SquidGuard

Dogar · 03-21-2007, 06:23 AM

hellow all
i have installed squidguard2.0 and Berakely DB 4.5.20.
my locatoin of files are as follows

/usr/local/squidguard/squidguard.conf
/usr/local/squidguard/log/squidguard.log
/usr/local/squidguard/db

all above created by myself.

following changes are made in squid.conf

redirect_program /usr/local/bin/squidGuard -c /usr/local/squidGuard/squidGuard.conf

redirect_children 8
redirector_bypass on

my squidguard.conf file is given below

dbhome /usr/local/squidGuard/db/BL
logdir /usr/local/squidGuard/logs

dest porn {
domainlist porn/domains
urllist porn/urls
}

acl {
default {
pass !porn all
redirect http://www.google.com
}
}

for blacklists initialstion i run the following command

squidGuard -C all
it work sucessfuly and followig message generatd

squidGuard 2.0 started (1138533256.959)
db update done
squidGuard stopped (1138533374.571)

after that i run comman
squidGuard

as root

and it work
but the problem is that it not filter the sites even these are presnt in its black list

help me plz

almatic · 03-21-2007, 12:32 PM

have you restarted squid after changing the squid.conf ?

squid -k reconfigure

Dogar · 03-22-2007, 04:18 AM

yes i have restart the squid but it is not working

Dogar · 03-22-2007, 05:54 AM

Subject: Squidguard seems not to do anything

SquidGuard is started together with squid, the processes are runing.
But Squidguard seems not to allow or forbid anything.
plz help me. immidiatly
thanks for urgent reply

Slick666 · 03-26-2007, 01:24 AM

Dogar,

I feel for you man. I am currently at the same stage that you are and I am on the cusp of solving the problem myself. I do have a question for you though on something that you have not clarified. While the squidGuard is not working for you is squid itself working?

For example have you stopped squid and you connection stopped as well? and when you start it back up again does your connection start as well?

I hope I'm not point out the obvious and I will post an update if I can figure it out myself

Dogar · 03-26-2007, 02:06 AM

yes my squid is working properly and squidGuard is also runing but still not working.

you not write ur configration plz write it and if u find any soluation of this problem then plz inform me ..
this is my email address bilalafzaldogar@yahoo.com

thx

Slick666 · 03-26-2007, 02:29 AM

OK,

Here are my configs.

squid.conf

Code:

redirect_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf
redirect_children 5
redirector_bypass on

http_port 3128

hierarchy_stoplist cgi-bin ?

acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY

acl apache rep_header Server ^Apache
broken_vary_encoding allow apache

access_log /var/log/squid/access.log squid

refresh_pattern ^ftp:		1440	20%	10080
refresh_pattern ^gopher:	1440	0%	1440
refresh_pattern .		0	20%	4320

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl CONNECT method CONNECT

http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny all

http_reply_access allow all

icp_access allow all

coredump_dir /var/spool/squid

squidGuard.conf

Code:

#
# CONFIG FILE FOR SQUIDGUARD
#

dbhome /var/squidGuard
logdir /var/log/squid

#
# TIME RULES:
# abbrev for weekdays: 
# s = sun, m = mon, t =tue, w = wed, h = thu, f = fri, a = sat

time workhours {
	weekly mtwhf 08:00 - 22:00
}

#
# SOURCE ADDRESSES:
#

src admin {
	user		root landon
}

src clients {
	user		kiosk lisa
	iplist		whitelists/whitelist
}

#
# DESTINATION CLASSES:
#

dest white {
	domainlist	whitelists/whitelist
}

dest black {
	domainlist	all
	log 		blackaccess
	redirect	/var/squidGuard/redirect/default.html
}

acl {
	admin {
		pass	 any
	}

	clients {
		pass	!any
	}

	default {
		pass	!any
#                pass white !in-addr any
#                redirect /var/squidGuard/redirect/default.html
        }
}

I know it's a little rough but I hope my intention is clear. I have squid running on a local "kiosk" style machine. I'm using squid in combinations with squidGuard to block all web sites in the whitelist file currently the only thing in there is www.google.com so any other websites should be blocked if the system is up and running. I've already tested the setup to make sure the browser (Firefox) is going through the proxy. The configs are all sucessfully pass squidGuard -C all and squid -k reconfigure.

If anyone can point out any possible problems my eyes are heavy with sleep. Any help would be appreciated.

Dogar · 03-26-2007, 04:45 AM

ur redirect_program is this
redirect_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf

it must be /usr/local/bin/squidGuard -c .....
because squidguard file is present in the above diractory in default

waiting for ur replay

dsids · 03-26-2007, 05:18 AM

Hi Dogar,

Remember, squidGuard goes into emergency mode if there is any problem in its configuration file. It passes everything coming to it.

Just make sure that u have specified the correct path in squidguard.conf file. I had the same problem so what I did was moved all the files under /BL to its parent directory

mv /BL/* /usr/local/squidguard/db

removed /BL from /usr/local/squidguard/db

and it started working. It seems there is something wrong with the BL's.

Hope it helps

Danish

Slick666 · 03-26-2007, 02:11 PM

Dogar,

Quote:

ur redirect_program is this
redirect_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf

it must be /usr/local/bin/squidGuard -c .....
because squidguard file is present in the above diractory in default

The distro that I'm using is Fedora Core 6 and I installed it using there installer. Fedora installs the application in /usr/bin/

Dogar · 03-27-2007, 01:03 AM

hellow slik how r u today

i am fine and fit

i dont know much about fedora. thanks for information.

try some thing new brother...
restart squid and open squid log file "cache.log" read it carefully and find out that is there any error related to squidguard OR squid load squidguard sucessfuly.

the error like this

2007-03-27 10:47:24 [7404] init domainlist /usr/local/squidGuard/db/blacklist/porn/domains
2007-03-27 10:47:24 [7404] loading dbfile /usr/local/squidGuard/db/blacklist/porn/domains.db
2007-03-27 10:47:24 [7403] Error db_open: Permission denied
2007-03-27 10:47:24 [7403] going into emergency mode
2007-03-27 10:47:24 [7405] (squidGuard): can't write to logfile /usr/local/squidGuard/log/squidGuard.log
2007-03-27 10:47:24 [7406] (squidGuard): can't write to logfile /usr/local/squidGuard/log/squidGuard.log
2007-03-27 10:47:24 [7405] init domainlist /usr/local/squidGuard/db/blacklist/porn/domains
2007-03-27 10:47:24 [7406] init domainlist /usr/local/squidGuard/db/blacklist/porn/domains
2007-03-27 10:47:24 [7405] loading dbfile /usr/local/squidGuard/db/blacklist/porn/domains.db
2007-03-27 10:47:24 [7406] loading dbfile /usr/local/squidGuard/db/blacklist/porn/domains.db
2007-03-27 10:47:24 [7405] Error db_open: Permission denied

if u have same error then try to solve the problem and tell me about it. i am also trying to solve it...

Bilal

Dogar · 03-27-2007, 03:26 AM

hi slick

sorry dear i always write your name wrong....

i have solve my problem and my squidGuard is working properly...

if you got the error as i write in previce post.then you must see the ownership of your squidGuard diractory and database diractory if they are under root then change them to "squid". you can also give the full read write and execute permissons to your balcklist log and squidGuard.conf file and diractries..

after this restart squid
and try squidguard through your browser
i hope this will work

reguards

bilal

Slick666 · 03-28-2007, 12:45 AM

Dogar,

I'm glad you have come to a solution but unfortunately I have not been quite so lucky. I've updated my squidGuard config file to be as simple as possible.

#
# CONFIG FILE FOR SQUIDGUARD
#

dbhome /var/squidGuard
logdir /var/log/squid

#
# TIME RULES:
# abbrev for weekdays:
# s = sun, m = mon, t =tue, w = wed, h = thu, f = fri, a = sat

time workhours {
weekly mtwhf 08:00 - 22:00
}

#
# SOURCE ADDRESSES:
#

src admin {
user root landon
}

src clients {
user kiosk lisa
iplist whitelists/whitelist
}

#
# DESTINATION CLASSES:
#

acl {
default {
pass !any
}
}

The config file passes

2007-03-28 01:19:25 [3367] New setting: dbhome: /var/squidGuard
2007-03-28 01:19:25 [3367] New setting: logdir: /var/log/squid
2007-03-28 01:19:25 [3367] Added User: root
2007-03-28 01:19:25 [3367] Added User: landon
2007-03-28 01:19:25 [3367] Added User: kiosk
2007-03-28 01:19:25 [3367] Added User: lisa
2007-03-28 01:19:25 [3367] init iplist /var/squidGuard/whitelists/whitelist
2007-03-28 01:19:25 [3367] squidGuard 1.2.0 started (1175059165.600)
2007-03-28 01:19:25 [3367] db update done
2007-03-28 01:19:25 [3367] squidGuard stopped (1175059165.606)

The way I understand this squidGuard should block all websites but unfortunately that does not appear to be happening. I changed the owner of the /var/squidGuard directory to squid and I've temporarily opened up the permissions to 777 so there should be no conflicts.

Unfortunately I must call it a night. Please take a look at my configs and let me know if you see anything out of the ordinary.

Thank you for your help

Dogar · 03-28-2007, 03:30 AM

hi

u change the permissions of data base BreakeleyDB?

Slick666 · 03-28-2007, 10:38 AM

No I don't believe I did, where is the location of your Berkeley db directory?