Thanks for your response Rick. What I learned is that the system I was
using to test (win 98) was always falling into the "default" category for
some reason. The "user" and "ip" were not registering as I would have
expected. The Linux box is my Primary Domain Controller, for the Windows
network. I'm not sure if logging out and logging back in would have
registered the user name, but clearly, I needed to do a better job at
compensating for the default rule, to catch things like this.
Thanks for your help,
Ruben
At 08:08 PM 3/24/02 -0600, Rick Matthews wrote:
> > I am trying to use squidGuard as a porn filter
> > for my house.
>
>That's the way I am using it, and it does a great job.
>
>You've done a good of covering all the bases and in your
>documentation of the problem. I can't put my finger on a single item
>as the reason it's not working for you, but I can point out issues
>or potential issues:
>
>Your dbhome statement has no relationship to the actual location of
>your db files. It is true that your destination group declarations
>can specify the file locations by specifying a path relative to
>dbhome *OR* by specifying an absolute path, which is the option that
>you've taken. I would recommend, however that you use the other
>method. Since your files are located in
>/usr/local/squidGuard/blacklists/porn/domains, you could use:
>dbhome /usr/local/squidGuard
>domainlist /blacklists/porn/domains
>or
>dbhome /usr/local/squidGuard/blacklists
>domainlist /porn/domains
>
>Let's examine your source group declarations:
> > src grownups {
> > ip 192.168.1.108
> > user joe_user
> > }
> >
> > src kids {
> > user sally sue billy
> > }
>
>I believe that says that in order to be in source grownups, you're
>ip must be 192.168.1.108, *and* you must be logged on as "joe_user".
>(Using userident match implies RFC931/ident lookup is enabled in
>squid.conf and that the workstations must support RFC931.)
>
>No matter where you are, if you are logged on as sally, sue or billy
>you are in source kids.
>
>If you don't match either of those two you're in luck! That means
>you are in the "default" source and you can go anywhere on the web
>that you'd like! (You probably want to change the default acl from
>"pass all" to "pass none", and add another redirect at that point.)
>
>You may also find it helpful to specify separate log files while you
>are debugging. In your porn destination group declaration, add the
>line:
>logfile /usr/local/squidGuard/log/porn.log
>Then, if you are stopped by the porn destination group, it will be
>logged in porn.log. If you are stopped by the default pass none
>statement, it will be logged in squidGuard.log.
>
>Try those and hopefully you'll be up and running.
>
>Rick Matthews
>
>
>-----Original Message-----
>From: [EMAIL PROTECTED]
>[mailto:[EMAIL PROTECTED]]On Behalf Of Ruben
>Fagundo
>Sent: Sunday, March 24, 2002 3:39 PM
>To: [EMAIL PROTECTED]
>Subject: squidGuard is not redirecting as I would have expected...
>
>
>
>I am trying to use squidGuard as a porn filter for my house. I
>have
>successfully installed squidGuard on a RH 72 linux box. I
>downloaded the
>black list files, and used the following conf file, however, I bring
>up the
>browser and point it to my home page, and it works fine, but when I
>point
>it to one of the sites on the porn domains, it does NOT redirect the
>URL as
>I would have expected it to. My understanding is that it would have
>redirected the results to the locat apache server with the cgi-bin
>application that I installed there. I know the cgi app works
>because I can
>call it explicitely, and I know that I am using the squid proxy on
>port
>3128 as well, because the squid logs tell me that I am accessing the
>pages
>that I point the browser to, so the question remains, what am I
>doing wrong?
>
>======= squidGuard.conf =============
>
>dbhome /usr/local/squidguard/db
>logdir /usr/local/squidGuard/log
>
>src grownups {
> ip 192.168.1.108
> user joe_user
>}
>
>src kids {
> user sally sue billy
>}
>
>dest porn {
> domainlist
>/usr/local/squidGuard/blacklists/porn/domains
> urllist /usr/local/squidGuard/blacklists/porn/urls
> expressionlist
>/usr/local/squidGuard/blacklists/porn/expressions
> redirect
>http://192.168.1.5/cgi-bin/blocked?clientaddr=%a+clientname=%n+clien
>tident=%i+srcclass=%s+targetclass=%t+url=%u
>}
>
>acl {
>
> grownups {
> pass !porn all
> }
>
> kids {
> pass !porn all
> }
>
> default {
> pass all
> }
>}
>
>============ the process list (shows squidGuard is running)
>==========
>root 18134 0.0 1.8 3964 1160 ? S 16:01 0:00
>squid -D
>squid 18136 0.2 8.2 6992 5064 ? S 16:01 0:04
>(squid) -D
>squid 18137 1.8 2.4 3308 1528 ? S 16:01 0:37
>(squidGuard) -d
>squid 18138 1.8 2.4 3308 1528 ? S 16:01 0:36
>(squidGuard) -d
>squid 18139 1.8 2.4 3308 1528 ? S 16:01 0:37
>(squidGuard) -d
>squid 18140 1.8 2.4 3308 1528 ? S 16:01 0:36
>(squidGuard) -d
>squid 18141 0.0 0.5 1352 328 ? S 16:01 0:00
>(unlinkd)
>=============== squidGuard log file ============
>cat squidGuard.log
>2002-03-24 11:26:46 [17629] init domainlist
>/usr/local/squidGuard/blacklists/porn/domains
>2002-03-24 11:26:46 [17628] init domainlist
>/usr/local/squidGuard/blacklists/porn/domains
>2002-03-24 11:26:46 [17627] init domainlist
>/usr/local/squidGuard/blacklists/porn/domains
>2002-03-24 11:26:47 [17630] init domainlist
>/usr/local/squidGuard/blacklists/porn/domains
>2002-03-24 11:33:52 [17763] init domainlist
>/usr/local/squidGuard/blacklists/porn/domains
>2002-03-24 11:33:52 [17764] init domainlist
>/usr/local/squidGuard/blacklists/porn/domains
>2002-03-24 11:33:52 [17765] init domainlist
>/usr/local/squidGuard/blacklists/porn/domains
>2002-03-24 11:33:53 [17766] init domainlist
>/usr/local/squidGuard/blacklists/porn/domains
>2002-03-24 11:36:57 [17766] init urllist
>/usr/local/squidGuard/blacklists/porn/urls
>2002-03-24 11:36:57 [17763] init urllist
>/usr/local/squidGuard/blacklists/porn/urls
>2002-03-24 11:37:01 [17764] init urllist
>/usr/local/squidGuard/blacklists/porn/urls
>2002-03-24 11:37:01 [17765] init urllist
>/usr/local/squidGuard/blacklists/porn/urls
>2002-03-24 11:37:06 [17766] init expressionlist
>/usr/local/squidGuard/blacklists/porn/expressions
>2002-03-24 11:37:06 [17766] squidGuard 1.2.0 started
>(1016987632.997)
>2002-03-24 11:37:06 [17766] squidGuard ready for requests
>(1016987826.133)
>2002-03-24 11:37:06 [17763] init expressionlist
>/usr/local/squidGuard/blacklists/porn/expressions
>2002-03-24 11:37:06 [17763] squidGuard 1.2.0 started
>(1016987632.757)
>2002-03-24 11:37:06 [17763] squidGuard ready for requests
>(1016987826.180)
>2002-03-24 11:37:07 [17765] init expressionlist
>/usr/local/squidGuard/blacklists/porn/expressions
>2002-03-24 11:37:07 [17765] squidGuard 1.2.0 started
>(1016987632.942)
>2002-03-24 11:37:07 [17765] squidGuard ready for requests
>(1016987827.360)
>2002-03-24 11:37:07 [17764] init expressionlist
>/usr/local/squidGuard/blacklists/porn/expressions
>2002-03-24 11:37:07 [17764] squidGuard 1.2.0 started
>(1016987632.843)
>2002-03-24 11:37:07 [17764] squidGuard ready for requests
>(1016987827.371)
>2002-03-24 15:51:37 [18086] init domainlist
>/usr/local/squidGuard/blacklists/porn/domains
>2002-03-24 15:52:07 [18086] create new dbfile
>/usr/local/squidGuard/blacklists/porn/domains.db
>2002-03-24 15:52:08 [18086] init urllist
>/usr/local/squidGuard/blacklists/porn/urls
>2002-03-24 15:52:10 [18086] init expressionlist
>/usr/local/squidGuard/blacklists/porn/expressions
>2002-03-24 15:52:10 [18086] squidGuard 1.2.0 started
>(1017003097.784)
>2002-03-24 15:52:10 [18086] db update done
>2002-03-24 15:52:10 [18086] squidGuard stopped (1017003130.373)
>2002-03-24 16:01:25 [17766] squidGuard stopped (1017003685.202)
>2002-03-24 16:01:25 [17765] squidGuard stopped (1017003685.204)
>2002-03-24 16:01:25 [17764] squidGuard stopped (1017003685.207)
>2002-03-24 16:01:25 [17763] squidGuard stopped (1017003685.209)
