[K12OSN] SquidGuard won't start
Adam Melancon
adammelancon at gmail.com
Fri Mar 4 22:26:47 UTC 2005
If you are using squidguard, not just squid, use squid-squidguard.conf
and only start /etc/init.d/squidguard
Check out my "important files" section of my how-to
http://www.vermilion.lib.la.us/sysadminsite/squidguard/
Important Files:
/etc/squid/squid-squidGuard.conf - this is the configuration file
for squid. There are two files, one is squid.conf the other is
squid-squidGuard.conf, ignore squid.conf and use the squidGuard.conf
file to configure squid. squid.conf is there if you are only running
squid with no squidguard.
/etc/squid/squidGuard.conf - This file is to configure squidGuard
/var/log/squidGuard/squidGuard.log - this file will tell you if
there is a problem with squid, or if it started correctly.
/var/log/squid/access.log - If your traffic is routing correctly you
will see EVERY web request in this file. You can see this by typing
"tail -f /var/log/squid/access.log"
/var/squidGuard/blacklists/(porn|warez|gambling|etc)/domains
/var/squidGuard/blacklists/(porn|warez|gambling|etc)/urls
These files (domains, urls) are the text files that contain the sites
that are to be blocked. When the server is restarted each of these
directores will now have a database file (domains.db, urls.db) built
from these text files that squidguard will use to filter with.
/etc/rc.d/rc.local - This is kind of like a startup file for Linux.
I use it to run an iptables script that redirects incoming port 80
traffic to port 3128
/etc/httpd/conf/httpd.conf - apache's config file
Enjoy!
On Fri, 4 Mar 2005 14:23:55 -0700 (MST), Joe Guenther
<jguenther at chinooksedge.ab.ca> wrote:
> I am trying to set up Squid and SquidGuard.
>
> It seems that Squid starts, but Squidguard will not start. When I type
> service squid start .... [FAILED]
> but then
> service squid status shows that it is running with 2 processes. I know
> that it is working, because I can use it as a proxy from another machine
> in the network. But it will not filter unwanted sites. Is the [FAILED]
> there because it knows that squidguard did not start properly
>
> I also notice that there are TWO config files - squid.conf and
> squid-squidGuard.conf. Which one of these is used?
>
> In the services, do I tell the server to start BOTH squid and squidGuard
> on startup? Or will it start both when squidguard is started. I ask this
> because when I put in /etc/init.d/squidguard start it seems to start squid
> first and then try to start squidguard. ... will only setting squidguard
> suffice? If both are selected to start on boot, will it load too many
> processes of itself?
>
> any help is appreciated as always
> Joe Guenther
>
> P.S. I have included a few log files & squidGuard.conf...
> = = = = = =
> /var/log/squidGuard/squidGuard.log
>
> 2005-03-03 17:21:43 [5339] init domainlist
> /var/squidGuard/blacklists/ads/domains
> 2005-03-03 17:21:43 [5337] init domainlist
> /var/squidGuard/blacklists/ads/domains
> 2005-03-03 17:21:43 [5340] init domainlist
> /var/squidGuard/blacklists/ads/domains
> 2005-03-03 17:21:43 [5341] init domainlist
> /var/squidGuard/blacklists/ads/domains
> 2005-03-03 17:21:43 [5338] init domainlist
> /var/squidGuard/blacklists/ads/domains
> 2005-03-03 17:21:43 [5340] /var/squidGuard/blacklists/ads/domains:
> Permission denied
> 2005-03-03 17:21:43 [5340] going into emergency mode
> 2005-03-03 17:21:43 [5341] /var/squidGuard/blacklists/ads/domains:
> Permission denied
> 2005-03-03 17:21:43 [5341] going into emergency mode
> 2005-03-03 17:21:43 [5339] /var/squidGuard/blacklists/ads/domains:
> Permission denied
> 2005-03-03 17:21:43 [5339] going into emergency mode
> 2005-03-03 17:21:43 [5338] /var/squidGuard/blacklists/ads/domains:
> Permission denied
> 2005-03-03 17:21:43 [5338] going into emergency mode
> 2005-03-03 17:21:43 [5337] /var/squidGuard/blacklists/ads/domains:
> Permission denied
> 2005-03-03 17:21:43 [5337] going into emergency mode
>
> = = = = = = = =
> /var/log/squid/cache.log
>
> 2005/03/03 17:20:43| Preparing for shutdown after 413 requests
> 2005/03/03 17:20:43| Waiting 30 seconds for active connections to finish
> 2005/03/03 17:20:43| FD 12 Closing HTTP connection
> 2005/03/03 17:20:45| Shutting down...
> 2005/03/03 17:20:45| FD 13 Closing ICP connection
> 2005/03/03 17:20:45| Closing unlinkd pipe on FD 10
> 2005/03/03 17:20:45| storeDirWriteCleanLogs: Starting...
> 2005/03/03 17:20:45| Finished. Wrote 409 entries.
> 2005/03/03 17:20:45| Took 0.0 seconds (101262.7 entries/sec).
> CPU Usage: 35.189 seconds = 34.331 user + 0.858 sys
> Maximum Resident Size: 0 KB
> Page faults with physical i/o: 1
> Memory usage for squid via mallinfo():
> total space in arena: 29032 KB
> Ordinary blocks: 28954 KB 20 blks
> Small blocks: 0 KB 5 blks
> Holding blocks: 200 KB 1 blks
> Free Small blocks: 0 KB
> Free Ordinary blocks: 77 KB
> Total in use: 29154 KB 100%
> Total free: 77 KB 0%
> 2005/03/03 17:20:45| Squid Cache (Version 2.5.STABLE8): Exiting normally.
> 2005/03/03 17:21:11| Starting Squid Cache version 2.5.STABLE8 for
> i386-redhat-linux-gnu...
> 2005/03/03 17:21:11| Process ID 5315
> 2005/03/03 17:21:11| With 1024 file descriptors available
> 2005/03/03 17:21:11| DNS Socket created at 0.0.0.0, port 32775, FD 5
> 2005/03/03 17:21:11| Adding nameserver 10.24.100.3 from /etc/resolv.conf
> 2005/03/03 17:21:11| helperOpenServers: Starting 5 'squidGuard' processes
> 2005/03/03 17:21:43| User-Agent logging is disabled.
> 2005/03/03 17:21:43| Referer logging is disabled.
> 2005/03/03 17:21:43| Unlinkd pipe opened on FD 15
> 2005/03/03 17:21:43| Swap maxSize 102400 KB, estimated 7876 objects
> 2005/03/03 17:21:43| Target number of buckets: 393
> 2005/03/03 17:21:43| Using 8192 Store buckets
> 2005/03/03 17:21:43| Max Mem size: 8192 KB
> 2005/03/03 17:21:43| Max Swap size: 102400 KB
> 2005/03/03 17:21:43| Rebuilding storage in /var/spool/squid (CLEAN)
> 2005/03/03 17:21:43| Using Least Load store dir selection
> 2005/03/03 17:21:43| Set Current Directory to /var/spool/squid
> 2005/03/03 17:21:43| Loaded Icons.
> 2005/03/03 17:21:43| Accepting HTTP connections at 0.0.0.0, port 3128, FD 17.
> 2005/03/03 17:21:43| Accepting ICP messages at 0.0.0.0, port 3130, FD 18.
> 2005/03/03 17:21:43| WCCP Disabled.
> 2005/03/03 17:21:43| Ready to serve requests.
> 2005/03/03 17:21:44| Done reading /var/spool/squid swaplog (409 entries)
> 2005/03/03 17:21:44| Finished rebuilding storage from disk.
> 2005/03/03 17:21:44| 409 Entries scanned
> 2005/03/03 17:21:44| 0 Invalid entries.
> 2005/03/03 17:21:44| 0 With invalid flags.
> 2005/03/03 17:21:44| 409 Objects loaded.
> 2005/03/03 17:21:44| 0 Objects expired.
> 2005/03/03 17:21:44| 0 Objects cancelled.
> 2005/03/03 17:21:44| 0 Duplicate URLs purged.
> 2005/03/03 17:21:44| 0 Swapfile clashes avoided.
> 2005/03/03 17:21:44| Took 1.9 seconds ( 213.8 objects/sec).
> 2005/03/03 17:21:44| Beginning Validation Procedure
> 2005/03/03 17:21:45| Completed Validation Procedure
> 2005/03/03 17:21:45| Validated 409 Entries
> 2005/03/03 17:21:45| store_swap_size = 4096k
> 2005/03/03 17:21:45| storeLateRelease: released 0 objects
>
> = = = = =
> /etc/squidGuard.conf
>
> #
> # CONFIG FILE FOR SQUIDGUARD
> #
> # See http://www.squidguard.org/config/ for more examples
> #
>
> dbhome /var/squidGuard/blacklists
> logdir /var/log/squidGuard
>
> dest ads {
> log ads
> domainlist ads/domains
> urllist ads/urls
> }
>
> dest audio-video {
> log audio-video
> domainlist audio-video/domains
> urllist audio-video/urls
> }
>
> dest aggressive {
> log aggressive
> domainlist aggressive/domains
> urllist aggressive/urls
> }
>
> dest drugs {
> log drugs
> domainlist drugs/domains
> urllist drugs/urls
> }
>
> dest gambling{
> log gambling
> domainlist gambling/domains
> urllist gambling/urls
> }
>
> dest hacking {
> log hacking
> domainlist hacking/domains
> urllist hacking/urls
> }
>
> dest mail {
> log mail
> domainlist mail/domains
> urllist mail/urls
> }
>
> dest porn{
> log porn
> domainlist porn/domains
> urllist porn/urls
> }
>
> dest proxy{
> log proxy
> domainlist proxy/domains
> urllist proxy/urls
> }
>
> dest violence{
> log violence
> domainlist violence/domains
> urllist violence/urls
> }
>
> dest warez{
> log warez
> domainlist warez/domains
> urllist warez/urls
> }
>
> dest local-ok{
> domainlist local-ok/domains
> urllist local-ok/urls
> }
>
> dest local-block{
> log local-block
> domainlist local-block/domains
> urllist local-block/urls
> }
>
> rewrite google {
> s@(google.com/search.*q=.*)@\1\&safe=active at i
> s@(google.com/images.*q=.*)@\1\&safe=active at i
> s@(google.com/groups.*q=.*)@\1\&safe=active at i
> s@(google.com/news.*q=.*)@\1\&safe=active at i
> # log google
> }
>
> acl {
> default {
> # for google to be in "safe mode"
> rewrite google
>
> # the default categories are conservative, please add any additional
> # categories listed above or simply comment out this line and uncomment
> # out the line below it.
> pass local-ok !local-block !gambling !porn !warez all
> # pass local-ok !local-block !aggressive !drugs !gambling !hacking
> !porn !proxy !violence !warez all
>
> redirect
> 302:http://squid.chinooksedge.ab.ca/cgi-bin/squidGuard.cgi?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetgroup=%t&url=%u
> # redirect
> 302:http://squid.chinooksedge.ab.ca/cgi-bin/squidGuard-simple.cgi?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetclass=%t&url=%u
> }
> }
>
> = = = = = = = = = = = = =
> Lantech - Didsbury
> Chinook's Edge School Div.
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
>
--
Adam Melancon
Work: http://www.vermilion.lib.la.us
Personal: http://www.melancon.org
More information about the K12OSN
mailing list