Shoot... My squidguard isn't identing as well. I've followed your tips below, and inserted a logentry to access.log. This is wat struck me as odd:
192.168.0.2 - - [26/Sep/2002:18:16:37 +0200] "GET http://msimg.com/m/r/footer_logo-md.gif HTTP/1.0" 200 1413 TCP_CLIENT_REFRESH_MISS:DIRECT Does this :DIRECT somehow mean that things are bypassed? I also noted that my all.log (where all dst rules are loggin to) isn't filled at all. Permissions are set correctly; the log is filled as soon as I remove all ident stuff. Cheers! Jaap. At 09:20 09/25/2002 +0200, Ian Spare wrote: >You say that squid never looks up the id of the user? Is that true? If it is >then you're quite obviously wasting your time messing around with >SquidGuard. If ident is working then you should be getting stuff in the >access.log for squid, the squid FAQ has plenty of stuff on this but very >briefly: > >make sure squid isn't built with "disable-ident-lookups" >have lines like this in the squid.conf >acl all_ident ident src 0.0.0.0/0.0.0.0 >ident_lookup_access allow all_ident >cache_access_log /var/log/squid/access.log > >Then if you're not seeing lines like this in the access.log then I fail to >see to how SquidGuard will work either: > >1032938238.110 703 1.1.1.1 TCP_CLIENT_REFRESH_MISS/200 1492 GET >http://windowsupdate.microsoft.com/ident.cab username >ROUNDROBIN_PARENT/aproxy.somewhere.com application/octet-stream > >-----Original Message----- >From: Neil Watson [mailto:[EMAIL PROTECTED]] >Sent: Wednesday, September 25, 2002 00:59 >To: [EMAIL PROTECTED] >Subject: ident > > >Rick, > >Thanks for your help. Alas no luck. The ads.log and the porn.log are never >written to. I gather that squid and squidguard never look up the id of the >user at the browser. Any suggestions. > >Neil Watson wrote: > > I've been trying to make squid and squiguard play nice for hours. > > Squid works fine on its own. I've installed squidguard to filter > > adult content. Squidguard never idents the user and therefore uses > > the default rule of deny. > > >Rick Mathews wrote: >I can help you get there. Make the changes to your config file > >that are marked below: > > > logdir /usr/local/squidGuard/log > > dbhome /usr/local/squidGuard/db > > > > > src neil { > > ip 10.0.0.10 > > user neil > > } > > > > > dest porn { > > domainlist porn/domains > > urllist porn/urls > > > >add> logfile porn.log >add> redirect >http://webserver/images/title.php?size=15&text=denied > > > > } > > > > > dest ads { > > domainlist ads/domains > > urllist ads/urls > > > >add> expressionlist ads.expressions # see attached >add> logfile ads.log >add> redirect http://webserver/images/1x1.gif # see >attached > > > > } > > acl { > > neil { > > pass !ads !porn all > > } > > > > > default { > > pass none > > redirect http://webserver/images/title.php?size=15&text=denied > > } > > } > > > >Create: >/usr/local/squidGuard/log/porn.log >/usr/local/squidGuard/log/ads.log >Give them the same ownership and permissions as squidGuard.log. > > >- Make the config changes above and issue 'squid -k reconfigure'. >- Check the messages in squidGuard.log for errors. >- Enter a known-blocked porn url in your browser and hit enter. >- The last (or one of the last) entries in squid's access.log will show >the request, along with squid's understanding of your ip and ident. >- The last entry in /usr/local/squidGuard/log/porn.log will show how >squidGuard handled the request, including the ip and ident received >from squid, and the source group and destination group from your >squidGuard.conf file. > > >-- >Neil Watson >Network Administrator >watson-wilson.ca > > >--- >Incoming mail is certified Virus Free. >Checked by AVG anti-virus system (http://www.grisoft.com). >Version: 6.0.391 / Virus Database: 222 - Release Date: 09/19/2002
--- Outgoing mail is certified Virus Free. http://www.lelie.net/notice.html Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.391 / Virus Database: 222 - Release Date: 09/19/2002
