Rick,
Thanks for your help. Alas no luck. The ads.log and the porn.log are never written
to. I gather that squid and squidguard never look up the id of the user at the
browser. Any suggestions.
Neil Watson wrote:
> I've been trying to make squid and squiguard play nice for hours.
> Squid works fine on its own. I've installed squidguard to filter
> adult content. Squidguard never idents the user and therefore uses
> the default rule of deny.
Rick Mathews wrote:
I can help you get there. Make the changes to your config file
that are marked below:
> logdir /usr/local/squidGuard/log
> dbhome /usr/local/squidGuard/db
>
> src neil {
> ip 10.0.0.10
> user neil
> }
>
> dest porn {
> domainlist porn/domains
> urllist porn/urls
add> logfile porn.log
add> redirect http://webserver/images/title.php?size=15&text=denied
> }
>
> dest ads {
> domainlist ads/domains
> urllist ads/urls
add> expressionlist ads.expressions # see attached
add> logfile ads.log
add> redirect http://webserver/images/1x1.gif # see attached
> }
> acl {
> neil {
> pass !ads !porn all
> }
>
> default {
> pass none
> redirect http://webserver/images/title.php?size=15&text=denied
> }
> }
Create:
/usr/local/squidGuard/log/porn.log
/usr/local/squidGuard/log/ads.log
Give them the same ownership and permissions as squidGuard.log.
- Make the config changes above and issue 'squid -k reconfigure'.
- Check the messages in squidGuard.log for errors.
- Enter a known-blocked porn url in your browser and hit enter.
- The last (or one of the last) entries in squid's access.log will show
the request, along with squid's understanding of your ip and ident.
- The last entry in /usr/local/squidGuard/log/porn.log will show how
squidGuard handled the request, including the ip and ident received
from squid, and the source group and destination group from your
squidGuard.conf file.
--
Neil Watson
Network Administrator
watson-wilson.ca
