| talusog |
07-28-2007 04:06 AM |
squidguard 1.21 not working.need help
hi all
i have a router box which runs on mandrake 10.1 that i ve configured for internet connection sharing which automatically setups squid transparent proxy cahing server via mandrake control center..
i ve downloaded and installed squidguard to filter internet browsing but it seems not working.i do a tail command in my squidguard log file and it says squidguard ready for request..i have set all db files,log files,blacklist files,and even the squidguards bin file to user squid but still squidguard is not blocking anything.
here is my squidguard.conf file
Code:
#
# CONFIG FILE FOR SQUIDGUARD
#
dbhome /usr/local/squidGuard/db/blacklists
logdir /usr/local/squidGuard/log
src admins {
ip 192.168.1.4
ip 192.168.1.10
ip 192.168.1.15
ip 192.168.1.20
}
dest porn {
domainlist porn/domains
urllist porn/urls
}
dest ads {
domainlist ads/domains
urllist ads/urls
}
dest chat {
domainlist chat/domains
urllist chat/urls
}
dest dialers {
domainlist dialers/domains
urllist dialers/urls
}
dest hacking {
domainlist hacking/domains
urllist hacking/urls
}
dest instantmessaging {
domainlist instantmessaging/domains
urllist instantmessaging/urls
}
dest mail {
domainlist mail/domains
urllist mail/urls
}
dest onlinegames {
domainlist onlinegames/domains
urllist onlinegames/urls
}
dest phishing {
domainlist phishing/domains
urllist phishing/urls
}
dest proxy {
domainlist proxy/domains
urllist proxy/urls
}
dest virusinfected {
domainlist virusinfected/domains
urllist virusinfected/urls
}
dest warez {
domainlist warez/domains
urllist warez/urls
}
dest mail {
domainlist mail/domains
urllist mail/urls
}
dest onlinegames {
domainlist onlinegames/domains
urllist onlinegames/urls
}
dest phishing {
domainlist phishing/domains
urllist phishing/urls
}
dest proxy {
domainlist proxy/domains
urllist proxy/urls
}
dest virusinfected {
domainlist virusinfected/domains
urllist virusinfected/urls
}
dest warez {
domainlist warez/domains
urllist warez/urls
}
}
dest webmail {
domainlist webmail/domains
urllist webmail/urls
}
dest spyware {
domainlist spyware/domains
}
dest games {
domainlist games/domains
urllist games/urls
}
acl {
admins {
pass !in-addr !porn all
redirect 302:http://gw/block.html
}
default {
pass !in-addr !porn !ads !chat !dialers !hacking !instantmessaging !mail !onlinegames !phishing !proxy !virusinfected !warez !webmail !spyware !games all
redirect 302:http://gw/block.html
}
}
and here is my squid.conf file
Code:
http_port 3128
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_dir diskd /var/spool/squid 100 16 256
cache_store_log none
cache_effective_user squid
cache_effective_group squid
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
half_closed_clients off
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny to_localhost
redirect_program /usr/local/bin/squidGuard -c /usr/local/squidGuard/squidGuard.conf
redirect_children 8
redirector_access deny localhost
redirector_bypass on
acl mynetwork src 192.168.1.0/255.255.255.0
http_access allow mynetwork
http_access allow localhost
http_reply_access allow all
icp_access allow all
visible_hostname domain@mydomain.com
httpd_accel_host virtual
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
append_domain .transcribemedia.net
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny to_localhost
redirect_program /usr/local/bin/squidGuard -c /usr/local/squidGuard/squidGuard.conf
redirect_children 8
redirector_access deny localhost
redirector_bypass on
acl mynetwork src 192.168.1.0/255.255.255.0
http_access allow mynetwork
http_access allow localhost
http_reply_access allow all
icp_access allow all
visible_hostname myfirewall@mydomain.com
httpd_accel_host virtual
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
deny_info ERR_CUSTOM_ACCESS_DENIED all
memory_pools off
coredump_dir /var/spool/squid
ie_refresh on
as ive said before squidguard logs is ok as the last line says squidguard has started and is now ready for requests.
here is also the last part of the cachE.log of squid
Code:
2007/07/28 16:15:17| Starting Squid Cache version 2.5.STABLE6 for i586-mandrake-linux-gnu...
2007/07/28 16:15:17| Process ID 4489
2007/07/28 16:15:17| With 1024 file descriptors available
2007/07/28 16:15:17| DNS Socket created at 0.0.0.0, port 32770, FD 4
2007/07/28 16:15:17| Adding nameserver 203.115.130.72 from /etc/resolv.conf
2007/07/28 16:15:17| Adding nameserver 203.115.130.74 from /etc/resolv.conf
2007/07/28 16:15:17| helperOpenServers: Starting 8 'squidGuard' processes
2007/07/28 16:15:17| User-Agent logging is disabled.
2007/07/28 16:15:17| Referer logging is disabled.
2007/07/28 16:15:17| Unlinkd pipe opened on FD 17
2007/07/28 16:15:17| Swap maxSize 102400 KB, estimated 7876 objects
2007/07/28 16:15:17| Target number of buckets: 393
2007/07/28 16:15:17| Using 8192 Store buckets
2007/07/28 16:15:17| Max Mem size: 8192 KB
2007/07/28 16:15:17| Max Swap size: 102400 KB
2007/07/28 16:15:17| Store logging disabled
2007/07/28 16:15:17| Rebuilding storage in /var/spool/squid (CLEAN)
2007/07/28 16:15:17| Using Least Load store dir selection
2007/07/28 16:15:17| Set Current Directory to /var/spool/squid
2007/07/28 16:15:17| Loaded Icons.
2007/07/28 16:15:18| Accepting HTTP connections at 0.0.0.0, port 3128, FD 16.
2007/07/28 16:15:18| Accepting ICP messages at 0.0.0.0, port 3130, FD 18.
2007/07/28 16:15:18| Accepting HTCP messages on port 4827, FD 20.
2007/07/28 16:15:18| Accepting SNMP messages on port 3401, FD 21.
2007/07/28 16:15:18| WCCP Disabled.
2007/07/28 16:15:18| Ready to serve requests.
2007/07/28 16:15:19| Done scanning /var/spool/squid swaplog (0 entries)
2007/07/28 16:15:19| Finished rebuilding storage from disk.
2007/07/28 16:15:19| 0 Entries scanned
2007/07/28 16:15:19| 0 Invalid entries.
2007/07/28 16:15:19| 0 With invalid flags.
2007/07/28 16:15:19| 0 Objects loaded.
2007/07/28 16:15:19| 0 Objects expired.
2007/07/28 16:15:19| 0 Objects cancelled.
2007/07/28 16:15:19| 0 Duplicate URLs purged.
2007/07/28 16:15:19| 0 Swapfile clashes avoided.
2007/07/28 16:15:19| Took 1.5 seconds ( 0.0 objects/sec).
2007/07/28 16:15:19| Beginning Validation Procedure
2007/07/28 16:15:19| Completed Validation Procedure
2007/07/28 16:15:19| Validated 0 Entries
2007/07/28 16:15:19| store_swap_size = 0k
2007/07/28 16:15:19| storeLateRelease: released 0 objects
anyone knows what im not doing right?:scratch: i have double check and verified that i am redirecting squidguard correctly in my squid.conf file and i am sure that all the configuration files,logs and even the bin file of squid and squidguard belongs to user squid and i have done squid -k reconfigure whenever i made changes to it.even tried rebooting but no luck..
psl help me .. :newbie: |
