LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 03-17-2006, 12:07 AM   #1
taiwf
Member
 
Registered: Jun 2005
Distribution: debian, ubuntu, redhat,knoppix
Posts: 194

Rep: Reputation: 31
squidguard doesn't block anything?


Hi

I have install squidGuard on my debian(sarge) from apt-get install which is version 1.2.0-5 and copy the blacklist for the official site of squidGuard project. Now it doesn't seems to block anything. The only installation process i skip is re-build black list as I think it might take hours. Below are my squid.conf & squidGuard.conf:

squid.conf
-----------------
http_port 192.168.50.254:8080
cache_peer proxy1.mel.connect.com.au parent 8080 3130
cache_peer proxy2.mel.connect.com.au parent 8080 3130
cache_peer proxy.syd.connect.com.au parent 8080 3130 no-query default
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
/usr/bin/squidGuard -c /etc/squid/squidGuard.conf
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl ournet src 192.168.8.0/255.255.255.0
acl SSL_ports port 443 563
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443 563
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl Safe_ports port 22
acl Internet_Access_Ban src 192.168.50.85/255.255.255.255
acl Porn_Site url_regex www.oxpass.com trailers3.bangbros.com
http_access allow manager localhost
http_access deny manager
http_access deny Internet_Access_Ban
http_access deny Porn_Site
http_access allow Safe_ports
http_access allow ournet
icp_access allow all
cache_effective_group proxy
cache_effective_user proxy

squidGuard.conf
-------------
dbhome /var/lib/squidguard/db
logdir /var/log/squidguard
time workhours {
weekly mtwhf 08:00 - 16:30
date *-*-01 08:00 - 16:30
}
dest good {
}
dest local {
}
dest porn{
domainlist porn/domains
urllist porn/urls
}
acl {
default {
pass !porn all
redirect http://www.google.com

}
}



===============my log file on squidguard========
2006-03-17 15:28:20 [26792] squidGuard 1.2.0 started (1142569695.598)
2006-03-17 15:28:20 [26792] recalculating alarm in 3700 seconds
2006-03-17 15:28:20 [26792] squidGuard ready for requests (1142569700.971)
2006-03-17 15:46:28 [27328] squidGuard 1.2.0 started (1142570783.089)
2006-03-17 15:46:28 [27328] recalculating alarm in 2612 seconds
2006-03-17 15:46:28 [27328] squidGuard ready for requests (1142570788.361)
===========================



thx in advance

Last edited by taiwf; 03-17-2006 at 12:16 AM.
 
Old 03-18-2006, 12:06 AM   #2
Matir
LQ Guru
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Debian, Arch
Posts: 8,507

Rep: Reputation: 128Reputation: 128
Are your clients set to use the Squid proxy?
 
Old 03-19-2006, 05:05 PM   #3
taiwf
Member
 
Registered: Jun 2005
Distribution: debian, ubuntu, redhat,knoppix
Posts: 194

Original Poster
Rep: Reputation: 31
yes. They always use whatever specified in squid 'http_port' . This squid guard doesn't seem to require its own server address unlike privoxy(another filter/redirector).

Last edited by taiwf; 03-19-2006 at 05:06 PM.
 
Old 03-19-2006, 08:36 PM   #4
taiwf
Member
 
Registered: Jun 2005
Distribution: debian, ubuntu, redhat,knoppix
Posts: 194

Original Poster
Rep: Reputation: 31
it turns out i didn't specified the variable of program redirector but only the vaule. so it should be :

redirect_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf

^^^^^^^^^


-----------------------
Now my question is the block can be easily by-passed via annoymeous proxy like

http://www.proxyweb.net
http://www.unipeak.com

Now is there a list of those anomyous proxy i can download and block it? Or at least trace user whom using to access blocked site?

Last edited by taiwf; 03-19-2006 at 08:46 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
error: mail command failed for /var/log/squidguard/squidGuard.log.6 Niceman2005 Linux - Networking 1 01-22-2009 02:24 PM
squidguard Ammad Linux - Networking 3 01-20-2006 11:02 AM
Squidguard sanjibgupta Linux - Security 1 09-26-2005 02:47 AM
get Squidguard to block entire countries web sites? Possible? Pcghost Linux - Software 3 09-19-2004 03:25 PM
squidguard ? maxut Fedora 1 05-10-2004 05:12 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 10:38 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration