[K12OSN] Re: Help! Squidguard will not obey the ACLs in the conf file

Wed Oct 27 18:35:52 UTC 2004

You can check to see if it's even working by pointing a browser to use
your squidguard box  as a proxy and set the port to 3128.

Also, you might want to do 

tail /var/log/squidGuard/squidGuard.log

and make sure that you see this

2004-10-27 05:03:56 [5659] squidGuard 1.2.0 started (1098871435.867)
2004-10-27 05:03:56 [5659] squidGuard ready for requests (1098871436.095)

If it's not started and ready for requests it will not block sites.

On Wed, 27 Oct 2004 14:29:11 -0400 (EDT), joseph.bishay at utoronto.ca
<joseph.bishay at utoronto.ca> wrote:
> hello,
> 
> > We would probably have to see a copy of your squidGuard.conf file to
> > be able to help you troubleshoot the problem.
> 
> I've included it below. My apologies for pasting in something long.
> 
> # CONFIG FILE FOR SQUIDGUARD
> # See http://www.squidguard.org/config/ for more examples
> 
> dbhome /var/squidGuard/blacklists
> logdir /var/log/squidGuard
> 
> dest ads {
>     log        ads
>     domainlist    ads/domains
>     urllist        ads/urls
> }
> 
> dest audio-video {
>     log        audio-video
>     domainlist    audio-video/domains
>     urllist        audio-video/urls
> }
> 
> dest aggressive {
>     log        aggressive
>     domainlist    aggressive/domains
>     urllist        aggressive/urls
> }
> 
> dest drugs {
>     log        drugs
>     domainlist    drugs/domains
>     urllist        drugs/urls
> }
> 
> dest gambling{
>     log        gambling
>     domainlist    gambling/domains
>     urllist        gambling/urls
> }
> 
> dest hacking {
>     log        hacking
>     domainlist    hacking/domains
>     urllist        hacking/urls
> }
> 
> dest mail {
>     log        mail
>     domainlist    mail/domains
>     urllist        mail/urls
> }
> 
> dest porn{
>     log        porn
>     domainlist    porn/domains
>     urllist        porn/urls
> }
> 
> dest proxy{
>     log        proxy
>     domainlist    proxy/domains
>     urllist        proxy/urls
> }
> 
> dest violence{
>     log        violence
>     domainlist    violence/domains
>     urllist        violence/urls
> }
> 
> dest warez{
>     log        warez
>     domainlist    warez/domains
>     urllist        warez/urls
> }
> 
> dest local-ok{
>     domainlist      local-ok/domains
>     urllist         local-ok/urls
> }
> 
> dest local-block{
>     log             local-block
>     domainlist      local-block/domains
>     urllist         local-block/urls
> }
> 
> acl {
>     default {
>         # the default categories are conservative, please add any
> additional
>         # categories listed above or simply comment out this line and
> uncomment
>         # out the line below it.
> #        pass local-ok !local-block !gambling !porn !warez all
>         pass local-ok !local-block !aggressive !drugs !gambling !hacking
> !porn !proxy !violence !warez all
> 
>         redirect 302:http://k12server/forbidden_content.html
> #        redirect
> 302:http://k12server/cgi-bin/squidGuard.cgi?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetgroup=%t&url=%u
>         # redirect
> 302:http://k12server/cgi-bin/squidGuard-simple.cgi?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetclass=%t&url=%u
>     }
> }
> 
> ***End paste***
> 
> > I just use this script that I tweaked that rebuilds the filter lists
> > and then restarts squidguard.
> > This usually helps apply any changes I've made.
> 
> I was able to rebuild the filter list from the online blacklists no
> problem.  I tried restarting squid by using /etc/init.d/squidguard
> restart, which was successful, but no changes seemed to have work as I can
> still access www.allmp3s.com and www.hotmail.com
> 
> ------------------------
> 
> > You will automatically know that my background is MS when I ask if you
> > rebooted the server ;>.
> 
> Since my background is the same, it was the first thing I tried :)
> 
> > Gavin's Addonz have fixed that for me now.) Also, after Hotmail was blocked
> > by manually editing the acl list, students googled and were able to access
> > hotmail using the Japanese link. I had to block passport.msn.com if I
> > remember correctly. Even now if someone is using MSN Messenger (only faculty
> > are allowed to do so) they can still access hotmail.
> > hth
> > Tim
> 
> I have a problem with the students now all logging onto emessenger.net to
> chat all over the place, so I will next have to add that to the
> blacklists.
> 
> thanks,
> 
> 
> Joseph
> 
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
> 

-- 
Adam Melancon
Work: http://www.vermilion.lib.la.us
Personal: http://www.melancon.org