> I also noted that my all.log (where all dst rules are loggin to) > isn't filled at all. Permissions are set correctly; the log is > filled as soon as I remove all ident stuff.
You need a logfile statement in your default acl as well. That's probably the acl that processed your request. Rick > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Jaap Lelie > Sent: Thursday, September 26, 2002 11:25 AM > To: Ian Spare; 'Neil Watson'; [EMAIL PROTECTED] > Subject: RE: ident > > > Shoot... > My squidguard isn't identing as well. I've followed your tips below, and > inserted a logentry to access.log. This is wat struck me as odd: > > 192.168.0.2 - - [26/Sep/2002:18:16:37 +0200] "GET > http://msimg.com/m/r/footer_logo-md.gif HTTP/1.0" 200 1413 > TCP_CLIENT_REFRESH_MISS:DIRECT > > Does this :DIRECT somehow mean that things are bypassed? I also noted that > my all.log (where all dst rules are loggin to) isn't filled at all. > Permissions are set correctly; the log is filled as soon as I remove all > ident stuff. > > Cheers! > Jaap. > > At 09:20 09/25/2002 +0200, Ian Spare wrote: > > > >You say that squid never looks up the id of the user? Is that true? If it is > >then you're quite obviously wasting your time messing around with > >SquidGuard. If ident is working then you should be getting stuff in the > >access.log for squid, the squid FAQ has plenty of stuff on this but very > >briefly: > > > >make sure squid isn't built with "disable-ident-lookups" > >have lines like this in the squid.conf > >acl all_ident ident src 0.0.0.0/0.0.0.0 > >ident_lookup_access allow all_ident > >cache_access_log /var/log/squid/access.log > > > >Then if you're not seeing lines like this in the access.log then I fail to > >see to how SquidGuard will work either: > > > >1032938238.110 703 1.1.1.1 TCP_CLIENT_REFRESH_MISS/200 1492 GET > >http://windowsupdate.microsoft.com/ident.cab username > >ROUNDROBIN_PARENT/aproxy.somewhere.com application/octet-stream > > > >-----Original Message----- > >From: Neil Watson [mailto:[EMAIL PROTECTED]] > >Sent: Wednesday, September 25, 2002 00:59 > >To: [EMAIL PROTECTED] > >Subject: ident > > > > > >Rick, > > > >Thanks for your help. Alas no luck. The ads.log and the porn.log are never > >written to. I gather that squid and squidguard never look up the id of the > >user at the browser. Any suggestions. > > > >Neil Watson wrote: > > > I've been trying to make squid and squiguard play nice for hours. > > > Squid works fine on its own. I've installed squidguard to filter > > > adult content. Squidguard never idents the user and therefore uses > > > the default rule of deny. > > > > > >Rick Mathews wrote: > >I can help you get there. Make the changes to your config file > > > >that are marked below: > > > > > logdir /usr/local/squidGuard/log > > > dbhome /usr/local/squidGuard/db > > > > > > > > src neil { > > > ip 10.0.0.10 > > > user neil > > > } > > > > > > > > dest porn { > > > domainlist porn/domains > > > urllist porn/urls > > > > > > > >add> logfile porn.log > >add> redirect > >http://webserver/images/title.php?size=15&text=denied > > > > > > > } > > > > > > > > dest ads { > > > domainlist ads/domains > > > urllist ads/urls > > > > > > > >add> expressionlist ads.expressions # see attached > >add> logfile ads.log > >add> redirect http://webserver/images/1x1.gif # see > >attached > > > > > > > } > > > acl { > > > neil { > > > pass !ads !porn all > > > } > > > > > > > > default { > > > pass none > > > redirect http://webserver/images/title.php?size=15&text=denied > > > } > > > } > > > > > > > >Create: > >/usr/local/squidGuard/log/porn.log > >/usr/local/squidGuard/log/ads.log > >Give them the same ownership and permissions as squidGuard.log. > > > > > >- Make the config changes above and issue 'squid -k reconfigure'. > >- Check the messages in squidGuard.log for errors. > >- Enter a known-blocked porn url in your browser and hit enter. > >- The last (or one of the last) entries in squid's access.log will show > >the request, along with squid's understanding of your ip and ident. > >- The last entry in /usr/local/squidGuard/log/porn.log will show how > >squidGuard handled the request, including the ip and ident received > >from squid, and the source group and destination group from your > >squidGuard.conf file. > > > > > >-- > >Neil Watson > >Network Administrator > >watson-wilson.ca > > > > > >--- > >Incoming mail is certified Virus Free. > >Checked by AVG anti-virus system (http://www.grisoft.com). > >Version: 6.0.391 / Virus Database: 222 - Release Date: 09/19/2002 > >
