RE: squidGuard: how it work? CORRECTION

Wed, 21 Aug 2002 06:15:20 -0700 

** I have corrected the recommended configuration listed below.
** I apologize for not drinking enough coffee before sending it!
** The corrections are marked with '**'

> when I run squidGuard with squidGuard.conf1 everything works fine:
> only sites that are in localdomains can be accessed.
> 
> But if I use squidGuard.conf2 nothing is blocked.

Have you checked your squidGuard.log file? If squidGuard goes into
emergency mode it will pass all.

To recap your report, configuration 1 works and configuration 2
does not work.

I see three differences between the 2 configurations:
1) Config2 uses ip to determine source.
2) If blocked in Config2 there is no redirect statement.
3) Config2's acl does not end with 'all' or 'none'.

I don't think that #1 is associated with the problem. If using ip to
determine source was not working properly you would end up in the 
default acl, which is not the behavior you reported.

Items #2 and #3 should be corrected. Here is your config2 with
recommended changes applied:
----------- squidGuard.conf2 ---------------
logdir /home/edi/squid/logs
dbhome /home/edi/squid/etc/squidGuard
source surbisloc {
    ip  10.80.12.0/24
}
destination localdomains {
**domainlist our none [wrong, use the next line] **
  domainlist our
}
acl {
  surbisloc {
**  pass localdomains [wrong, use the next line] **
    pass localdomains none
    redirect http://local.web.site/access_denide.html
  }
  default {
    pass none
    redirect http://local.web.site/access_denide.html
  }
}
------------------ end --------------------

See if those changes make a difference.

Rick Matthews


> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Eduard A.
> Ivanov
> Sent: Wednesday, August 21, 2002 1:58 AM
> To: [EMAIL PROTECTED]
> Subject: squidGuard: how it work?
> 
> 
> Hello [EMAIL PROTECTED],
> 
> I have a problem whis running squidGuard.
> 
> here is 2 my squidGuard.conf:
> 
> file squidGuard.conf1 :
> logdir /home/edi/squid/logs
> dbhome /home/edi/squid/etc/squidGuard
> source surbisloc {
>     ip  10.80.12.0/24
> }
> destination localdomains {
>   domainlist our
> }
> acl {
>   default {
>     pass localdomains none
>     redirect http://local.web.site/access_denide.html
>   }
> }
> 
> file squidGuard.conf2 :
> logdir /home/edi/squid/logs
> dbhome /home/edi/squid/etc/squidGuard
> source surbisloc {
>     ip  10.80.12.0/24
> }
> destination localdomains {
>   domainlist our
> }
> acl {
>   surbisloc {
>     pass localdomains
>   }
>   default {
>     pass none
>     redirect http://local.web.site/access_denide.html
>   }
> }
> when I run squidGuard with squidGuard.conf1 everything works fine:
> only sites that are in localdomains can be accessed.
> 
> But if I use squidGuard.conf2 nothing is blocked.
> 
> -- 
> Best regards,
>  Eduard A. Ivanov                          mailto:[EMAIL PROTECTED]
> 
> 
>

Reply via email to