> I removed them and things worked fine. Until I added the > /blacklist/pron/urls, squidGuard went back to it's > default of allow all. That's not the default; from <http://www.squidguard.org/doc/>: Please note: If something is terribly wrong (like syntax error in squidGuard.conf) squidGuard will fallback to a pass all for all mode. This is an intentional feature not a bug! squidGuard can't resume normal operation from this mode without being restarted by a HUP signal to Squid (not squidGuard). ---------------------------- >From <http://www.squidguard.org/faq/>: 3. squidGuard does not block? There may be at least 2 reasons for this: 1) You didn't end your pass rules with "none". Pass rules ends with an implicit "all". It is good practice to always en the pass rules with either "all" or "none" to make them clear. Ie. use: pass good none or pass good !bad all 2) squidGuard goes into emergency mode. Reasons may be syntax errors in the config file, reference to non existing database files, file protection problems or missing directories. Check the squidGuard log. NOTE: When run under Squid, squidGuard is run with the same user and group ID as Squid (cache_effective_user and cache_effective_group in squid.conf). The squidGuard configuration and database files must be readable for this user and/or group and the squidGuard log directory must be writable for this user and/or group. If not squidGuard will go into the "pass all for all" emergency mode. ---------------------------- > Question: Should squidGuard tell me if it has a problem reading > in one of the destination files? If it should be logging this > information, where to, the squid log file or the squidGuard log file? See squidGuard does not block (3.2) above. Please also re-read the NOTE: above. Here are a two sample emergency mode errors from my squidGuard.log file: 2000-01-21 06:39:09 [8531] init domainlist /usr/local/squidGuard/db/porn/domains 2000-01-21 06:39:09 [8531] loading dbfile /usr/local/squidGuard/db/porn/domains.db 2000-01-21 06:39:09 [8531] Error db_open: Permission denied 2000-01-21 06:39:09 [8531] going into emergency mode 2000-05-05 22:27:18 [3487] init domainlist /blacklists/porn/domains 2000-05-05 22:27:18 [3487] loading dbfile /blacklists/porn/domains.db 2000-05-05 22:27:18 [3487] init urllist /blacklists/porn/urls 2000-05-05 22:27:18 [3487] loading dbfile /blacklists/porn/urls.db 2000-05-05 22:27:18 [3487] init expressionlist /blacklists/porn/expressions 2000-05-05 22:27:18 [3487] parse error in configfile squidGuard.conf line 10 2000-05-05 22:27:18 [3487] going into emergency mode ---------------------------- > My /usr/local/squidGuard/log/squidGuard.log reamins empty > when squid launches squidGuard. Information only appears > in the log file when I manually run squidGuard from the > command line. I have tried running it with a -d, squidGuard > does not say about having a problem with the urls file. Here's what's written to my squidGuard.log when squid launches squidGuard: 2001-08-12 04:03:34 [4208] init domainlist /blacklists/porn/domains 2001-08-12 04:03:34 [4208] loading dbfile /blacklists/porn/domains.db 2001-08-12 04:03:34 [4208] init urllist /blacklists/porn/urls 2001-08-12 04:03:34 [4208] loading dbfile /blacklists/porn/urls.db 2001-08-12 04:03:34 [4208] init domainlist /blacklists/aggressive/domains 2001-08-12 04:03:34 [4208] loading dbfile /blacklists/aggressive/domains.db 2001-08-12 04:03:34 [4208] init urllist /blacklists/aggressive/urls 2001-08-12 04:03:34 [4208] loading dbfile /blacklists/aggressive/urls.db 2001-08-12 04:03:34 [4208] init domainlist /blacklists/drugs/domains 2001-08-12 04:03:34 [4208] loading dbfile /blacklists/drugs/domains.db 2001-08-12 04:03:34 [4208] init urllist /blacklists/drugs/urls 2001-08-12 04:03:34 [4208] loading dbfile /blacklists/drugs/urls.db 2001-08-12 04:03:34 [4208] init domainlist /blacklists/hacking/domains 2001-08-12 04:03:34 [4208] loading dbfile /blacklists/hacking/domains.db 2001-08-12 04:03:34 [4208] init urllist /blacklists/hacking/urls 2001-08-12 04:03:34 [4208] loading dbfile /blacklists/hacking/urls.db 2001-08-12 04:03:34 [4208] init domainlist /blacklists/ads/domains 2001-08-12 04:03:34 [4208] loading dbfile /blacklists/ads/domains.db 2001-08-12 04:03:34 [4208] init urllist /blacklists/ads/urls 2001-08-12 04:03:34 [4208] loading dbfile /blacklists/ads/urls.db 2001-08-12 04:03:34 [4208] squidGuard 1.1.4 started (997607014.403) 2001-08-12 04:03:34 [4208] squidGuard ready for requests (997607014.789) If you are running 5 redirectors, you would see the full set of messages 5 times (the difference being the pid field [4208] would increment for each process.] It sounds like write caching may be involved in you not seeing changes to the log file when squid launches squidGuard. You might check that possibility. Rick -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Sam Carleton Sent: Sunday, August 12, 2001 12:40 PM To: squidguard Subject: logging and bad input files folks, I am start to figure out what my problem with squidGuard. When I started to cut back the size of my domains file, things worked. I found a few lines in the domains file (blacklist/pron/domains) that simply did not look like valid domains. They where near the end of the list. I removed them and things worked fine. Until I added the /blacklist/pron/urls, squidGuard went back to it's default of allow all. Question: Should squidGuard tell me if it has a problem reading in one of the destination files? If it should be logging this information, where to, the squid log file or the squidGuard log file? My /usr/local/squidGuard/log/squidGuard.log reamins empty when squid launches squidGuard. Information only appears in the log file when I manually run squidGuard from the command line. I have tried running it with a -d, squidGuard does not say about having a problem with the urls file. Sam
