[K12OSN] squidGuard - local-block isn't blocked

mrok12osn at eastgranby.k12.ct.us mrok12osn at eastgranby.k12.ct.us
Mon Apr 25 03:00:15 UTC 2005


Two items.

(1) I noticed that /usr/sbin/update_squidguard_blacklists displayed funny
below.

"
>          if [ -f $DIR/domains.include ]
>          then
>                  TMP=$RANDOM
>                  cat $DIR/domains $DIR/domains.include | sort | uniq >
> $DIR/domai
> ns.$TMP
"

Is there some sort of extra char above between domai and the ns on the
following line?  It should be $DIR/domains.$TMP.

(2) Below, the first -C should be -c

"
> I've also tried running
>      /usr/sbin/squidGuard -C /etc/squid/squidGuard.conf -C all
"


Mark Orenstein
East Granby, CT School System


> When I modify my local-block/domains to include a site to be blocked,
> how do I get squidGuard to start taking note of that? It seems like
> squidGuard is ignoring the contents of local-block/domains and my
> computer is failing to incorporate the contents of local-block/domains
> into local-block/domains.db - whatever the case, I can't seem to get a
> local-block to happen.
>
> I have modified that file (local-block/domains) and then done:
>      /usr/sbin/update_squidguard_blacklists
>      /etc/init.d/squidguard stop
>      /etc/init.d/squidguard start
> But the date on local-block/domains.db never changes and the site I've
> tried to block still comes through.
>
> I've also tried running
>      /usr/sbin/squidGuard -C /etc/squid/squidGuard.conf -C all
> but it similarly seems to make no difference. That should be covered
> anyway when I do the /usr/sbin/update_squidguard_blacklists, right?
> Anyway...
>
> Sites listed in the default local-block/domains are blocked (amyshop.com
> but not my new additions (xanga.com or myspace.com). Even after a
> complete restart of the computer, it behaves the same way. I've
> reinstalled squid and squidGuard from scratch three times now and I just
> can't seem to figure it out!
>
> Any suggestions would be much appreciated.
> BTW, I am running the latest updates of squid and squidGuard on LTSP4.2.0
>
> For those who'd like the "hard data", here you go:
> -----------------------------
>
> [root at localhost ~]# ls -l /var/squidGuard/blacklists/local-block/
> total 88
> -rw-r--r--  1 squid squid   226 Apr 22 17:24 domains
> -rw-r--r--  1 squid squid 32768 Apr 16 19:01 domains.db
> -rw-r--r--  1 squid squid   109 Apr 16 19:01 urls
> -rw-r--r--  1 squid squid 32768 Apr 16 19:01 urls.db
>
> -------------------------------
>
> [root at localhost ~]# tail -n 40 /var/log/squidGuard/local-block
> 2005-04-24 15:18:43 [5603] Request(default/local-block/-)
> http://www.amyshop.com/ 168.212.7.10/- - GET
>
> ----------------------------------
> [root at localhost ~]# tail -n 40
> /var/squidGuard/blacklists/local-block/domains
> xanga.com
> myspace.com
> starkingdoms.com
> bungie.net
> addictinggames.com
> 61.145.116.190
> amyshop.com
> barnonedrinks.com
> bumfights.nl
> drunkcow.com
> funnyjunk.com
> handgunsforsale.com
> poopyjoe.com
> thisisarandomentrythatdoesnotexist.com
>
> ---------------------------------
>
> [root at localhost ~]# tail -n 40 /var/log/squid/access.log
> 1114379997.851    119 168.212.7.10 TCP_MISS/200 1333 GET
> http://www.google.com/ - DIRECT/66.102.7.147 text/html
> 1114379997.966    114 168.212.7.10 TCP_REFRESH_HIT/200 8835 GET
> http://www.google.com/intl/en/images/logo.gif - DIRECT/66.102.7.147
> text/html
> 1114380002.650    878 168.212.7.10 TCP_MISS/302 159 GET
> http://www.won.net/ - NONE/- -
> 1114380002.688     19 168.212.7.10 TCP_MISS/404 491 GET
> http://168.212.25.13/block.htm - DIRECT/168.212.25.13 text/html
> 1114380026.731    521 168.212.7.10 TCP_MISS/200 4718 GET
> http://www.xanga.com/ - DIRECT/209.66.88.15 text/html
> 1114380026.944    324 168.212.7.10 TCP_MISS/200 1048 GET
> http://a.xanga.com/bserver/AAMALL/SITE=XANGA/AREA=FRONT/acc_random=73539034/pageid=73539034/AAMB1/AAMSZ=468X60/AAMB2/AAMSZ=120X240/AAMB3/AAMSZ=88x31?
> - DIRECT/209.66.88.60 text/html
> 1114380026.961     16 168.212.7.10 TCP_HIT/200 4265 GET
> http://ai.xanga.com/xangahouse/premium-color.gif - NONE/- image/gif
> 1114380027.158    198 168.212.7.10 TCP_MISS/200 270 GET
> http://a.xanga.com//IMPCNT/ccid=14011/AAMSZ=468X60/SITE=XANGA/AREA=FRONT/acc_random=73539034/pageid=73539034
> - DIRECT/209.66.88.60 image/gif
> 1114380027.298    337 168.212.7.10 TCP_MISS/200 365 GET
> http://ai.xanga.com/nsi/1px-front.gif? - DIRECT/209.66.88.59 image/gif
> 1114381123.641      1 168.212.7.10 TCP_MISS/302 159 GET
> http://www.amyshop.com/ - NONE/- -
> 1114381123.705     39 168.212.7.10 TCP_MISS/404 491 GET
> http://168.212.25.13/block.htm - DIRECT/168.212.25.13 text/html
>
> ------------------------------
>
> [root at localhost ~]# tail -n 40 /var/log/squidGuard/squidGuard.log
> 2005-04-24 04:02:49 [5604] init domainlist
> /var/squidGuard/blacklists/mail/domains
> 2005-04-24 04:02:49 [5604] loading dbfile
> /var/squidGuard/blacklists/mail/domains.db
> 2005-04-24 04:02:49 [5604] init urllist
> /var/squidGuard/blacklists/mail/urls
> 2005-04-24 04:02:49 [5604] loading dbfile
> /var/squidGuard/blacklists/mail/urls.db
> 2005-04-24 04:02:49 [5604] init domainlist
> /var/squidGuard/blacklists/porn/domains
> 2005-04-24 04:02:49 [5604] loading dbfile
> /var/squidGuard/blacklists/porn/domains.db
> 2005-04-24 04:02:49 [5604] init urllist
> /var/squidGuard/blacklists/porn/urls
> 2005-04-24 04:02:49 [5604] loading dbfile
> /var/squidGuard/blacklists/porn/urls.db
> 2005-04-24 04:02:49 [5604] init domainlist
> /var/squidGuard/blacklists/proxy/domains
> 2005-04-24 04:02:49 [5604] loading dbfile
> /var/squidGuard/blacklists/proxy/domains.db
> 2005-04-24 04:02:49 [5604] init urllist
> /var/squidGuard/blacklists/proxy/urls
> 2005-04-24 04:02:49 [5604] loading dbfile
> /var/squidGuard/blacklists/proxy/urls.db
> 2005-04-24 04:02:49 [5604] init domainlist
> /var/squidGuard/blacklists/violence/domains
> 2005-04-24 04:02:49 [5604] loading dbfile
> /var/squidGuard/blacklists/violence/domains.db
> 2005-04-24 04:02:49 [5604] init urllist
> /var/squidGuard/blacklists/violence/urls
> 2005-04-24 04:02:49 [5604] loading dbfile
> /var/squidGuard/blacklists/violence/urls.db
> 2005-04-24 04:02:49 [5604] init domainlist
> /var/squidGuard/blacklists/warez/domains
> 2005-04-24 04:02:49 [5604] loading dbfile
> /var/squidGuard/blacklists/warez/domains.db
> 2005-04-24 04:02:49 [5604] init urllist
> /var/squidGuard/blacklists/warez/urls
> 2005-04-24 04:02:49 [5604] loading dbfile
> /var/squidGuard/blacklists/warez/urls.db
> 2005-04-24 04:02:49 [5604] init domainlist
> /var/squidGuard/blacklists/local-ok/domains
> 2005-04-24 04:02:49 [5604] loading dbfile
> /var/squidGuard/blacklists/local-ok/domains.db
> 2005-04-24 04:02:49 [5604] init urllist
> /var/squidGuard/blacklists/local-ok/urls
> 2005-04-24 04:02:49 [5604] loading dbfile
> /var/squidGuard/blacklists/local-ok/urls.db
> 2005-04-24 04:02:49 [5604] init domainlist
> /var/squidGuard/blacklists/local-block/domains
> 2005-04-24 04:02:49 [5604] loading dbfile
> /var/squidGuard/blacklists/local-block/domains.db
> 2005-04-24 04:02:49 [5604] init urllist
> /var/squidGuard/blacklists/local-block/urls
> 2005-04-24 04:02:49 [5604] loading dbfile
> /var/squidGuard/blacklists/local-block/urls.db
> 2005-04-24 04:02:49 [5604] squidGuard 1.2.0 started (1114340569.223)
> 2005-04-24 04:02:49 [5604] squidGuard ready for requests (1114340569.450)
> 2005-04-24 04:02:49 [5607] init domainlist
> /var/squidGuard/blacklists/local-ok/domains
> 2005-04-24 04:02:49 [5607] loading dbfile
> /var/squidGuard/blacklists/local-ok/domains.db
> 2005-04-24 04:02:49 [5607] init urllist
> /var/squidGuard/blacklists/local-ok/urls
> 2005-04-24 04:02:49 [5607] loading dbfile
> /var/squidGuard/blacklists/local-ok/urls.db
> 2005-04-24 04:02:49 [5607] init domainlist
> /var/squidGuard/blacklists/local-block/domains
> 2005-04-24 04:02:49 [5607] loading dbfile
> /var/squidGuard/blacklists/local-block/domains.db
> 2005-04-24 04:02:49 [5607] init urllist
> /var/squidGuard/blacklists/local-block/urls
> 2005-04-24 04:02:49 [5607] loading dbfile
> /var/squidGuard/blacklists/local-block/urls.db
> 2005-04-24 04:02:49 [5607] squidGuard 1.2.0 started (1114340569.246)
> 2005-04-24 04:02:49 [5607] squidGuard ready for requests (1114340569.457)
>
> -------------------------------
>
> [root at localhost ~]# more /usr/sbin/update_squidguard_blacklists
> #!/bin/sh
>
> TARGET=/var/squidGuard/blacklists
>
> cd $TARGET || exit
>
> # only run if squidGuard is active!
> [ "`ps auxw | grep squid[G]uard`" ] || exit
>
> rsync -az squidguard.mesd.k12.or.us::filtering $TARGET
>
> for DIR in `ls $TARGET`
> do
>          if [ -f $DIR/domains.include ]
>          then
>                  TMP=$RANDOM
>                  cat $DIR/domains $DIR/domains.include | sort | uniq >
> $DIR/domai
> ns.$TMP
>                  mv -f $DIR/domains.$TMP $DIR/domains
>          fi
>          if [ -f $DIR/urls.include ]
>          then
>                  TMP=$RANDOM
>                  cat $DIR/urls $DIR/urls.include | sort | uniq >
> $DIR/urls.$TMP
>                  mv -f $DIR/urls.$TMP $DIR/urls
>          fi
> done
>
> /usr/sbin/squidGuard -c /etc/squid/squidGuard.conf  -C all
> # /usr/sbin/squidGuard -c /etc/squid/squidGuard.conf  -u
>
> chown -R squid.squid $TARGET
> chown -R squid.squid /var/log/squidGuard/
>
> sleep 5s
>
> /usr/bin/killall -HUP squid
>
> -------------------------------
>
> [root at localhost ~]# more /etc/squid/squidGuard.conf
> #
> # CONFIG FILE FOR SQUIDGUARD
> #
> # See http://www.squidguard.org/config/ for more examples
> #
>
> dbhome /var/squidGuard/blacklists
> logdir /var/log/squidGuard
>
> dest ads {
>      log        ads
>      domainlist    ads/domains
>      urllist        ads/urls
> }
>
> dest audio-video {
>      log        audio-video
>      domainlist    audio-video/domains
>      urllist        audio-video/urls
> }
>
> dest aggressive {
>      log        aggressive
>      domainlist    aggressive/domains
>      urllist        aggressive/urls
> }
>
> dest drugs {
>      log        drugs
>      domainlist    drugs/domains
>      urllist        drugs/urls
> }
>
> dest gambling{
>      log        gambling
>      domainlist    gambling/domains
>      urllist        gambling/urls
> }
>
> dest hacking {
>      log        hacking
>      domainlist    hacking/domains
>      urllist        hacking/urls
> }
>
> dest mail {
>      log        mail
>      domainlist    mail/domains
>      urllist        mail/urls
> }
>
> dest porn{
>      log        porn
>      domainlist    porn/domains
>      urllist        porn/urls
> }
>
> dest proxy{
>      log        proxy
>      domainlist    proxy/domains
>      urllist        proxy/urls
> }
>
> dest violence{
>      log        violence
>      domainlist    violence/domains
>      urllist        violence/urls
> }
>
> dest warez{
>      log        warez
>      domainlist    warez/domains
>      urllist        warez/urls
> }
>
> dest local-ok{
>      domainlist      local-ok/domains
>      urllist         local-ok/urls
> }
>
> dest local-block{
>      log             local-block
>      domainlist      local-block/domains
>      urllist         local-block/urls
> }
>
> rewrite google {
>      s@(google.com/search.*q=.*)@\1\&safe=active at i
>      s@(google.com/images.*q=.*)@\1\&safe=active at i
>      s@(google.com/groups.*q=.*)@\1\&safe=active at i
>      s@(google.com/news.*q=.*)@\1\&safe=active at i
>      # log google
> }
>
> acl {
>      default {
>          # for google to be in "safe mode"
>          rewrite google
>
>          # the default categories are conservative, please add any
> additional
>          # categories listed above or simply comment out this line and
> uncomment
>          # out the line below it.
> # DBR edit begin - 050422
> # commented out the following 1 line
> #        pass local-ok !local-block !gambling !porn !warez all
> # uncommented the following 1 line
>          pass local-ok !local-block !aggressive !drugs !gambling
> !hacking !porn !
> proxy !violence !warez all
> # DBR Edit end
>
> # DBR edit begin - 050422
> # Editted the following to use the custom block page
>          redirect    302:http://168.212.25.13/block.htm
> # DBR edit end
> # DBR edit begin - 050422
> # commented out the default setting for a block page
> #        redirect
> 302:http://localhost.localdomain/cgi-bin/squidGuard.cgi?cl
> ientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetgroup=%t&url=%u
> # DBR edit end
>          # redirect
> 302:http://localhost.localdomain/cgi-bin/squidGuard-simpl
> e.cgi?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetclass=%t&url=
> %u
>      }
> }
>
> ----------------------------------
>
> [root at localhost ~]# ps aux | grep squid
> squid     4156  0.0  1.1  9636 5804 ?        S    Apr22   0:01 (squid)
> -D -f /etc/squid/squid-squidGuard.conf
> squid     4163  0.0  0.0  2596  272 ?        Ss   Apr22   0:00 (unlinkd)
> squid     5603  0.0  0.5 10712 2628 ?        Ss   04:02   0:00
> (squidGuard) -c /etc/squid/squidGuard.conf
> squid     5604  0.0  0.4 10568 2436 ?        Ss   04:02   0:00
> (squidGuard) -c /etc/squid/squidGuard.conf
> squid     5605  0.0  0.3 10144 1920 ?        Ss   04:02   0:00
> (squidGuard) -c /etc/squid/squidGuard.conf
> squid     5606  0.0  0.3 11304 1912 ?        Ss   04:02   0:00
> (squidGuard) -c /etc/squid/squidGuard.conf
> squid     5607  0.0  0.3 10432 1912 ?        Ss   04:02   0:00
> (squidGuard) -c /etc/squid/squidGuard.conf
> root     27417  0.0  0.1  4980  656 pts/3    R+   15:47   0:00 grep squid
>
> --------------------------------
>
> --
> Dan Bentson-Royal
> La Center Schools
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
>





More information about the K12OSN mailing list