[K12OSN] squidGuard - local-block isn't blocked
Dan Bentson-Royal
dbentson at lcsd.k12.wa.us
Sun Apr 24 23:23:27 UTC 2005
When I modify my local-block/domains to include a site to be blocked,
how do I get squidGuard to start taking note of that? It seems like
squidGuard is ignoring the contents of local-block/domains and my
computer is failing to incorporate the contents of local-block/domains
into local-block/domains.db - whatever the case, I can't seem to get a
local-block to happen.
I have modified that file (local-block/domains) and then done:
/usr/sbin/update_squidguard_blacklists
/etc/init.d/squidguard stop
/etc/init.d/squidguard start
But the date on local-block/domains.db never changes and the site I've
tried to block still comes through.
I've also tried running
/usr/sbin/squidGuard -C /etc/squid/squidGuard.conf -C all
but it similarly seems to make no difference. That should be covered
anyway when I do the /usr/sbin/update_squidguard_blacklists, right?
Anyway...
Sites listed in the default local-block/domains are blocked (amyshop.com
but not my new additions (xanga.com or myspace.com). Even after a
complete restart of the computer, it behaves the same way. I've
reinstalled squid and squidGuard from scratch three times now and I just
can't seem to figure it out!
Any suggestions would be much appreciated.
BTW, I am running the latest updates of squid and squidGuard on LTSP4.2.0
For those who'd like the "hard data", here you go:
-----------------------------
[root at localhost ~]# ls -l /var/squidGuard/blacklists/local-block/
total 88
-rw-r--r-- 1 squid squid 226 Apr 22 17:24 domains
-rw-r--r-- 1 squid squid 32768 Apr 16 19:01 domains.db
-rw-r--r-- 1 squid squid 109 Apr 16 19:01 urls
-rw-r--r-- 1 squid squid 32768 Apr 16 19:01 urls.db
-------------------------------
[root at localhost ~]# tail -n 40 /var/log/squidGuard/local-block
2005-04-24 15:18:43 [5603] Request(default/local-block/-)
http://www.amyshop.com/ 168.212.7.10/- - GET
----------------------------------
[root at localhost ~]# tail -n 40
/var/squidGuard/blacklists/local-block/domains
xanga.com
myspace.com
starkingdoms.com
bungie.net
addictinggames.com
61.145.116.190
amyshop.com
barnonedrinks.com
bumfights.nl
drunkcow.com
funnyjunk.com
handgunsforsale.com
poopyjoe.com
thisisarandomentrythatdoesnotexist.com
---------------------------------
[root at localhost ~]# tail -n 40 /var/log/squid/access.log
1114379997.851 119 168.212.7.10 TCP_MISS/200 1333 GET
http://www.google.com/ - DIRECT/66.102.7.147 text/html
1114379997.966 114 168.212.7.10 TCP_REFRESH_HIT/200 8835 GET
http://www.google.com/intl/en/images/logo.gif - DIRECT/66.102.7.147
text/html
1114380002.650 878 168.212.7.10 TCP_MISS/302 159 GET
http://www.won.net/ - NONE/- -
1114380002.688 19 168.212.7.10 TCP_MISS/404 491 GET
http://168.212.25.13/block.htm - DIRECT/168.212.25.13 text/html
1114380026.731 521 168.212.7.10 TCP_MISS/200 4718 GET
http://www.xanga.com/ - DIRECT/209.66.88.15 text/html
1114380026.944 324 168.212.7.10 TCP_MISS/200 1048 GET
http://a.xanga.com/bserver/AAMALL/SITE=XANGA/AREA=FRONT/acc_random=73539034/pageid=73539034/AAMB1/AAMSZ=468X60/AAMB2/AAMSZ=120X240/AAMB3/AAMSZ=88x31?
- DIRECT/209.66.88.60 text/html
1114380026.961 16 168.212.7.10 TCP_HIT/200 4265 GET
http://ai.xanga.com/xangahouse/premium-color.gif - NONE/- image/gif
1114380027.158 198 168.212.7.10 TCP_MISS/200 270 GET
http://a.xanga.com//IMPCNT/ccid=14011/AAMSZ=468X60/SITE=XANGA/AREA=FRONT/acc_random=73539034/pageid=73539034
- DIRECT/209.66.88.60 image/gif
1114380027.298 337 168.212.7.10 TCP_MISS/200 365 GET
http://ai.xanga.com/nsi/1px-front.gif? - DIRECT/209.66.88.59 image/gif
1114381123.641 1 168.212.7.10 TCP_MISS/302 159 GET
http://www.amyshop.com/ - NONE/- -
1114381123.705 39 168.212.7.10 TCP_MISS/404 491 GET
http://168.212.25.13/block.htm - DIRECT/168.212.25.13 text/html
------------------------------
[root at localhost ~]# tail -n 40 /var/log/squidGuard/squidGuard.log
2005-04-24 04:02:49 [5604] init domainlist
/var/squidGuard/blacklists/mail/domains
2005-04-24 04:02:49 [5604] loading dbfile
/var/squidGuard/blacklists/mail/domains.db
2005-04-24 04:02:49 [5604] init urllist /var/squidGuard/blacklists/mail/urls
2005-04-24 04:02:49 [5604] loading dbfile
/var/squidGuard/blacklists/mail/urls.db
2005-04-24 04:02:49 [5604] init domainlist
/var/squidGuard/blacklists/porn/domains
2005-04-24 04:02:49 [5604] loading dbfile
/var/squidGuard/blacklists/porn/domains.db
2005-04-24 04:02:49 [5604] init urllist /var/squidGuard/blacklists/porn/urls
2005-04-24 04:02:49 [5604] loading dbfile
/var/squidGuard/blacklists/porn/urls.db
2005-04-24 04:02:49 [5604] init domainlist
/var/squidGuard/blacklists/proxy/domains
2005-04-24 04:02:49 [5604] loading dbfile
/var/squidGuard/blacklists/proxy/domains.db
2005-04-24 04:02:49 [5604] init urllist
/var/squidGuard/blacklists/proxy/urls
2005-04-24 04:02:49 [5604] loading dbfile
/var/squidGuard/blacklists/proxy/urls.db
2005-04-24 04:02:49 [5604] init domainlist
/var/squidGuard/blacklists/violence/domains
2005-04-24 04:02:49 [5604] loading dbfile
/var/squidGuard/blacklists/violence/domains.db
2005-04-24 04:02:49 [5604] init urllist
/var/squidGuard/blacklists/violence/urls
2005-04-24 04:02:49 [5604] loading dbfile
/var/squidGuard/blacklists/violence/urls.db
2005-04-24 04:02:49 [5604] init domainlist
/var/squidGuard/blacklists/warez/domains
2005-04-24 04:02:49 [5604] loading dbfile
/var/squidGuard/blacklists/warez/domains.db
2005-04-24 04:02:49 [5604] init urllist
/var/squidGuard/blacklists/warez/urls
2005-04-24 04:02:49 [5604] loading dbfile
/var/squidGuard/blacklists/warez/urls.db
2005-04-24 04:02:49 [5604] init domainlist
/var/squidGuard/blacklists/local-ok/domains
2005-04-24 04:02:49 [5604] loading dbfile
/var/squidGuard/blacklists/local-ok/domains.db
2005-04-24 04:02:49 [5604] init urllist
/var/squidGuard/blacklists/local-ok/urls
2005-04-24 04:02:49 [5604] loading dbfile
/var/squidGuard/blacklists/local-ok/urls.db
2005-04-24 04:02:49 [5604] init domainlist
/var/squidGuard/blacklists/local-block/domains
2005-04-24 04:02:49 [5604] loading dbfile
/var/squidGuard/blacklists/local-block/domains.db
2005-04-24 04:02:49 [5604] init urllist
/var/squidGuard/blacklists/local-block/urls
2005-04-24 04:02:49 [5604] loading dbfile
/var/squidGuard/blacklists/local-block/urls.db
2005-04-24 04:02:49 [5604] squidGuard 1.2.0 started (1114340569.223)
2005-04-24 04:02:49 [5604] squidGuard ready for requests (1114340569.450)
2005-04-24 04:02:49 [5607] init domainlist
/var/squidGuard/blacklists/local-ok/domains
2005-04-24 04:02:49 [5607] loading dbfile
/var/squidGuard/blacklists/local-ok/domains.db
2005-04-24 04:02:49 [5607] init urllist
/var/squidGuard/blacklists/local-ok/urls
2005-04-24 04:02:49 [5607] loading dbfile
/var/squidGuard/blacklists/local-ok/urls.db
2005-04-24 04:02:49 [5607] init domainlist
/var/squidGuard/blacklists/local-block/domains
2005-04-24 04:02:49 [5607] loading dbfile
/var/squidGuard/blacklists/local-block/domains.db
2005-04-24 04:02:49 [5607] init urllist
/var/squidGuard/blacklists/local-block/urls
2005-04-24 04:02:49 [5607] loading dbfile
/var/squidGuard/blacklists/local-block/urls.db
2005-04-24 04:02:49 [5607] squidGuard 1.2.0 started (1114340569.246)
2005-04-24 04:02:49 [5607] squidGuard ready for requests (1114340569.457)
-------------------------------
[root at localhost ~]# more /usr/sbin/update_squidguard_blacklists
#!/bin/sh
TARGET=/var/squidGuard/blacklists
cd $TARGET || exit
# only run if squidGuard is active!
[ "`ps auxw | grep squid[G]uard`" ] || exit
rsync -az squidguard.mesd.k12.or.us::filtering $TARGET
for DIR in `ls $TARGET`
do
if [ -f $DIR/domains.include ]
then
TMP=$RANDOM
cat $DIR/domains $DIR/domains.include | sort | uniq >
$DIR/domai
ns.$TMP
mv -f $DIR/domains.$TMP $DIR/domains
fi
if [ -f $DIR/urls.include ]
then
TMP=$RANDOM
cat $DIR/urls $DIR/urls.include | sort | uniq >
$DIR/urls.$TMP
mv -f $DIR/urls.$TMP $DIR/urls
fi
done
/usr/sbin/squidGuard -c /etc/squid/squidGuard.conf -C all
# /usr/sbin/squidGuard -c /etc/squid/squidGuard.conf -u
chown -R squid.squid $TARGET
chown -R squid.squid /var/log/squidGuard/
sleep 5s
/usr/bin/killall -HUP squid
-------------------------------
[root at localhost ~]# more /etc/squid/squidGuard.conf
#
# CONFIG FILE FOR SQUIDGUARD
#
# See http://www.squidguard.org/config/ for more examples
#
dbhome /var/squidGuard/blacklists
logdir /var/log/squidGuard
dest ads {
log ads
domainlist ads/domains
urllist ads/urls
}
dest audio-video {
log audio-video
domainlist audio-video/domains
urllist audio-video/urls
}
dest aggressive {
log aggressive
domainlist aggressive/domains
urllist aggressive/urls
}
dest drugs {
log drugs
domainlist drugs/domains
urllist drugs/urls
}
dest gambling{
log gambling
domainlist gambling/domains
urllist gambling/urls
}
dest hacking {
log hacking
domainlist hacking/domains
urllist hacking/urls
}
dest mail {
log mail
domainlist mail/domains
urllist mail/urls
}
dest porn{
log porn
domainlist porn/domains
urllist porn/urls
}
dest proxy{
log proxy
domainlist proxy/domains
urllist proxy/urls
}
dest violence{
log violence
domainlist violence/domains
urllist violence/urls
}
dest warez{
log warez
domainlist warez/domains
urllist warez/urls
}
dest local-ok{
domainlist local-ok/domains
urllist local-ok/urls
}
dest local-block{
log local-block
domainlist local-block/domains
urllist local-block/urls
}
rewrite google {
s@(google.com/search.*q=.*)@\1\&safe=active at i
s@(google.com/images.*q=.*)@\1\&safe=active at i
s@(google.com/groups.*q=.*)@\1\&safe=active at i
s@(google.com/news.*q=.*)@\1\&safe=active at i
# log google
}
acl {
default {
# for google to be in "safe mode"
rewrite google
# the default categories are conservative, please add any
additional
# categories listed above or simply comment out this line and
uncomment
# out the line below it.
# DBR edit begin - 050422
# commented out the following 1 line
# pass local-ok !local-block !gambling !porn !warez all
# uncommented the following 1 line
pass local-ok !local-block !aggressive !drugs !gambling
!hacking !porn !
proxy !violence !warez all
# DBR Edit end
# DBR edit begin - 050422
# Editted the following to use the custom block page
redirect 302:http://168.212.25.13/block.htm
# DBR edit end
# DBR edit begin - 050422
# commented out the default setting for a block page
# redirect
302:http://localhost.localdomain/cgi-bin/squidGuard.cgi?cl
ientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetgroup=%t&url=%u
# DBR edit end
# redirect
302:http://localhost.localdomain/cgi-bin/squidGuard-simpl
e.cgi?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetclass=%t&url=
%u
}
}
----------------------------------
[root at localhost ~]# ps aux | grep squid
squid 4156 0.0 1.1 9636 5804 ? S Apr22 0:01 (squid)
-D -f /etc/squid/squid-squidGuard.conf
squid 4163 0.0 0.0 2596 272 ? Ss Apr22 0:00 (unlinkd)
squid 5603 0.0 0.5 10712 2628 ? Ss 04:02 0:00
(squidGuard) -c /etc/squid/squidGuard.conf
squid 5604 0.0 0.4 10568 2436 ? Ss 04:02 0:00
(squidGuard) -c /etc/squid/squidGuard.conf
squid 5605 0.0 0.3 10144 1920 ? Ss 04:02 0:00
(squidGuard) -c /etc/squid/squidGuard.conf
squid 5606 0.0 0.3 11304 1912 ? Ss 04:02 0:00
(squidGuard) -c /etc/squid/squidGuard.conf
squid 5607 0.0 0.3 10432 1912 ? Ss 04:02 0:00
(squidGuard) -c /etc/squid/squidGuard.conf
root 27417 0.0 0.1 4980 656 pts/3 R+ 15:47 0:00 grep squid
--------------------------------
--
Dan Bentson-Royal
La Center Schools
More information about the K12OSN
mailing list