Well you could use squids built in blacklist capabilities instead of
adding complexity by trying to us squidGard or DansGuardian,
particularly if your a noob at squid. Ive taken a look at them and
decided that its too much effort to try and implement, Rather, this is
how ive done it.
Try this instead, its what I do.
created a blacklist file, and place it somewhere, mine is in my squid dir
/etc/squid3/squid-block.acl (u can name it whatever u want of course)
add a few test entries to this file in the following format
.pornsite.com
.unwantedsite.com
.whatevershit.com
.someshitwebsite.com
the . will ensure thatwww.pornsite.com or any subdomain is also blocked.
So next add these lines to your squid.conf
#========blacklist by haxradio.com==========
acl blacklist dstdomain "/etc/squid3/squid-block.acl"
http_access deny blacklist
#==================================
then do
squid3 +k reconfigure (assuming that your running squid3.x series)
Voila, you are blocking sites using a black list my friend.
btw, just ignore the stupid warning messages. they do not affect the
functionality of this feature and ive learned
to just ignore them.
Thanks to Amos for helping me to properly do this.
On 03/05/2012 05:19 PM, jeffrey j donovan wrote:
> On Mar 5, 2012, at 8:40 AM, Muhammad Yousuf Khan wrote:
>
>
>> can some one plz help. i followed
>> http://wiki.debian.org/DebianEdu/HowTo/SquidGuard and using lenny
>> squid 2.7 and squidguard 1.2.0
>>
>> i write the below line at the end of squid.conf
>> redirect_program /usr/bin/squidGuard
>>
> okay
>
>
>> i denied "ads" in squidGuard.conf and "addme.com" is a domain which i
>> am sure is in the list of blocklist database.
>> now when i go to "addme.com" it just open the website (which i dont want though)
>>
>> here is squidGuard.conf rule.
>>
>> dest adult {
>> domainlist ads/domains
>> # urllist /var/lib/squidguard/db/blacklists/porn/urls
>> # expressionlist adult/expressions
>> redirect http://google.com
>>
>> }
>>
> you need to supply a source and destination. basically who is allowed to access squidguard. and then tell squidguard what to do with the clients request,..allow or deny.
>
> eg;
> dbhome /usr/local/squidGuard/db
> logdir /usr/local/squidGuard/log
>
>
> #
> # SOURCE ADDRESSES:
>
> src admin {
> ip 10.1.1.1
> }
>
> src fooclients {
> ip 10.132.0.0/16 10.155.0.0/16
> }
>
> src freedomzone {
> ip 10.154.1.0/24 10.154.2.0/24
> }
> # DESTINATION CLASSES:
> #
> dest whitelist {
> domainlist whitelist/domains
> }
> dest education {
> domainlist education/schools/domains
> urllist education/schools/urls
> }
> dest denied {
> domainlist denied/domains
> urllist denied/urls
> redirect http://10.0.2.3/surfb1.html
> log deniedaccess.log
> }
>
> acl {
> admin {
> pass any
> }
>
> fooclients {
> pass whitelist education !denied any
> } else {
> pass any
> }
> freedomzone {
> pass whitelist education !pornexp !porn any
> redirect http://staff2.beth.k12.pa.us/index.html
> } else {
> pass any
> }
>
> default {
> pass none
> redirect http://10.0.2.3/index.html
> }
> }
>
>
>
>
>
>> here is squidguard log. /var/log/squid/squidGuard.log
>>
>> 2012-03-05 08:06:53 [4180] squidGuard 1.2.0 started (1330952813.099)
>> 2012-03-05 08:06:53 [4180] recalculating alarm in 30187 seconds
>> 2012-03-05 08:06:53 [4180] squidGuard ready for requests (1330952813.101)
>> 2012-03-05 08:06:53 [4182] destblock good missing active content, set inactive
>> 2012-03-05 08:06:53 [4182] destblock local missing active content, set inactive
>> 2012-03-05 08:06:53 [4182] init domainlist /var/lib/squidguard/db/ads/domains
>> 2012-03-05 08:06:53 [4182] loading dbfile /var/lib/squidguard/db/ads/domains.db
>> 2012-03-05 08:06:53 [4182] squidGuard 1.2.0 started (1330952813.107)
>> 2012-03-05 08:06:53 [4182] recalculating alarm in 30187 seconds
>> 2012-03-05 08:06:53 [4182] squidGuard ready for requests (1330952813.108)
>>
>> here is access.log.the thing which is making me confuse that redirect
>> tag is not present which suppose to be there. however i can not find
>> any redirect tag in default 2.7 squid.conf file. can u please tell me
>> what is going on and how can i redirect or can solve the issue
>>
>> 1330953994.304 640 10.51.100.240 TCP_CLIENT_REFRESH_MISS/200 1910
>> GET http://www.addme.com/favicon.ico - DIRECT/69.43.161.4 image/x-icon
>>
>>
>> Thanks,
>>
>
Received on Tue Mar 06 2012 - 01:51:20 MST
This archive was generated by hypermail 2.2.0 : Tue Mar 06 2012 - 12:00:02 MST