[K12OSN] Re: Help! Squidguard will not obey the ACLs in the conf file
Adam Melancon
adammelancon at gmail.com
Wed Oct 27 18:35:52 UTC 2004
You can check to see if it's even working by pointing a browser to use
your squidguard box as a proxy and set the port to 3128.
Also, you might want to do
tail /var/log/squidGuard/squidGuard.log
and make sure that you see this
2004-10-27 05:03:56 [5659] squidGuard 1.2.0 started (1098871435.867)
2004-10-27 05:03:56 [5659] squidGuard ready for requests (1098871436.095)
If it's not started and ready for requests it will not block sites.
On Wed, 27 Oct 2004 14:29:11 -0400 (EDT), joseph.bishay at utoronto.ca
<joseph.bishay at utoronto.ca> wrote:
> hello,
>
> > We would probably have to see a copy of your squidGuard.conf file to
> > be able to help you troubleshoot the problem.
>
> I've included it below. My apologies for pasting in something long.
>
> # CONFIG FILE FOR SQUIDGUARD
> # See http://www.squidguard.org/config/ for more examples
>
> dbhome /var/squidGuard/blacklists
> logdir /var/log/squidGuard
>
> dest ads {
> log ads
> domainlist ads/domains
> urllist ads/urls
> }
>
> dest audio-video {
> log audio-video
> domainlist audio-video/domains
> urllist audio-video/urls
> }
>
> dest aggressive {
> log aggressive
> domainlist aggressive/domains
> urllist aggressive/urls
> }
>
> dest drugs {
> log drugs
> domainlist drugs/domains
> urllist drugs/urls
> }
>
> dest gambling{
> log gambling
> domainlist gambling/domains
> urllist gambling/urls
> }
>
> dest hacking {
> log hacking
> domainlist hacking/domains
> urllist hacking/urls
> }
>
> dest mail {
> log mail
> domainlist mail/domains
> urllist mail/urls
> }
>
> dest porn{
> log porn
> domainlist porn/domains
> urllist porn/urls
> }
>
> dest proxy{
> log proxy
> domainlist proxy/domains
> urllist proxy/urls
> }
>
> dest violence{
> log violence
> domainlist violence/domains
> urllist violence/urls
> }
>
> dest warez{
> log warez
> domainlist warez/domains
> urllist warez/urls
> }
>
> dest local-ok{
> domainlist local-ok/domains
> urllist local-ok/urls
> }
>
> dest local-block{
> log local-block
> domainlist local-block/domains
> urllist local-block/urls
> }
>
> acl {
> default {
> # the default categories are conservative, please add any
> additional
> # categories listed above or simply comment out this line and
> uncomment
> # out the line below it.
> # pass local-ok !local-block !gambling !porn !warez all
> pass local-ok !local-block !aggressive !drugs !gambling !hacking
> !porn !proxy !violence !warez all
>
> redirect 302:http://k12server/forbidden_content.html
> # redirect
> 302:http://k12server/cgi-bin/squidGuard.cgi?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetgroup=%t&url=%u
> # redirect
> 302:http://k12server/cgi-bin/squidGuard-simple.cgi?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetclass=%t&url=%u
> }
> }
>
> ***End paste***
>
> > I just use this script that I tweaked that rebuilds the filter lists
> > and then restarts squidguard.
> > This usually helps apply any changes I've made.
>
> I was able to rebuild the filter list from the online blacklists no
> problem. I tried restarting squid by using /etc/init.d/squidguard
> restart, which was successful, but no changes seemed to have work as I can
> still access www.allmp3s.com and www.hotmail.com
>
> ------------------------
>
> > You will automatically know that my background is MS when I ask if you
> > rebooted the server ;>.
>
> Since my background is the same, it was the first thing I tried :)
>
> > Gavin's Addonz have fixed that for me now.) Also, after Hotmail was blocked
> > by manually editing the acl list, students googled and were able to access
> > hotmail using the Japanese link. I had to block passport.msn.com if I
> > remember correctly. Even now if someone is using MSN Messenger (only faculty
> > are allowed to do so) they can still access hotmail.
> > hth
> > Tim
>
> I have a problem with the students now all logging onto emessenger.net to
> chat all over the place, so I will next have to add that to the
> blacklists.
>
> thanks,
>
>
> Joseph
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
>
--
Adam Melancon
Work: http://www.vermilion.lib.la.us
Personal: http://www.melancon.org
More information about the K12OSN
mailing list