I'm trying to use squidGuard with squid to provide a filter for our internet connection here at home. I installed the blacklists, configured squidGuard to read the blacklist (at least I THOUGHGT I did), configured squid to call squidGuard, etc...
Problem 1: On a graphical browser (internet explorer, netscape, mozilla, etc..) when traffic is directed to the proxy, it just sits there, forever. Does not matter if the site is blacklisted or not
Problem 2: on a text only browser (tested using elinks), the proxy allows access to ANY site, blacklisted or not. I called elinks as:
HTTP_PROXY='localhost:3128' elinks www.blacklsitedsite.com
the result was that squid grabbed the home page from blacklisted site and forwarded it to the browser. I know it went through squid because in squid's access log I see a HTTP MISS for the site.
I'm including my squidGuard and squid config files. Can anyone shed any light on whats up?
thanks!!
--- Dan
squidGuard.conf:
# # CONFIG FILE FOR SQUIDGUARD # # See http://www.squidguard.org/config/ for more examples #
dbhome /var/squidGuard/blacklists logdir /var/log/squidGuard
dest ads {
log ads
domainlist ads/domains
urllist ads/urls
}dest audio-video {
log audio-video
domainlist audio-video/domains
urllist audio-video/urls
}dest aggressive {
log aggressive
domainlist aggressive/domains
urllist aggressive/urls
}dest drugs {
log drugs
domainlist drugs/domains
urllist drugs/urls
}dest gambling{
log gambling
domainlist gambling/domains
urllist gambling/urls
}dest hacking {
log hacking
domainlist hacking/domains
urllist hacking/urls
}#dest mail {
# log mail
# domainlist mail/domains
# urllist mail/urls
#}dest porn{
log porn
domainlist porn/domains
urllist porn/urls
}#dest proxy{
# log proxy
# domainlist proxy/domains
# urllist proxy/urls
#}dest violence{
log violence
domainlist violence/domains
urllist violence/urls
}dest warez{
log warez
domainlist warez/domains
urllist warez/urls
}#dest local-ok{
# domainlist local-ok/domains
# urllist local-ok/urls
#}#dest local-block{
# log local-block
# domainlist local-block/domains
# urllist local-block/urls
#}acl {
default {
pass !aggressive !drugs !gambling !hacking !porn !violence !warez all
redirect 302:http://eglifamily.dnsalias.net/cgi-bin/squidGuard.cgi?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetgroup=%t&url=%u
# redirect 302:http://eglifamily.dnsalias.net/cgi-bin/squidGuard-simple.cgi?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetclass=%t&url=%u
}
}
squid.conf: (whole file is over 100k, but here's the redirector line)
# TAG: redirect_program # Specify the location of the executable for the URL redirector. # Since they can perform almost any function there isn't one included. # See the FAQ (section 15) for information on how to write one. # By default, a redirector is not used. # #Default: # none
redirect_program /usr/local/bin/squidGuard -c /etc/squid/squidGuard.conf redirect_children 5
