> -----Original Message----- > From: Chris Reed > Sent: Tuesday, August 20, 2002 4:29 PM > > I put this line in my squid.conf file: > > http_access allow all
Uh, yeah. That *would* open it up a bit. When you get around to thinking about security again you might want to consider something like: acl mynetwork src 192.168.0.0/24 (or whatever) and then http_access allow mynetwork There are plenty of samples there in the squid.conf file. You need to tighten it back up before you forget about it. :-) > The only remaining issue is, theres still no log file, i did a "find > / -name squidGuard.log" and didnt find anything. Its reading the squidGuard > db files fine though. Any suggestions? Next time you want to use 'find', try 'locate' (or 'slocate'). You have verified that you don't have logs in </usr/local/squidGuard/logs> or </usr/local/squidGuard/log>, right? Where did you put your squidGuard.conf file? And you have verified that it is reading *your* config file, and not some sample somewhere else? You might want to change your config to 'pass none', then 'squid -k reconfigure' and make sure that it is blocking you. Once you are certain that it is reading *your* config file, make sure your dbhome statement points to where you want the logs. Personally, I like having them in their own directory (it seems to simplify things), but I guess you can put them where you want them. Based on your squid.conf file, you running squid as user nobody and group nobody, correct? Is that because you followed setup instructions that recommended that? Or is it because that was the default? If "the default" is your answer, you might want to read up a bit on creating a squid user and group, and running as squid:squid. The user and group that squid runs under needs to be the owner of the log files. Make sure that user has access rights to the directory where you are putting the logs. If a 'squid -k reconfigure' still doesn't create a log file, create one manually with 'touch squidGuard.log'. Then set the ownership and permissions on the file, and 'squid -k reconfigure' again. That should get you very close to an answer. > BTW, Rick Matthews, you are the man! :) thanks for the great help! Glad to do it! Rick > > Chris P Reed > CCNA > > > -----Original Message----- > From: Rick Matthews [mailto:[EMAIL PROTECTED]] > Sent: Monday, August 19, 2002 7:15 PM > To: Chris Reed; [EMAIL PROTECTED] > Subject: RE: Help with squidGuard configuration > > > > When i said "it passes NONE!" i meant that i kept getting the "access > > denied" page > > I'm sorry if I'm overlooking something here, but I'm wondering where > the "access denied" page is coming from. When I see an access denied > page it's because my squidGuard.conf has redirected me to that page. > Your squidGuard.conf didn't include any redirects, in fact, all it > included was default pass all. I wasn't aware that squidGuard knew > how to say NO without me telling it how to say NO. > > What does the access denied page say? Have you seen it before? What > system is providing that page? > > > my /var/log/squidGuard.log file was non-existant since i didnt even put it > > in the squidGuard.conf file. > > The path declarations in the squidGuard.conf file can overrule or > confirm the default locations: > > logdir /usr/local/squidGuard/logs > dbhome /usr/local/squidGuard/db > > In the absence of a path declaration the default location will be used. > So your squidGuard was trying to write to: > /usr/local/squidGuard/logs/squidGuard.log > > > So i added that line in, so now my > > squidGuard.conf file looks like: > > > > logdir /var/log > > > > acl { > > default { > > pass all > > } > > } > > > > still no logs though, so i ran "/usr/local/bin/squidGuard -d" and it > said, > > > > 2002-08-19 16:45:54 [146] syntax error in configfile > > /usr/local/etc/squid/squidGuard.conf line 3 > > 2002-08-19 16:45:54 [146] going into emergency mode > > So which one of the lines is line 3? I can't tell from this: > > > > logdir /var/log > > > > acl { > > default { > > pass all > > } > > } > > > > Hang on, I think I just figured out whose access denied screen > you are seeing. > > There was a squid.conf file attached to your message. Is that *your* > squid.conf file? > > In your first message you said: "I can get squid to work fine,". Did > you do it with *that* config file? I don't see where you've given > anybody access in that config file. > > You really need to get squid up and running completely before you > tackle squidGuard. That means that your browser should be pointed > at squid and you should be able to surf the net through squid. > > Hopefully I've given you some ideas that you can work with. > > Rick Matthews > > > > > > I thought emergency mode would pass all. thats what it said in the doc i > > think i remember. > > > > I also tried to copy the squidGuard.conf.sample which was installed to > > squidGuard.conf w/ a few adjustments which looks like this: > > > > > > # > > # SAMPLE CONFIG FILE FOR SQUIDGUARD > > # (for further configuration options see the > > # documentation and http://www.squidguard.org/) > > # > > dbhome /var/db/squidGuard > > logdir /var/log > > > > # > > # TIME RULES: > > # abbrev for weekdays: > > # s = sun, m = mon, t =tue, w = wed, h = thu, f = fri, a = sat > > #time workhours { > > # weekly mtwhf 08:00 - 16:30 > > # date *-*-01 08:00 - 16:30 > > #} > > # > > # > > # SOURCE ADDRESSES > > # > > source sample-clients { > > ip 192.168.0.0/24 > > } > > > > # > > # DESTINATION CLASSES > > # > > dest ads { > > domainlist ads/domains > > urllist ads/urls > > } > > dest aggressive { > > domainlist aggressive/domains > > urllist aggressive/urls > > } > > dest audio-video { > > domainlist audio-video/domains > > urllist audio-video/urls > > } > > dest drugs { > > domainlist drugs/domains > > urllist drugs/urls > > } > > dest gambling { > > domainlist gambling/domains > > urllist gambling/urls > > } > > dest hacking { > > domainlist hacking/domains > > urllist hacking/urls > > } > > dest mail { > > domainlist mail/domains > > } > > dest porn { > > domainlist porn/domains > > urllist porn/urls > > expressionlist porn/expressions > > } > > dest proxy { > > domainlist proxy/domains > > urllist proxy/urls > > } > > dest violence { > > domainlist violence/domains > > urllist violence/urls > > expressionlist violence/expressions > > } > > dest warez { > > domainlist warez/domains > > urllist warez/urls > > } > > > > acl { > > sample-clients { > > pass !ads !aggressive !audio-video !drugs !gambling !hacking > > !mail !porn !proxy !violence !warez !in-addr any > > } else { > > pass any > > } > > > > default { > > pass none > > redirect > > > http://admin.foo.bar.no/cgi/blocked?clientaddr=%a+clientname=%n+clientident= > > %i+srcclass=%s+targetclass=%t+url=%u > > } > > } > > > > Still no logging to my /var/log directory. when i run "squidGuard -d" it > > outputs that it reads all the databases and that squidGuard is ready for > > requests: > > > > > > 2002-08-19 19:35:09 [226] loading dbfile /var/db/squidGuard/proxy/urls.db > > 2002-08-19 19:35:09 [226] init domainlist > > /var/db/squidGuard/violence/domains > > 2002-08-19 19:35:09 [226] loading dbfile > > /var/db/squidGuard/violence/domains.db > > 2002-08-19 19:35:09 [226] init urllist /var/db/squidGuard/violence/urls > > 2002-08-19 19:35:09 [226] loading dbfile > /var/db/squidGuard/violence/urls.db > > 2002-08-19 19:35:09 [226] init expressionlist > > /var/db/squidGuard/violence/expres > > sions > > 2002-08-19 19:35:09 [226] init domainlist /var/db/squidGuard/warez/domains > > 2002-08-19 19:35:09 [226] loading dbfile > /var/db/squidGuard/warez/domains.db > > 2002-08-19 19:35:09 [226] init urllist /var/db/squidGuard/warez/urls > > 2002-08-19 19:35:09 [226] loading dbfile /var/db/squidGuard/warez/urls.db > > 2002-08-19 19:35:09 [226] squidGuard 1.2.0 started (1029810909.842) > > 2002-08-19 19:35:09 [226] squidGuard ready for requests (1029810909.902) > > > > What should i try next? Any suggestions? I really appreciate anyone > still > > reading this long email. All help is appreciated!! > > > > Chris P Reed > > CCNA > > > > > > > > > > > > > > > > > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED]]On Behalf Of Rick Matthews > > Sent: Friday, August 16, 2002 11:04 PM > > To: Chris Reed; [EMAIL PROTECTED] > > Subject: Help with squidGuard configuration [was No Subject] > > > > > > What entries are being written to your squidGuard.log file? That > > should be your first place to check if things aren't working properly. > > (squidGuard writes a bunch of entries to the log at start up; if > > squidGuard.log is empty, something is wrong.) > > > > > This should pass all, but it passes NONE! > > > > Why do you say this? Since you are obviously not receiving a blocked > > message from squidGuard, what are you seeing? > > > > Rick Matthews > > > > > > > -----Original Message----- > > > From: [EMAIL PROTECTED] > > > [mailto:[EMAIL PROTECTED]]On Behalf Of Chris Reed > > > Sent: Friday, August 16, 2002 8:32 PM > > > To: [EMAIL PROTECTED] > > > Subject: > > > > > > > > > Hey all, > > > > > > I am running FreeBSD 4.6 and have installed squid 2.4_9& squidGuard > 1.2.0 > > > from ports. I can get squid to work fine, i put the "redirect_program > > > /usr/local/bin/squidGuard" in my squid.conf file, and my squidGuard.conf > > > only says: > > > acl > > > > > > { > > > default { > > > pass all > > > } > > > } > > > > > > This should pass all, but it passes NONE! > > > > > > When my BSD box boots, i see squidGuard running 5x so im guessing i > > > configured the squid.conf right. any suggestions? any help would be > > > greatly appreciated. > > > > > > Thanks in advance, > > > > > > Chris P Reed > > > CCNA > > > > > > > > > >
