[K12OSN] Help! Squidguard will not obey the ACLs in the conf file
Adam Melancon
adammelancon at gmail.com
Wed Oct 27 16:54:00 UTC 2004
Tim, if you are using the squidguard built into the k12ltsp distro,
there should be a script
/usr/sbin/update_squidguard_blacklists
available for you to rebuild the lists automatically. The side effect
of this script is that it does the rsync and updates all of the
blacklists and rebuilds ALL of the lists which can take some time to
do.
What I did was tweak this update_squidguard_blacklists file to just
rebuild ONLY the local-ok and local-deny files and not download the
updates. It saves time if you are just editing the local files and
only want to rebuild the database files for just those local ok/block
lists instead of all of the lists, and don't need to do the download
updates right now.
I saved it as rebuildlocal-ok-deny.sh
[root at ltsp40 root]# cat rebuildlocal-ok-deny.sh
#!/bin/bash
date
/usr/sbin/squidGuard -c /etc/squid/squidGuard.conf -C local-ok/urls
/usr/sbin/squidGuard -c /etc/squid/squidGuard.conf -C local-ok/domains
/usr/sbin/squidGuard -c /etc/squid/squidGuard.conf -C local-block/urls
/usr/sbin/squidGuard -c /etc/squid/squidGuard.conf -C local-block/domains
chown -R squid.squid /var/squidGuard/blacklists/
chown -R squid.squid /var/log/squidGuard/
sleep 5s
/usr/bin/killall -HUP squid
sleep 5s
tail -n 80 /var/log/squidGuard/squidGuard.log
date
[root at ltsp40 root]#
On Wed, 27 Oct 2004 11:41:58 -0500, Tim Kaldahl
<tkaldahl at maplewoodacademy.org> wrote:
> -----Original Message-----
>
>
> From: k12osn-bounces at redhat.com [mailto:k12osn-bounces at redhat.com]On
> Behalf Of Joseph Bishay
> Sent: Wednesday, October 27, 2004 11:12 AM
> To: k12osn at redhat.com
> Subject: [K12OSN] Help! Squidguard will not obey the ACLs in the conf
> file
>
> Hello,
>
> I hope everyone is doing well.
>
> Thanks to some kind folks on #ltsp, I was able to get squidguard up
> and running on the k12ltsp (RH9) server. And it blocks the 3 default
> blacklist sets.
>
> However, I wanted to activate all the possible blacklists, so I
> commented out the line with the 3, and uncommented the one below it
> that has all the different groups listed as !xxxx and so on. But it
> will not accept those new rules.
>
> I was able to change the redirection page so that a webpage I created
> and point to a page I'm serving off the server, so I know the file is
> being read. But why is it not blocking the others? As an example,
> typing in www.sex.com results in it being blocked, but
> www.allmp3s.com does not. And neither for hotmail, etc.
>
> Any thoughts on what I may be overlooking?
>
> Thank you kindly,
> Joseph
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
>
> You will automatically know that my background is MS when I ask if you
> rebooted the server ;>. From the been there done that category, each time I
> edit the blacklists i have to restart or they don't work. (Actually I think
> Gavin's Addonz have fixed that for me now.) Also, after Hotmail was blocked
> by manually editing the acl list, students googled and were able to access
> hotmail using the Japanese link. I had to block passport.msn.com if I
> remember correctly. Even now if someone is using MSN Messenger (only faculty
> are allowed to do so) they can still access hotmail.
>
> hth
> Tim
>
>
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
>
--
Adam Melancon
Work: http://www.vermilion.lib.la.us
Personal: http://www.melancon.org
More information about the K12OSN
mailing list