squidGuard+Squid problem

ebel.velda · 06-14-2007, 08:07 AM

I have a squidGuard on a test proxy server (so no IPtables).
Configuration files :
/usr/local/squidGuard/squidGuard.conf
dbhome /usr/local/squidGuard/db
logdir /usr/local/squidGuard/log
src admin {
ip 10.32.34.141
user root
}
src lan {
ip 192.168.112.0/24
}
dest porn {
domainlist /usr/local/squidGuard/db/blacklists/porn/domains
urllist /usr/local/squidGuard/db/blacklists/porn/urls
}
acl {
admin {
pass any
}
lan {
pass !porn all
}
default {
pass !porn all
redirect http://192.168.112.1
}
}

and a relevant part from /etc/squid/squid.conf :
redirect_program /usr/local/bin/squidGuard -c /usr/local/squidGuard/squidGuard.conf
redirect_children 5
redirector_access deny localhost
redirector_bypass on

As for the ownership of files+logs+conf files : /usr/local/squidGuard/db/blacklists and /usr/local/squidGuard/log :
-rw-r--r-- 1 squid squid 799 Jun 5 15:26 squidGuard.conf
drwxr-xr-x 3 squid root 4.0K Jun 4 12:34 db
drw-r--r-- 2 squid squid 4.0K Jun 4 15:19 log
drwxr-xr-x 13 squid squid 4.0K Jun 4 12:34 blacklists
drwxr-xr-x 2 squid squid 4.0K Jun 5 09:38 porn
-rw-r--r-- 1 squid squid 0 Jun 4 15:19 porn.log
-rw-r--r-- 1 squid squid 11K Jun 5 11:19 squidGuard.log

Blacklists translated to db format with no problem.

BUT when I do this :# squidclient -p 8080 mgr:redirect , I do not get the page I have set up as a redirect page (in my cahe a http default page on proxy server), but I get this :
HTTP/1.0 404 Not Found
Server: squid/2.5.STABLE14
Mime-Version: 1.0
Date: Wed, 06 Jun 2007 07:37:06 GMT
Content-Type: text/html
Content-Length: 1207
Expires: Wed, 06 Jun 2007 07:37:06 GMT
X-Squid-Error: ERR_INVALID_URL 0
X-Cache: MISS from balrog.trezor
(this is just a few first lines)

Also when I test bu trying to go to the forbidden page (from my proxy maschine, imitating my clent with 192.168.112.2) :
# echo "http://www.pussy.com 192.168.112.2/ - - GET" | squidGuard -c /usr/local/squidGuard/squidGuard.conf -d
2007-06-06 09:40:05 [7610] New setting: dbhome: /usr/local/squidGuard/db
2007-06-06 09:40:05 [7610] New setting: logdir: /usr/local/squidGuard/log
2007-06-06 09:40:05 [7610] Added User: root
2007-06-06 09:40:05 [7610] init domainlist /usr/local/squidGuard/db/blacklists/porn/domains
2007-06-06 09:40:05 [7610] loading dbfile /usr/local/squidGuard/db/blacklists/porn/domains.db
2007-06-06 09:40:05 [7610] init urllist /usr/local/squidGuard/db/blacklists/porn/urls
2007-06-06 09:40:05 [7610] loading dbfile /usr/local/squidGuard/db/blacklists/porn/urls.db
2007-06-06 09:40:05 [7610] squidGuard 1.2.1 started (1181115605.624)
2007-06-06 09:40:05 [7610] squidGuard ready for requests (1181115605.685)
http://192.168.112.1 192.168.112.2/- - -
2007-06-06 09:40:05 [7610] squidGuard stopped (1181115605.707)

and directly from a cleint maschine, for a forbidden page I get "URL is not available", and NOT my redirect page. In logs /usr/local/squidGuard/log/porn.log and squidGuard.log there is NOTHING!!
Only standard lines in /var/log/squid/access.log

Also the proces is obviously running :
# ps -axf|grep squid
7580 pts/4 S+ 0:00 \_ grep squid
11401 ? Ss 0:00 squid -D
11403 ? S 0:05 \_ (squid) -D
14068 ? Ss 0:00 \_ (squidGuard) -c /usr/local/squidGuard/squidGuard.conf
14069 ? Ss 0:00 \_ (squidGuard) -c /usr/local/squidGuard/squidGuard.conf
14070 ? Ss 0:00 \_ (squidGuard) -c /usr/local/squidGuard/squidGuard.conf
14071 ? Ss 0:00 \_ (squidGuard) -c /usr/local/squidGuard/squidGuard.conf
14072 ? Ss 0:00 \_ (squidGuard) -c /usr/local/squidGuard/squidGuard.conf

ANY ideas????
Help!

eryptes · 06-22-2007, 10:57 PM

Quote:

Originally Posted by ebel.velda

I have a squidGuard on a test proxy server (so no IPtables).
Configuration files :
/usr/local/squidGuard/squidGuard.conf
dbhome /usr/local/squidGuard/db
logdir /usr/local/squidGuard/log
src admin {
ip 10.32.34.141
user root
}
src lan {
ip 192.168.112.0/24
}
dest porn {
domainlist /usr/local/squidGuard/db/blacklists/porn/domains
urllist /usr/local/squidGuard/db/blacklists/porn/urls
}
acl {
admin {
pass any
}
lan {
pass !porn all
}
default {
pass !porn all
redirect http://192.168.112.1
}
}

and a relevant part from /etc/squid/squid.conf :
redirect_program /usr/local/bin/squidGuard -c /usr/local/squidGuard/squidGuard.conf
redirect_children 5
redirector_access deny localhost
redirector_bypass on

As for the ownership of files+logs+conf files : /usr/local/squidGuard/db/blacklists and /usr/local/squidGuard/log :
-rw-r--r-- 1 squid squid 799 Jun 5 15:26 squidGuard.conf
drwxr-xr-x 3 squid root 4.0K Jun 4 12:34 db
drw-r--r-- 2 squid squid 4.0K Jun 4 15:19 log
drwxr-xr-x 13 squid squid 4.0K Jun 4 12:34 blacklists
drwxr-xr-x 2 squid squid 4.0K Jun 5 09:38 porn
-rw-r--r-- 1 squid squid 0 Jun 4 15:19 porn.log
-rw-r--r-- 1 squid squid 11K Jun 5 11:19 squidGuard.log

Blacklists translated to db format with no problem.

BUT when I do this :# squidclient -p 8080 mgr:redirect , I do not get the page I have set up as a redirect page (in my cahe a http default page on proxy server), but I get this :
HTTP/1.0 404 Not Found
Server: squid/2.5.STABLE14
Mime-Version: 1.0
Date: Wed, 06 Jun 2007 07:37:06 GMT
Content-Type: text/html
Content-Length: 1207
Expires: Wed, 06 Jun 2007 07:37:06 GMT
X-Squid-Error: ERR_INVALID_URL 0
X-Cache: MISS from balrog.trezor
(this is just a few first lines)

Also when I test bu trying to go to the forbidden page (from my proxy maschine, imitating my clent with 192.168.112.2) :
# echo "http://www.pussy.com 192.168.112.2/ - - GET" | squidGuard -c /usr/local/squidGuard/squidGuard.conf -d
2007-06-06 09:40:05 [7610] New setting: dbhome: /usr/local/squidGuard/db
2007-06-06 09:40:05 [7610] New setting: logdir: /usr/local/squidGuard/log
2007-06-06 09:40:05 [7610] Added User: root
2007-06-06 09:40:05 [7610] init domainlist /usr/local/squidGuard/db/blacklists/porn/domains
2007-06-06 09:40:05 [7610] loading dbfile /usr/local/squidGuard/db/blacklists/porn/domains.db
2007-06-06 09:40:05 [7610] init urllist /usr/local/squidGuard/db/blacklists/porn/urls
2007-06-06 09:40:05 [7610] loading dbfile /usr/local/squidGuard/db/blacklists/porn/urls.db
2007-06-06 09:40:05 [7610] squidGuard 1.2.1 started (1181115605.624)
2007-06-06 09:40:05 [7610] squidGuard ready for requests (1181115605.685)
http://192.168.112.1 192.168.112.2/- - -
2007-06-06 09:40:05 [7610] squidGuard stopped (1181115605.707)

and directly from a cleint maschine, for a forbidden page I get "URL is not available", and NOT my redirect page. In logs /usr/local/squidGuard/log/porn.log and squidGuard.log there is NOTHING!!
Only standard lines in /var/log/squid/access.log

Also the proces is obviously running :
# ps -axf|grep squid
7580 pts/4 S+ 0:00 \_ grep squid
11401 ? Ss 0:00 squid -D
11403 ? S 0:05 \_ (squid) -D
14068 ? Ss 0:00 \_ (squidGuard) -c /usr/local/squidGuard/squidGuard.conf
14069 ? Ss 0:00 \_ (squidGuard) -c /usr/local/squidGuard/squidGuard.conf
14070 ? Ss 0:00 \_ (squidGuard) -c /usr/local/squidGuard/squidGuard.conf
14071 ? Ss 0:00 \_ (squidGuard) -c /usr/local/squidGuard/squidGuard.conf
14072 ? Ss 0:00 \_ (squidGuard) -c /usr/local/squidGuard/squidGuard.conf

ANY ideas????
Help!

I have exactely the same trouble. If there is someone could help us it will great.

Thanks a lot

rsean · 06-29-2007, 08:04 AM

Hello,

Try SafeSquid - Content Filtering Internet Proxy and application layer firewall. This is what we use and it has a feature called 'customizable template' that can be used to display different custom text or html messages for different denial events, by different filter sections like url filter, url blacklist, mime filter, cookie filter, etc. The full-featured SafeSquid Composite 20 is a free edition that can be happily used in a 20-30 user network. There is another free edition with limited features but no limit on the number of users.

Cheers!

eryptes · 07-08-2007, 10:09 PM

Thank you for your reply.

Sometime my brain think like a newbie. It was just right trouble, I solve it giving the good rights to put the user "squid" owner of the folder and subfolders "blacklist" with this following command:

chown -R squid /usr/local/squidGuard/db/blacklists/

Sorry for mmy stupid question