I have posted to the squidGuard list, but haven't received a reply yet, so I
am hoping someone here can help.
I am trying to get squidGuard working with LDAP search for group membership.
I am trying to get 1.3 running on OpenSUSE 10.3. I have also tried 1.2.1
with the same results. When I run:
/usr/bin/squidGuard -c /etc/squid/squidGuard.conf -d
I get:
2008-01-09 20:55:31 [9296] New setting: logdir: /var/log/squidGuard
2008-01-09 20:55:31 [9296] New setting: dbhome: /var/lib/squidGuard/db
2008-01-09 20:55:31 [9296] New setting: ldapbinddn: cn=ldapbind, dc=domain,
dc=com
2008-01-09 20:55:31 [9296] New setting: ldapbindpass: myultrasecretpassword1
2008-01-09 20:55:31 [9296] New setting: ldapcachetime: 300
2008-01-09 20:55:31 [9296] New setting: ldapprotover: 2
2008-01-09 20:55:31 [9296] syntax error in
configfile /etc/squid/squidGuard.conf line 11
2008-01-09 20:55:31 [9296] going into emergency mode
Here is my config:
logdir /var/log/squidGuard
dbhome /var/lib/squidGuard/db
ldapbinddn cn=ldapbind, dc=hiddenlakeacademy, dc=com
ldapbindpass myultrasecretpassword1
# ldap cache time in seconds
ldapcachetime 300
ldapprotover 2
src proxyadmins {
ldapusersearch
ldap://10.20.8.32/cn=ProxyAdmin,ou=Proxy,ou=Groups,dc=hiddenlakeacademy,dc=com?sAMAccountName?sub?
(&(objectClass=Person)(sAMAccountName=%s))
}
src proxymanagers {
ldapusersearch
ldap://10.20.8.32/cn=ProxyManage,ou=Proxy,ou=Groups,dc=hiddenlakeacademy,dc=com?sAMAccountName?sub?
(&(objectClass=Person)(sAMAccountName=%s))
}
src proxystaff {
ldapusersearch
ldap://10.20.8.32/cn=ProxyStaff,ou=Proxy,ou=Proxydc=hiddenlakeacademy,dc=com?sAMAccountName?sub?
(&(objectClass=Person)(sAMAccountName=%s))
}
src proxystudents {
ldapusersearch
ldap://10.20.8.32/cn=ProxyStudents,ou=Proxy,ou=Proxy,dc=hiddenlakeacademy,dc=com?sAMAccountName?sub?
(&(objectClass=Person)(sAMAccountName=%s))
}
dest bl_searchengines {
}
dest bl_weather {
}
dest bl_cleaning {
}
dest bl_ecommerce {
}
dest bl_beerliquorsale {
}
dest bl_culinary {
}
dest bl_banking {
}
dest bl_whitelist-stud {
}
dest bl_childcare {
}
dest bl_gardening {
}
dest bl_naturism {
}
dest bl_cellphones {
}
dest bl_onlineauctions {
}
dest bl_sports {
}
dest bl_sportnews {
}
dest bl_desktopsillies {
}
dest bl_whitelist-admin {
}
dest bl_updatesites {
}
dest bl_socialnetworking {
}
dest bl_antispyware {
}
dest bl_jobsearch {
}
dest bl_redirector {
}
dest bl_entertainment {
}
dest bl_pets {
}
dest bl_news {
}
dest bl_government {
}
dest bl_financial {
}
dest bl_clothing {
}
dest bl_audio-video {
}
dest bl_sect {
}
dest bl_whitelist-staff {
}
dest bl_religion {
}
dest bl_homerepair {
}
dest bl_filehosting {
}
dest bl_beerliquorinfo {
}
dest bl_spyware {
}
dest bl_hacking {
}
dest bl_reaffected {
}
dest bl_radio {
}
dest bl_astrology {
}
dest bl_verisign {
}
dest bl_ringtones {
}
dest bl_jewelry {
}
dest bl_vacation {
}
dest bl_hygiene {
}
dest bl_shopping {
}
dest bl_onlinepayment {
}
dest bl_medical {
}
dest bl_mobile-phone {
}
dest bl_personalfinance {
}
dest bl_marketingware {
}
dest bl_frencheducation {
}
dest bl_mixed_adult {
}
dest bl_suspect {
}
dest bl_whitelist {
}
dest bl_whitelist-manage {
}
dest bl_aggressive {
}
dest bl_gambling {
}
dest bl_virusinfected {
}
dest bl_dating {
}
dest bl_mail {
}
dest bl_kidstimewasting {
}
dest bl_games {
}
dest bl_violence {
}
dest bl_webmail {
}
dest bl_porn {
}
dest bl_blog {
}
dest bl_instantmessaging {
}
dest bl_warez {
}
dest bl_onlinegames {
}
dest bl_phishing {
}
dest bl_artnudes {
}
dest bl_guns {
}
dest bl_weapons {
}
dest bl_ads {
}
dest bl_drugs {
}
dest bl_chat {
}
dest bl_proxy {
}
dest bl_dialers {
}
dest bl_sexuality {
}
dest bl_adult {
}
dest blacklist {
domainlist blacklist/domains
urllist blacklist/urls
}
acl {
blall {
pass !bl_searchengines !bl_weather !bl_cleaning !bl_ecommerce
!bl_beerliquorsale !bl_culinary !bl_banking !bl_whitelist-stud !bl_childcare
!bl_gardening !bl_naturism !bl_cellphones !bl_onlineauctions !bl_sports
!bl_sportnews !bl_desktopsillies !bl_whitelist-admin !bl_updatesites
!bl_socialnetworking !bl_antispyware !bl_jobsearch !bl_redirector
!bl_entertainment !bl_pets !bl_news !bl_government !bl_financial !bl_clothing
!bl_audio-video !bl_sect !bl_whitelist-staff !bl_religion !bl_homerepair
!bl_filehosting !bl_beerliquorinfo !bl_spyware !bl_hacking !bl_reaffected
!bl_radio !bl_astrology !bl_verisign !bl_ringtones !bl_jewelry !bl_vacation
!bl_hygiene !bl_shopping !bl_onlinepayment !bl_medical !bl_mobile-phone
!bl_personalfinance !bl_marketingware !bl_frencheducation !bl_mixed_adult
!bl_suspect !bl_whitelist !bl_whitelist-manage !bl_aggressive !bl_gambling
!bl_virusinfected !bl_dating !bl_mail !bl_kidstimewasting !bl_games
!bl_violence !bl_webmail !bl_porn !bl_blog !bl_instantmessaging !bl_warez
!bl_onlinegames !bl_phishing !bl_artnudes !bl_guns !bl_weapons !bl_ads
!bl_drugs !bl_chat !bl_proxy !bl_dialers !bl_sexuality !bl_adult
any
}
proxyadmins {
pass bl_whitelist_students bl_whitelist_staff bl_whitelist_manage
bl_whitelist_admin !bl_naturism !bl_redirector !bl_spyware !bl_hacking
!bl_reaffected !bl_shopping !bl_marketingware !bl_mixed_adult !bl_suspect
!bl_gambling !bl_virusinfected !bl_dating !bl_mail !bl_kidstimewasting
!bl_games !bl_webmail !bl_blog !bl_instantmessaging !bl_warez !bl_onlinegames
!bl_phishing !bl_artnudes !bl_guns !bl_weapons !bl_ads !bl_drugs !bl_chat
!bl_proxy !bl_dialers !bl_sexuality !bl_adult
all
redirect
http://proxy.hiddenlakeacademy.com/blocked.php?clientaddr=%a&clientname=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u
}
proxymanagers {
pass bl_whitelist_students bl_whitelist_staff
bl_whitelist_manage !bl_naturism !bl_redirector !bl_spyware !bl_hacking
!bl_reaffected !bl_shopping !bl_marketingware !bl_mixed_adult !bl_suspect
!bl_gambling !bl_virusinfected !bl_dating !bl_mail !bl_kidstimewasting
!bl_games !bl_webmail !bl_blog !bl_instantmessaging !bl_warez !bl_onlinegames
!bl_phishing !bl_artnudes !bl_guns !bl_weapons !bl_ads !bl_drugs !bl_chat
!bl_proxy !bl_dialers !bl_sexuality !bl_adult
all
redirect
http://proxy.hiddenlakeacademy.com/blocked.php?clientaddr=%a&clientname=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u
}
proxystaff {
pass bl_whitelist_students
bl_whitelist_staff !bl_naturism !bl_redirector !bl_spyware !bl_hacking
!bl_reaffected !bl_shopping !bl_marketingware !bl_mixed_adult !bl_suspect
!bl_gambling !bl_virusinfected !bl_dating !bl_mail !bl_kidstimewasting
!bl_games !bl_webmail !bl_blog !bl_instantmessaging !bl_warez !bl_onlinegames
!bl_phishing !bl_artnudes !bl_guns !bl_weapons !bl_ads !bl_drugs !bl_chat
!bl_proxy !bl_dialers !bl_sexuality !bl_adult
all
redirect
http://proxy.hiddenlakeacademy.com/blocked.php?clientaddr=%a&clientname=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u
}
proxystudents {
pass bl_whitelist_students none
redirect
http://proxy.hiddenlakeacademy.com/blocked.php?clientaddr=%a&clientname=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u
}
default {
pass none
redirect
http://proxy.hiddenlakeacademy.com/blocked.php?clientaddr=%a&clientname=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u
}
}
Rob Hutton
Service Manager
GetUWired
www.getuwired.us
(877) 236-9094
