I am really sorry that you put so much time into your testing
without success! It might help if I give you the run-down on a few
of the frequently reported issues and their resolution, along with a
comment or two about the results that you've posted.
> Squidguard log file shows no errors,
> everything is all right there.
I don't mean to question your report, but are you saying that the
squidGuard log shows nothing? or that it shows all the right things
and no errors? For example, if your only defined destination in
squidGuard.conf was porn/domains and porn/urls, and your squid.conf
specified "redirect_children 4", and using the dbhome that you list
below, you should see something like the following in squidGuard.log
when you restart squid: ("Date Time [pid]" in front of each line
removed)
------- Sample of good log ----------------
init domainlist /usr/local/squidGuard/db/porn/domains
loading dbfile /usr/local/squidGuard/db/porn/domains.db
init urllist /usr/local/squidGuard/db/porn/urls
loading dbfile /usr/local/squidGuard/db/porn/urls.db
squidGuard 1.1.4 started
squidGuard ready for requests
init domainlist /usr/local/squidGuard/db/porn/domains
loading dbfile /usr/local/squidGuard/db/porn/domains.db
init urllist /usr/local/squidGuard/db/porn/urls
loading dbfile /usr/local/squidGuard/db/porn/urls.db
squidGuard 1.1.4 started
squidGuard ready for requests
init domainlist /usr/local/squidGuard/db/porn/domains
loading dbfile /usr/local/squidGuard/db/porn/domains.db
init urllist /usr/local/squidGuard/db/porn/urls
loading dbfile /usr/local/squidGuard/db/porn/urls.db
squidGuard 1.1.4 started
squidGuard ready for requests
init domainlist /usr/local/squidGuard/db/porn/domains
loading dbfile /usr/local/squidGuard/db/porn/domains.db
init urllist /usr/local/squidGuard/db/porn/urls
loading dbfile /usr/local/squidGuard/db/porn/urls.db
squidGuard 1.1.4 started
squidGuard ready for requests
-------- End of Sample -------------
> only the paths are a little different on my system
What does that mean? Are you saying that your squidGuard.conf file
points to one place and the files are in another place? Otherwise,
why show us one config file while you are using another? There's
additional room for error, right there.
You don't mention any version numbers, but there are a couple of
issues with the Berkeley db that you need to be aware of, and the
documentation on the squidGuard site is wrong. This information is
very important:
--- clipped from
http://www.maynidea.com/squidguard/faq-plus.html -----
Squidguard 1.20 requires version 3.29 of the Berkeley db. It won't
work with version 2.27, nor will it work with 4.0. The assertion
that configure makes about requiring 3.2.* or later is not really
correct. SquidGuard needs 3.2.x ( not sure which version is too
low) and we know specifically that it works quite nicely with
3.2.9. I have tried it with 3.3.x and it craps out every time.
Same with 2.7.7. (Thanks to Robert Nickel for these specifics).
(It has been reported that squidguard 1.20 will work with other
versions of the db if you are using plain text files for your
blacklists; in other words, if there are no *.db files in your
blacklist directories. This can really slow down the startup time of
squid/squidguard, but otherwise may not be harmful.)
Squidguard 1.14, on the other hand, requires Berkeley 2.27.
You can have version 2.27 and 3.2x installed at the same time
-------------- End of clip -----------------
You mentioned "webAdmin"; is this the same program as Webmin
<http://www.webmin.com/>? If so, are you using the squidGuard module
inside of Webmin? I'd recommend setting up squidGuard without using
the webmin module, then switch back after you have it running like
you want it. The Webmin module for squidGuard overlays its own
quirky personality over squidGuard.
Try adding a logfile statement in your destination group
declaration, like this:
dest porn {
domainlist porn/domains
urllist porn/urls
logfile /usr/local/squidGuard/log/porn.log
}
Then, whenever squidGuard will log to porn.log every time it blocks
because of porn/domains or porn/urls. Here's an entry from porn.log
(normally all on one line):
------------ Log entry -----------
2002-04-15 23:08:23 [1180]
Request(kids/porn/-) http://www.whitehouse.com/ 192.168.44.2/- - GET
----------------------------------
I hope that helps! Come back and let us know.
Rick Matthews
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of PhoenixWR
Sent: Tuesday, April 16, 2002 7:28 PM
To: [EMAIL PROTECTED]
Subject: squidguard does not work properly (or is it rather squid
that doesn't redirect properly to squidguard)?
Squid and squidguard were installed by mandrake linux, so I didn't
have to compile them. I configured squid to use squidguard and tried
it out, but it doesn't work properly. The results are indeed very
strange. I used a simple config file for squidguard which looks like
this:
logdir /usr/local/squidGuard/log
dbhome /usr/local/squidGuard/db
dest porn {
domainlist porn/domains
urllist porn/urls
}
acl {
default {
pass !porn all
redirect
http://localhost/cgi/blocked?clientaddr=%a&clientname=%n&clientuser=
%i&clientgroup=%s&url=%u
}
}
only the paths are a little different on my system. Now, the strange
thing is that it sometimes works and sometime does not. Using a
proxy in Opera and Mozilla browsers I tried, and the still, often I
could open the blacklisted websites in the /porn/domains. Also the
strange thing is that redirection works better if the proxy in
Mozilla is 127.0.0.1:3128 and not localhost:3128, which seems to be
a Mozilla problem (?). Anyway, after trying for 10 hours without
much success, I ended with the following situation:
blocking doesn't work at all! only if the config file looks like
this:
logdir /usr/local/squidGuard/log
dbhome /usr/local/squidGuard/db
# dest porn {
#domainlist porn/domains
#urllist porn/urls
# }
acl {
default {
pass none
redirect
http://localhost/cgi/blocked?clientaddr=%a&clientname=%n&clientuser=
%i&clientgroup=%s&url=%u
}
}
then all websites are indeed blocked, but if I uncomment the dest
directives, while leaving the default=none, it again doesn't work.
Blocking of porn blacklisted domains doesn't work at all now. I just
don't understand why, it did work first, even if not all the time,
which is very very strange. Squidguard log file shows no errors,
everything is all right there. Maybe I didn't configure Squid
properly? I added the redirect_program and redirect_children. All
the paths are correct, I checked and doublechecked 1 mio times.
Also, even if it worked, it's rather uncomfortable to use, because
you have to add the blocked sites to the database, rebuild the *.db
files using squidguard and then restart squid. Yes, I know, somebody
said that with version 1.2 of squidguard you don't have to restart
squid, but this is not true, the changes take only place if I
restart squid or click on "apply changes" in webAdmin, a programme
which allows to configure all servers through the browser on secure
connection localhost port 10000. It is part of mandrake linux, but i
think it can be also downloaded from the net. Anyway, this is very
uncomfortable and takes too much time. I rather would like to use
webwasher like on windows, but it seems one has to pay, otherwise
the linux shareware version will not work properly with opera.
I think there is a way to block websites using the apache server
module mod_proxy, i.e. using apache as a proxy server. But is it
also possible to rewrite the blocked sites using the re_write
module? maybe you know, then please email me.
Anyway, I would like to know how to configure Squid, because I think
the problems are rather due to squid than to squidguard. If you know
how to configure squid in order to force it to redirect, please
email me.
Regards,
Gerhart
