A couple of things appear wrong.
1) Your ACL section has no headings, so none of the source definitions are
used
2) theres a time definition called workhours - do you really have work hours
from midnight till 8 pm (ie, 20 hour days ?)
3) the time definition isn't used anywhere
4) there was no default acl
Heres an updated version of the same (it might line-wrap, blue stuff denotes
a change)
> --- Begin squidGuard.conf
>
> #----------------------------------------------------------------
> # SquidGuard CONFIGURATION FILE
> #----------------------------------------------------------------
>
> # CONFIGURATION DIRECTORIES
> dbhome /usr/share/squidGuard-1.1.4/db
> logdir /var/log/squidGuard
>
> # TIME RULES:
> # abbrev for weekdays:
> # s = sun, m = mon, t =tue, w = wed, h = thu, f = fri, a = sat
>
> time workhours {
> weekly s 00:00 - 20:00
> weekly m 00:00 - 20:00
> weekly t 00:00 - 20:00
> weekly w 00:00 - 20:00
> weekly h 00:00 - 20:00
> weekly f 00:00 - 20:00
> weekly a 00:00 - 20:00
> }
>
> # SOURCE ADDRESSES:
> src privilegedsource { iplist privilegedsource/ips}
> src bannedsource { iplist bannedsource/ips}
> src lansource { ip 192.168.1.0-192.168.207.254 }
>
> # DESTINATION CLASSES:
> destination approved {
> domainlist approved/domains
> urllist approved/urls
> }
>
> destination bl_proxy {
> domainlist blacklists/proxy/domains
> urllist blacklists/proxy/urls
> }
>
> destination bl_warez {
> domainlist blacklists/warez/domains
> urllist blacklists/warez/urls
> }
>
> destination bl_porn {
> domainlist blacklists/porn/domains
> urllist blacklists/porn/urls
> }
>
> destination bl_gambling {
> domainlist blacklists/gambling/domains
> urllist blacklists/gambling/urls
> }
>
> destination bl_hacking {
> domainlist blacklists/hacking/domains
> urllist blacklists/hacking/urls
> }
>
> destination bl_aggressive {
> domainlist blacklists/aggressive/domains
> urllist blacklists/aggressive/urls
> }
>
> destination bl_ads {
> domainlist blacklists/ads/domains
> urllist blacklists/ads/urls
> }
>
> dest porn {
> domainlist porn/domains
> urllist porn/urls
> expressionlist porn/expressions
> }
>
> dest adult {
> domainlist adult/domains
> urllist adult/urls
> expressionlist adult/expressions
> }
>
> dest audio-video {
> domainlist audio-video/domains
> urllist audio-video/urls
> }
>
> dest forums {
> domainlist forums/domains
> urllist forums/urls
> expressionlist forums/expressions
> }
>
> dest hacking {
> domainlist hacking/domains
> urllist hacking/urls
> }
>
> dest redirector {
> domainlist redirector/domains
> urllist redirector/urls
> expressionlist redirector/expressions
> }
>
> dest warez {
> domainlist warez/domains
> urllist warez/urls
> }
>
> dest ads {
> domainlist ads/domains
> urllist ads/urls
> }
>
> dest aggressive {
> domainlist aggressive/domains
> urllist aggressive/urls
> }
>
> dest drugs {
> domainlist drugs/domains
> urllist drugs/urls
> }
>
> dest gambling {
> domainlist gambling/domains
> urllist gambling/urls
> }
>
> dest publicite {
> domainlist publicite/domains
> urllist publicite/urls
> expressionlist publicite/expressions
> }
>
> dest violence {
> domainlist violence/domains
> urllist violence/urls
> expressionlist violence/expressions
> }
>
>
> dest banneddestination {
> domainlist banneddestination/domains
> urllist banneddestination/urls
> expressionlist banneddestination/expressions
> }
>
> dest advertising {
> domainlist advertising/domains
> urllist advertising/urls
> redirect http://127.0.0.1/cgi-bin/nulbanner.png
> log /var/log/squidGuard/advertising.log
>
>
> }
>
> # ACLs
> acl {
privelagedsource {
pass !ads all
}
bannedsource {
pass approved none
}
lansource within worktime {
> pass approved !bl_proxy !bl_warez !bl_porn !bl_gambling
> !bl_hacking !bl_aggressive !bl_ads !in-addr !porn !adult !audio-video
> !forums !hacking !redirector !warez !ads !aggressive !drugs !gambling
> !publicite !violence !banneddestination !advertising all
> redirect
> http://127.0.0.1/cgi-bin/squidGuard.cgi?clientaddr=%a&srcclass=%s&targetcl
> ass=%t&url=%u
} else {
pass all
> redirect
> http://127.0.0.1/cgi-bin/squidGuard.cgi?clientaddr=%a&srcclass=%s&targetcl
> ass=%t&url=%u
> }
default {
pass none
redirect
http://intranet.avonside.school.nz/errors/badip.html
}
}
> ----------
> From: St John Tech Support[SMTP:[EMAIL PROTECTED]]
> Sent: Tuesday, October 23, 2001 5:10 PM
> To: [EMAIL PROTECTED]
> Subject: Help! Please
>
> Okay I have Squid / SquidGuard running on a box with two network cards in
> it. This box is setup to do NAT (network address translation) from my
> internale net work 192.168.*.* to the external ip address. I am having
> troubles getting SquidGuard to bock sites in the black list this is what I
> have for my config file. Any Ideas on why it's not blocking the sites in
> my
> blacklist or anyother list.
>
> Thanks in advance
> Brent Higgs
>
> --- Begin squidGuard.conf
>
> #----------------------------------------------------------------
> # SquidGuard CONFIGURATION FILE
> #----------------------------------------------------------------
>
> # CONFIGURATION DIRECTORIES
> dbhome /usr/share/squidGuard-1.1.4/db
> logdir /var/log/squidGuard
>
> # TIME RULES:
> # abbrev for weekdays:
> # s = sun, m = mon, t =tue, w = wed, h = thu, f = fri, a = sat
>
> time workhours {
> weekly s 00:00 - 20:00
> weekly m 00:00 - 20:00
> weekly t 00:00 - 20:00
> weekly w 00:00 - 20:00
> weekly h 00:00 - 20:00
> weekly f 00:00 - 20:00
> weekly a 00:00 - 20:00
> }
>
> # SOURCE ADDRESSES:
> src privilegedsource {
> iplist privilegedsource/ips
> }
>
> src bannedsource {
> iplist bannedsource/ips
> }
>
>
>
> src lansource {
> ip 192.168.1.0-192.168.207.255
> }
>
> # DESTINATION CLASSES:
> destination bl_proxy {
> domainlist blacklists/proxy/domains
> urllist blacklists/proxy/urls
> }
>
> destination bl_warez {
> domainlist blacklists/warez/domains
> urllist blacklists/warez/urls
> }
>
> destination bl_porn {
> domainlist blacklists/porn/domains
> urllist blacklists/porn/urls
> }
>
> destination bl_gambling {
> domainlist blacklists/gambling/domains
> urllist blacklists/gambling/urls
> }
>
> destination bl_hacking {
> domainlist blacklists/hacking/domains
> urllist blacklists/hacking/urls
> }
>
> destination bl_aggressive {
> domainlist blacklists/aggressive/domains
> urllist blacklists/aggressive/urls
> }
>
> destination bl_ads {
> domainlist blacklists/ads/domains
> urllist blacklists/ads/urls
> }
>
> dest porn {
> domainlist porn/domains
> urllist porn/urls
> expressionlist porn/expressions
> }
>
> dest adult {
> domainlist adult/domains
> urllist adult/urls
> expressionlist adult/expressions
> }
>
> dest audio-video {
> domainlist audio-video/domains
> urllist audio-video/urls
> }
>
> dest forums {
> domainlist forums/domains
> urllist forums/urls
> expressionlist forums/expressions
> }
>
> dest hacking {
> domainlist hacking/domains
> urllist hacking/urls
> }
>
> dest redirector {
> domainlist redirector/domains
> urllist redirector/urls
> expressionlist redirector/expressions
> }
>
> dest warez {
> domainlist warez/domains
> urllist warez/urls
> }
>
> dest ads {
> domainlist ads/domains
> urllist ads/urls
> }
>
> dest aggressive {
> domainlist aggressive/domains
> urllist aggressive/urls
> }
>
> dest drugs {
> domainlist drugs/domains
> urllist drugs/urls
> }
>
> dest gambling {
> domainlist gambling/domains
> urllist gambling/urls
> }
>
> dest publicite {
> domainlist publicite/domains
> urllist publicite/urls
> expressionlist publicite/expressions
> }
>
> dest violence {
> domainlist violence/domains
> urllist violence/urls
> expressionlist violence/expressions
> }
>
>
> dest banneddestination {
> domainlist banneddestination/domains
> urllist banneddestination/urls
> expressionlist banneddestination/expressions
> }
>
> dest advertising {
> domainlist advertising/domains
> urllist advertising/urls
> redirect http://127.0.0.1/cgi-bin/nulbanner.png
> log /var/log/squidGuard/advertising.log
>
>
> }
>
> # ACLs
> acl {
> {
> pass !bl_proxy !bl_warez !bl_porn !bl_gambling !bl_hacking
> !bl_aggressive
> !bl_ads !in-addr !porn !adult !audio-video !forums !hacking !redirector
> !warez !ads !aggressive !drugs !gambling !publicite !violence
> !banneddestination !advertising all
> redirect
> http://127.0.0.1/cgi-bin/squidGuard.cgi?clientaddr=%a&srcclass=%s&targetcl
> as
> s=%t&url=%u
>
> }
> }
>
