-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Ok. Hopefully someone here can help me out. I tried sending this to the squidguard list, but I think it's defunct or somthing because I got no replies and didn't even get a copy of my own messages.
I'm trying to use squidGuard with squid to provide a filter for our internet connection here at home. I installed the blacklists, configured squidGuard to read the blacklist (at least I THOUGHGT I did), configured squid to call squidGuard, etc...
Problem 1: On a graphical browser (internet explorer, netscape, mozilla, etc..) when traffic is directed to the proxy, it just sits there, forever. Does not matter if the site is blacklisted or not
Problem 2: on a text only browser (tested using elinks), the proxy allows access to ANY site, blacklisted or not. I called elinks as: HTTP_PROXY='localhost:3128' elinks www.blacklsitedsite.com
the result was that squid grabbed the home page from blacklisted site and forwarded it to the browser. I know it went through squid because in squid's access log I see a HTTP MISS for the site.
I'm including my squidGuard and squid config files. Can anyone shed any light on whats up?
thanks!!
- --- Dan
squidGuard.conf:
# # CONFIG FILE FOR SQUIDGUARD # # See http://www.squidguard.org/config/ for more examples #
dbhome /var/squidGuard/blacklists logdir /var/log/squidGuard
dest ads {
~ log ads
~ domainlist ads/domains
~ urllist ads/urls
}dest audio-video {
~ log audio-video
~ domainlist audio-video/domains
~ urllist audio-video/urls
}dest aggressive {
~ log aggressive
~ domainlist aggressive/domains
~ urllist aggressive/urls
}dest drugs {
~ log drugs
~ domainlist drugs/domains
~ urllist drugs/urls
}dest gambling{
~ log gambling
~ domainlist gambling/domains
~ urllist gambling/urls
}dest hacking {
~ log hacking
~ domainlist hacking/domains
~ urllist hacking/urls
}#dest mail {
# log mail
# domainlist mail/domains
# urllist mail/urls
#}dest porn{
~ log porn
~ domainlist porn/domains
~ urllist porn/urls
}#dest proxy{
# log proxy
# domainlist proxy/domains
# urllist proxy/urls
#}dest violence{
~ log violence
~ domainlist violence/domains
~ urllist violence/urls
}dest warez{
~ log warez
~ domainlist warez/domains
~ urllist warez/urls
}#dest local-ok{
# domainlist local-ok/domains
# urllist local-ok/urls
#}#dest local-block{
# log local-block
# domainlist local-block/domains
# urllist local-block/urls
#}
acl { ~ default { ~ pass !aggressive !drugs !gambling !hacking !porn !violence !warez all
~ redirect 302:http://eglifamily.dnsalias.net/cgi-bin/squidGuard.cgi?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetgroup=%t&url=%u ~ # redirect 302:http://eglifamily.dnsalias.net/cgi-bin/squidGuard-simple.cgi?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetclass=%t&url=%u ~ } }
squid.conf: (whole file is over 100k, but here's the redirector line)
# TAG: redirect_program # Specify the location of the executable for the URL redirector. # Since they can perform almost any function there isn't one included. # See the FAQ (section 15) for information on how to write one. # By default, a redirector is not used. # #Default: # none
redirect_program /usr/local/bin/squidGuard -c /etc/squid/squidGuard.conf redirect_children 5
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE/it8GtwT22Jak4/4RAs2BAJ9lSG4p+7glE4y/5IY1NuwppuzBKQCg3YGV uxxSkwbzqseYGcLwrwh2E3Y= =Ylda -----END PGP SIGNATURE-----
