /usr/local/squidGuard/db
logdir /usr/local/squidGuard/log

#
# SOURCE ADDRESSES:

src admin {
        ip 10.1.1.1
}

src fooclients {
        ip 10.132.0.0/16 10.155.0.0/16
}

src freedomzone {
        ip 10.154.1.0/24 10.154.2.0/24
}
# DESTINATION CLASSES:
#
dest whitelist {
        domainlist whitelist/domains
}
dest education {
        domainlist education/schools/domains
        urllist education/schools/urls
}
dest denied {
        domainlist denied/domains
        urllist denied/urls
        redirect http://10.0.2.3/surfb1.html
        log deniedaccess.log
}

acl {
        admin {
                pass any
        }

        fooclients {
                pass whitelist education !denied any
        } else {
                pass any
        }
        freedomzone {
                        pass whitelist education !pornexp !porn any
                        redirect http://staff2.beth.k12.pa.us/index.html
        } else {
                pass any
        }

        default {
                pass none
                redirect http://10.0.2.3/index.html
        }
}

>
> here is squidguard log. /var/log/squid/squidGuard.log
>
> 2012-03-05 08:06:53 [4180] squidGuard 1.2.0 started (1330952813.099)
> 2012-03-05 08:06:53 [4180] recalculating alarm in 30187 seconds
> 2012-03-05 08:06:53 [4180] squidGuard ready for requests (1330952813.101)
> 2012-03-05 08:06:53 [4182] destblock good missing active content, set inactive
> 2012-03-05 08:06:53 [4182] destblock local missing active content, set inactive
> 2012-03-05 08:06:53 [4182] init domainlist /var/lib/squidguard/db/ads/domains
> 2012-03-05 08:06:53 [4182] loading dbfile /var/lib/squidguard/db/ads/domains.db
> 2012-03-05 08:06:53 [4182] squidGuard 1.2.0 started (1330952813.107)
> 2012-03-05 08:06:53 [4182] recalculating alarm in 30187 seconds
> 2012-03-05 08:06:53 [4182] squidGuard ready for requests (1330952813.108)
>
> here is access.log.the thing which is making me confuse that redirect
> tag is not present which suppose to be there. however i can not find
> any redirect tag in default 2.7 squid.conf file. can u please tell me
> what is going on and how can i redirect or can solve the issue
>
> 1330953994.304 640 10.51.100.240 TCP_CLIENT_REFRESH_MISS/200 1910
> GET http://www.addme.com/favicon.ico - DIRECT/69.43.161.4 image/x-icon
>
>
> Thanks,
Received on Tue Mar 06 2012 - 01:19:12 MST

This archive was generated by hypermail 2.2.0 : Tue Mar 06 2012 - 12:00:02 MST