RE: squidGuard is not redirecting as I would have expected...

Rick Matthews Mon, 25 Mar 2002 14:49:26 -0800

> What I learned is that the system I was using to
> test (win 98) was always falling into the "default"
> category for some reason.


Did the other response you received clear that up for you?

> The "user" and "ip" were not registering as I
> would have expected.

I think your only surprise was the handling of user; ip probably
works exactly as you expected. By your definition, in order to be a
grownup you had to match ip 192.168.1.108 *and* user "joe_user".
Just for some temporary satisfaction, why don't you change your
source declarations to:

src grownups {
        ip 192.168.1.108
}
src kids {
        ip 192.168.1.100-192.168.1.105 **or whatever**
}

I think it may make you feel better. :-)

> ... but clearly, I needed to do a better job
> at compensating for the default rule, to catch
> things like this.

Don't make a big deal out of it; just change it from "pass all" to
"pass none" and you are covered.

You're almost there...

Rick



-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Ruben
Fagundo
Sent: Monday, March 25, 2002 8:41 AM
To: Rick Matthews
Cc: Squidguard Mailing List
Subject: RE: squidGuard is not redirecting as I would have
expected...



Thanks for your response Rick.  What I learned is that the system I
was
using to test (win 98) was always falling into the "default"
category for
some reason.  The "user" and "ip" were not registering as I would
have
expected.  The Linux box is my Primary Domain Controller, for the
Windows
network.  I'm not sure if logging out and logging back in would have
registered the user name, but clearly, I needed to do a better job
at
compensating for the default rule, to catch things like this.

Thanks for your help,
Ruben

At 08:08 PM 3/24/02 -0600, Rick Matthews wrote:
> > I am trying to use squidGuard as a porn filter
> > for my house.
>
>That's the way I am using it, and it does a great job.
>
>You've done a good of covering all the bases and in your
>documentation of the problem. I can't put my finger on a single
item
>as the reason it's not working for you, but I can point out issues
>or potential issues:
>
>Your dbhome statement has no relationship to the actual location of
>your db files. It is true that your destination group declarations
>can specify the file locations by specifying a path relative to
>dbhome *OR* by specifying an absolute path, which is the option
that
>you've taken. I would recommend, however that you use the other
>method. Since your files are located in
>/usr/local/squidGuard/blacklists/porn/domains, you could use:
>dbhome  /usr/local/squidGuard
>domainlist      /blacklists/porn/domains
>or
>dbhome  /usr/local/squidGuard/blacklists
>domainlist      /porn/domains
>
>Let's examine your source group declarations:
> > src grownups {
> >      ip 192.168.1.108
> >      user   joe_user
> > }
> >
> > src kids {
> >      user sally sue billy
> > }
>
>I believe that says that in order to be in source grownups, you're
>ip must be 192.168.1.108, *and* you must be logged on as
"joe_user".
>(Using userident match implies RFC931/ident lookup is enabled in
>squid.conf and that the workstations must support RFC931.)
>
>No matter where you are, if you are logged on as sally, sue or
billy
>you are in source kids.
>
>If you don't match either of those two you're in luck! That means
>you are in the "default" source and you can go anywhere on the web
>that you'd like! (You probably want to change the default acl from
>"pass all" to "pass none", and add another redirect at that point.)
>
>You may also find it helpful to specify separate log files while
you
>are debugging. In your porn destination group declaration, add the
>line:
>logfile         /usr/local/squidGuard/log/porn.log
>Then, if you are stopped by the porn destination group, it will be
>logged in porn.log. If you are stopped by the default pass none
>statement, it will be logged in squidGuard.log.
>
>Try those and hopefully you'll be up and running.
>
>Rick Matthews
>
>
>-----Original Message-----
>From: [EMAIL PROTECTED]
>[mailto:[EMAIL PROTECTED]]On Behalf Of Ruben
>Fagundo
>Sent: Sunday, March 24, 2002 3:39 PM
>To: [EMAIL PROTECTED]
>Subject: squidGuard is not redirecting as I would have expected...
>
>
>
>I am trying to use squidGuard as a porn filter for my house.   I
>have
>successfully installed squidGuard on a RH 72 linux box.  I
>downloaded the
>black list files, and used the following conf file, however, I
bring
>up the
>browser and point it to my home page, and it works fine, but when I
>point
>it to one of the sites on the porn domains, it does NOT redirect
the
>URL as
>I would have expected it to.  My understanding is that it would
have
>redirected the results to the locat apache server with the cgi-bin
>application that I installed there.  I know the cgi app works
>because I can
>call it explicitely, and I know that I am using the squid proxy on
>port
>3128 as well, because the squid logs tell me that I am accessing
the
>pages
>that I point the browser to, so the question remains, what am I
>doing wrong?
>
>======= squidGuard.conf =============
>
>dbhome /usr/local/squidguard/db
>logdir /usr/local/squidGuard/log
>
>src grownups {
>      ip 192.168.1.108
>      user   joe_user
>}
>
>src kids {
>      user sally sue billy
>}
>
>dest porn {
>          domainlist
>/usr/local/squidGuard/blacklists/porn/domains
>          urllist
/usr/local/squidGuard/blacklists/porn/urls
>          expressionlist
>/usr/local/squidGuard/blacklists/porn/expressions
>          redirect
>http://192.168.1.5/cgi-bin/blocked?clientaddr=%a+clientname=%n+clie
n
>tident=%i+srcclass=%s+targetclass=%t+url=%u
>}
>
>acl {
>
>      grownups {
>          pass !porn all
>      }
>
>      kids {
>          pass !porn all
>      }
>
>          default {
>                  pass     all
>          }
>}
>
>============ the process list (shows squidGuard is running)
>==========
>root     18134  0.0  1.8  3964 1160 ?        S    16:01   0:00
>squid -D
>squid    18136  0.2  8.2  6992 5064 ?        S    16:01   0:04
>(squid) -D
>squid    18137  1.8  2.4  3308 1528 ?        S    16:01   0:37
>(squidGuard) -d
>squid    18138  1.8  2.4  3308 1528 ?        S    16:01   0:36
>(squidGuard) -d
>squid    18139  1.8  2.4  3308 1528 ?        S    16:01   0:37
>(squidGuard) -d
>squid    18140  1.8  2.4  3308 1528 ?        S    16:01   0:36
>(squidGuard) -d
>squid    18141  0.0  0.5  1352  328 ?        S    16:01   0:00
>(unlinkd)
>=============== squidGuard log file ============
>cat squidGuard.log
>2002-03-24 11:26:46 [17629] init domainlist
>/usr/local/squidGuard/blacklists/porn/domains
>2002-03-24 11:26:46 [17628] init domainlist
>/usr/local/squidGuard/blacklists/porn/domains
>2002-03-24 11:26:46 [17627] init domainlist
>/usr/local/squidGuard/blacklists/porn/domains
>2002-03-24 11:26:47 [17630] init domainlist
>/usr/local/squidGuard/blacklists/porn/domains
>2002-03-24 11:33:52 [17763] init domainlist
>/usr/local/squidGuard/blacklists/porn/domains
>2002-03-24 11:33:52 [17764] init domainlist
>/usr/local/squidGuard/blacklists/porn/domains
>2002-03-24 11:33:52 [17765] init domainlist
>/usr/local/squidGuard/blacklists/porn/domains
>2002-03-24 11:33:53 [17766] init domainlist
>/usr/local/squidGuard/blacklists/porn/domains
>2002-03-24 11:36:57 [17766] init urllist
>/usr/local/squidGuard/blacklists/porn/urls
>2002-03-24 11:36:57 [17763] init urllist
>/usr/local/squidGuard/blacklists/porn/urls
>2002-03-24 11:37:01 [17764] init urllist
>/usr/local/squidGuard/blacklists/porn/urls
>2002-03-24 11:37:01 [17765] init urllist
>/usr/local/squidGuard/blacklists/porn/urls
>2002-03-24 11:37:06 [17766] init expressionlist
>/usr/local/squidGuard/blacklists/porn/expressions
>2002-03-24 11:37:06 [17766] squidGuard 1.2.0 started
>(1016987632.997)
>2002-03-24 11:37:06 [17766] squidGuard ready for requests
>(1016987826.133)
>2002-03-24 11:37:06 [17763] init expressionlist
>/usr/local/squidGuard/blacklists/porn/expressions
>2002-03-24 11:37:06 [17763] squidGuard 1.2.0 started
>(1016987632.757)
>2002-03-24 11:37:06 [17763] squidGuard ready for requests
>(1016987826.180)
>2002-03-24 11:37:07 [17765] init expressionlist
>/usr/local/squidGuard/blacklists/porn/expressions
>2002-03-24 11:37:07 [17765] squidGuard 1.2.0 started
>(1016987632.942)
>2002-03-24 11:37:07 [17765] squidGuard ready for requests
>(1016987827.360)
>2002-03-24 11:37:07 [17764] init expressionlist
>/usr/local/squidGuard/blacklists/porn/expressions
>2002-03-24 11:37:07 [17764] squidGuard 1.2.0 started
>(1016987632.843)
>2002-03-24 11:37:07 [17764] squidGuard ready for requests
>(1016987827.371)
>2002-03-24 15:51:37 [18086] init domainlist
>/usr/local/squidGuard/blacklists/porn/domains
>2002-03-24 15:52:07 [18086] create new dbfile
>/usr/local/squidGuard/blacklists/porn/domains.db
>2002-03-24 15:52:08 [18086] init urllist
>/usr/local/squidGuard/blacklists/porn/urls
>2002-03-24 15:52:10 [18086] init expressionlist
>/usr/local/squidGuard/blacklists/porn/expressions
>2002-03-24 15:52:10 [18086] squidGuard 1.2.0 started
>(1017003097.784)
>2002-03-24 15:52:10 [18086] db update done
>2002-03-24 15:52:10 [18086] squidGuard stopped (1017003130.373)
>2002-03-24 16:01:25 [17766] squidGuard stopped (1017003685.202)
>2002-03-24 16:01:25 [17765] squidGuard stopped (1017003685.204)
>2002-03-24 16:01:25 [17764] squidGuard stopped (1017003685.207)
>2002-03-24 16:01:25 [17763] squidGuard stopped (1017003685.209)

RE: squidGuard is not redirecting as I would have expected...

Reply via email to