[K12OSN] squidGuard - local-block isn't blocked
mrok12osn at eastgranby.k12.ct.us
mrok12osn at eastgranby.k12.ct.us
Mon Apr 25 03:00:15 UTC 2005
Two items.
(1) I noticed that /usr/sbin/update_squidguard_blacklists displayed funny
below.
"
> if [ -f $DIR/domains.include ]
> then
> TMP=$RANDOM
> cat $DIR/domains $DIR/domains.include | sort | uniq >
> $DIR/domai
> ns.$TMP
"
Is there some sort of extra char above between domai and the ns on the
following line? It should be $DIR/domains.$TMP.
(2) Below, the first -C should be -c
"
> I've also tried running
> /usr/sbin/squidGuard -C /etc/squid/squidGuard.conf -C all
"
Mark Orenstein
East Granby, CT School System
> When I modify my local-block/domains to include a site to be blocked,
> how do I get squidGuard to start taking note of that? It seems like
> squidGuard is ignoring the contents of local-block/domains and my
> computer is failing to incorporate the contents of local-block/domains
> into local-block/domains.db - whatever the case, I can't seem to get a
> local-block to happen.
>
> I have modified that file (local-block/domains) and then done:
> /usr/sbin/update_squidguard_blacklists
> /etc/init.d/squidguard stop
> /etc/init.d/squidguard start
> But the date on local-block/domains.db never changes and the site I've
> tried to block still comes through.
>
> I've also tried running
> /usr/sbin/squidGuard -C /etc/squid/squidGuard.conf -C all
> but it similarly seems to make no difference. That should be covered
> anyway when I do the /usr/sbin/update_squidguard_blacklists, right?
> Anyway...
>
> Sites listed in the default local-block/domains are blocked (amyshop.com
> but not my new additions (xanga.com or myspace.com). Even after a
> complete restart of the computer, it behaves the same way. I've
> reinstalled squid and squidGuard from scratch three times now and I just
> can't seem to figure it out!
>
> Any suggestions would be much appreciated.
> BTW, I am running the latest updates of squid and squidGuard on LTSP4.2.0
>
> For those who'd like the "hard data", here you go:
> -----------------------------
>
> [root at localhost ~]# ls -l /var/squidGuard/blacklists/local-block/
> total 88
> -rw-r--r-- 1 squid squid 226 Apr 22 17:24 domains
> -rw-r--r-- 1 squid squid 32768 Apr 16 19:01 domains.db
> -rw-r--r-- 1 squid squid 109 Apr 16 19:01 urls
> -rw-r--r-- 1 squid squid 32768 Apr 16 19:01 urls.db
>
> -------------------------------
>
> [root at localhost ~]# tail -n 40 /var/log/squidGuard/local-block
> 2005-04-24 15:18:43 [5603] Request(default/local-block/-)
> http://www.amyshop.com/ 168.212.7.10/- - GET
>
> ----------------------------------
> [root at localhost ~]# tail -n 40
> /var/squidGuard/blacklists/local-block/domains
> xanga.com
> myspace.com
> starkingdoms.com
> bungie.net
> addictinggames.com
> 61.145.116.190
> amyshop.com
> barnonedrinks.com
> bumfights.nl
> drunkcow.com
> funnyjunk.com
> handgunsforsale.com
> poopyjoe.com
> thisisarandomentrythatdoesnotexist.com
>
> ---------------------------------
>
> [root at localhost ~]# tail -n 40 /var/log/squid/access.log
> 1114379997.851 119 168.212.7.10 TCP_MISS/200 1333 GET
> http://www.google.com/ - DIRECT/66.102.7.147 text/html
> 1114379997.966 114 168.212.7.10 TCP_REFRESH_HIT/200 8835 GET
> http://www.google.com/intl/en/images/logo.gif - DIRECT/66.102.7.147
> text/html
> 1114380002.650 878 168.212.7.10 TCP_MISS/302 159 GET
> http://www.won.net/ - NONE/- -
> 1114380002.688 19 168.212.7.10 TCP_MISS/404 491 GET
> http://168.212.25.13/block.htm - DIRECT/168.212.25.13 text/html
> 1114380026.731 521 168.212.7.10 TCP_MISS/200 4718 GET
> http://www.xanga.com/ - DIRECT/209.66.88.15 text/html
> 1114380026.944 324 168.212.7.10 TCP_MISS/200 1048 GET
> http://a.xanga.com/bserver/AAMALL/SITE=XANGA/AREA=FRONT/acc_random=73539034/pageid=73539034/AAMB1/AAMSZ=468X60/AAMB2/AAMSZ=120X240/AAMB3/AAMSZ=88x31?
> - DIRECT/209.66.88.60 text/html
> 1114380026.961 16 168.212.7.10 TCP_HIT/200 4265 GET
> http://ai.xanga.com/xangahouse/premium-color.gif - NONE/- image/gif
> 1114380027.158 198 168.212.7.10 TCP_MISS/200 270 GET
> http://a.xanga.com//IMPCNT/ccid=14011/AAMSZ=468X60/SITE=XANGA/AREA=FRONT/acc_random=73539034/pageid=73539034
> - DIRECT/209.66.88.60 image/gif
> 1114380027.298 337 168.212.7.10 TCP_MISS/200 365 GET
> http://ai.xanga.com/nsi/1px-front.gif? - DIRECT/209.66.88.59 image/gif
> 1114381123.641 1 168.212.7.10 TCP_MISS/302 159 GET
> http://www.amyshop.com/ - NONE/- -
> 1114381123.705 39 168.212.7.10 TCP_MISS/404 491 GET
> http://168.212.25.13/block.htm - DIRECT/168.212.25.13 text/html
>
> ------------------------------
>
> [root at localhost ~]# tail -n 40 /var/log/squidGuard/squidGuard.log
> 2005-04-24 04:02:49 [5604] init domainlist
> /var/squidGuard/blacklists/mail/domains
> 2005-04-24 04:02:49 [5604] loading dbfile
> /var/squidGuard/blacklists/mail/domains.db
> 2005-04-24 04:02:49 [5604] init urllist
> /var/squidGuard/blacklists/mail/urls
> 2005-04-24 04:02:49 [5604] loading dbfile
> /var/squidGuard/blacklists/mail/urls.db
> 2005-04-24 04:02:49 [5604] init domainlist
> /var/squidGuard/blacklists/porn/domains
> 2005-04-24 04:02:49 [5604] loading dbfile
> /var/squidGuard/blacklists/porn/domains.db
> 2005-04-24 04:02:49 [5604] init urllist
> /var/squidGuard/blacklists/porn/urls
> 2005-04-24 04:02:49 [5604] loading dbfile
> /var/squidGuard/blacklists/porn/urls.db
> 2005-04-24 04:02:49 [5604] init domainlist
> /var/squidGuard/blacklists/proxy/domains
> 2005-04-24 04:02:49 [5604] loading dbfile
> /var/squidGuard/blacklists/proxy/domains.db
> 2005-04-24 04:02:49 [5604] init urllist
> /var/squidGuard/blacklists/proxy/urls
> 2005-04-24 04:02:49 [5604] loading dbfile
> /var/squidGuard/blacklists/proxy/urls.db
> 2005-04-24 04:02:49 [5604] init domainlist
> /var/squidGuard/blacklists/violence/domains
> 2005-04-24 04:02:49 [5604] loading dbfile
> /var/squidGuard/blacklists/violence/domains.db
> 2005-04-24 04:02:49 [5604] init urllist
> /var/squidGuard/blacklists/violence/urls
> 2005-04-24 04:02:49 [5604] loading dbfile
> /var/squidGuard/blacklists/violence/urls.db
> 2005-04-24 04:02:49 [5604] init domainlist
> /var/squidGuard/blacklists/warez/domains
> 2005-04-24 04:02:49 [5604] loading dbfile
> /var/squidGuard/blacklists/warez/domains.db
> 2005-04-24 04:02:49 [5604] init urllist
> /var/squidGuard/blacklists/warez/urls
> 2005-04-24 04:02:49 [5604] loading dbfile
> /var/squidGuard/blacklists/warez/urls.db
> 2005-04-24 04:02:49 [5604] init domainlist
> /var/squidGuard/blacklists/local-ok/domains
> 2005-04-24 04:02:49 [5604] loading dbfile
> /var/squidGuard/blacklists/local-ok/domains.db
> 2005-04-24 04:02:49 [5604] init urllist
> /var/squidGuard/blacklists/local-ok/urls
> 2005-04-24 04:02:49 [5604] loading dbfile
> /var/squidGuard/blacklists/local-ok/urls.db
> 2005-04-24 04:02:49 [5604] init domainlist
> /var/squidGuard/blacklists/local-block/domains
> 2005-04-24 04:02:49 [5604] loading dbfile
> /var/squidGuard/blacklists/local-block/domains.db
> 2005-04-24 04:02:49 [5604] init urllist
> /var/squidGuard/blacklists/local-block/urls
> 2005-04-24 04:02:49 [5604] loading dbfile
> /var/squidGuard/blacklists/local-block/urls.db
> 2005-04-24 04:02:49 [5604] squidGuard 1.2.0 started (1114340569.223)
> 2005-04-24 04:02:49 [5604] squidGuard ready for requests (1114340569.450)
> 2005-04-24 04:02:49 [5607] init domainlist
> /var/squidGuard/blacklists/local-ok/domains
> 2005-04-24 04:02:49 [5607] loading dbfile
> /var/squidGuard/blacklists/local-ok/domains.db
> 2005-04-24 04:02:49 [5607] init urllist
> /var/squidGuard/blacklists/local-ok/urls
> 2005-04-24 04:02:49 [5607] loading dbfile
> /var/squidGuard/blacklists/local-ok/urls.db
> 2005-04-24 04:02:49 [5607] init domainlist
> /var/squidGuard/blacklists/local-block/domains
> 2005-04-24 04:02:49 [5607] loading dbfile
> /var/squidGuard/blacklists/local-block/domains.db
> 2005-04-24 04:02:49 [5607] init urllist
> /var/squidGuard/blacklists/local-block/urls
> 2005-04-24 04:02:49 [5607] loading dbfile
> /var/squidGuard/blacklists/local-block/urls.db
> 2005-04-24 04:02:49 [5607] squidGuard 1.2.0 started (1114340569.246)
> 2005-04-24 04:02:49 [5607] squidGuard ready for requests (1114340569.457)
>
> -------------------------------
>
> [root at localhost ~]# more /usr/sbin/update_squidguard_blacklists
> #!/bin/sh
>
> TARGET=/var/squidGuard/blacklists
>
> cd $TARGET || exit
>
> # only run if squidGuard is active!
> [ "`ps auxw | grep squid[G]uard`" ] || exit
>
> rsync -az squidguard.mesd.k12.or.us::filtering $TARGET
>
> for DIR in `ls $TARGET`
> do
> if [ -f $DIR/domains.include ]
> then
> TMP=$RANDOM
> cat $DIR/domains $DIR/domains.include | sort | uniq >
> $DIR/domai
> ns.$TMP
> mv -f $DIR/domains.$TMP $DIR/domains
> fi
> if [ -f $DIR/urls.include ]
> then
> TMP=$RANDOM
> cat $DIR/urls $DIR/urls.include | sort | uniq >
> $DIR/urls.$TMP
> mv -f $DIR/urls.$TMP $DIR/urls
> fi
> done
>
> /usr/sbin/squidGuard -c /etc/squid/squidGuard.conf -C all
> # /usr/sbin/squidGuard -c /etc/squid/squidGuard.conf -u
>
> chown -R squid.squid $TARGET
> chown -R squid.squid /var/log/squidGuard/
>
> sleep 5s
>
> /usr/bin/killall -HUP squid
>
> -------------------------------
>
> [root at localhost ~]# more /etc/squid/squidGuard.conf
> #
> # CONFIG FILE FOR SQUIDGUARD
> #
> # See http://www.squidguard.org/config/ for more examples
> #
>
> dbhome /var/squidGuard/blacklists
> logdir /var/log/squidGuard
>
> dest ads {
> log ads
> domainlist ads/domains
> urllist ads/urls
> }
>
> dest audio-video {
> log audio-video
> domainlist audio-video/domains
> urllist audio-video/urls
> }
>
> dest aggressive {
> log aggressive
> domainlist aggressive/domains
> urllist aggressive/urls
> }
>
> dest drugs {
> log drugs
> domainlist drugs/domains
> urllist drugs/urls
> }
>
> dest gambling{
> log gambling
> domainlist gambling/domains
> urllist gambling/urls
> }
>
> dest hacking {
> log hacking
> domainlist hacking/domains
> urllist hacking/urls
> }
>
> dest mail {
> log mail
> domainlist mail/domains
> urllist mail/urls
> }
>
> dest porn{
> log porn
> domainlist porn/domains
> urllist porn/urls
> }
>
> dest proxy{
> log proxy
> domainlist proxy/domains
> urllist proxy/urls
> }
>
> dest violence{
> log violence
> domainlist violence/domains
> urllist violence/urls
> }
>
> dest warez{
> log warez
> domainlist warez/domains
> urllist warez/urls
> }
>
> dest local-ok{
> domainlist local-ok/domains
> urllist local-ok/urls
> }
>
> dest local-block{
> log local-block
> domainlist local-block/domains
> urllist local-block/urls
> }
>
> rewrite google {
> s@(google.com/search.*q=.*)@\1\&safe=active at i
> s@(google.com/images.*q=.*)@\1\&safe=active at i
> s@(google.com/groups.*q=.*)@\1\&safe=active at i
> s@(google.com/news.*q=.*)@\1\&safe=active at i
> # log google
> }
>
> acl {
> default {
> # for google to be in "safe mode"
> rewrite google
>
> # the default categories are conservative, please add any
> additional
> # categories listed above or simply comment out this line and
> uncomment
> # out the line below it.
> # DBR edit begin - 050422
> # commented out the following 1 line
> # pass local-ok !local-block !gambling !porn !warez all
> # uncommented the following 1 line
> pass local-ok !local-block !aggressive !drugs !gambling
> !hacking !porn !
> proxy !violence !warez all
> # DBR Edit end
>
> # DBR edit begin - 050422
> # Editted the following to use the custom block page
> redirect 302:http://168.212.25.13/block.htm
> # DBR edit end
> # DBR edit begin - 050422
> # commented out the default setting for a block page
> # redirect
> 302:http://localhost.localdomain/cgi-bin/squidGuard.cgi?cl
> ientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetgroup=%t&url=%u
> # DBR edit end
> # redirect
> 302:http://localhost.localdomain/cgi-bin/squidGuard-simpl
> e.cgi?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetclass=%t&url=
> %u
> }
> }
>
> ----------------------------------
>
> [root at localhost ~]# ps aux | grep squid
> squid 4156 0.0 1.1 9636 5804 ? S Apr22 0:01 (squid)
> -D -f /etc/squid/squid-squidGuard.conf
> squid 4163 0.0 0.0 2596 272 ? Ss Apr22 0:00 (unlinkd)
> squid 5603 0.0 0.5 10712 2628 ? Ss 04:02 0:00
> (squidGuard) -c /etc/squid/squidGuard.conf
> squid 5604 0.0 0.4 10568 2436 ? Ss 04:02 0:00
> (squidGuard) -c /etc/squid/squidGuard.conf
> squid 5605 0.0 0.3 10144 1920 ? Ss 04:02 0:00
> (squidGuard) -c /etc/squid/squidGuard.conf
> squid 5606 0.0 0.3 11304 1912 ? Ss 04:02 0:00
> (squidGuard) -c /etc/squid/squidGuard.conf
> squid 5607 0.0 0.3 10432 1912 ? Ss 04:02 0:00
> (squidGuard) -c /etc/squid/squidGuard.conf
> root 27417 0.0 0.1 4980 656 pts/3 R+ 15:47 0:00 grep squid
>
> --------------------------------
>
> --
> Dan Bentson-Royal
> La Center Schools
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
>
More information about the K12OSN
mailing list