[K12OSN] SquidGuard won't start
Adam Melancon
adammelancon at gmail.com
Fri Mar 4 22:29:22 UTC 2005
I would include this how-to in the k12ltsp wiki if people could use
it, but I've never added to a wiki before ;)
So if anyone wants to add it, feel free.
Also check out the section on important scripts:
Important Scripts:
/etc/init.d/squidguard - this starts and stops squid and squidguard
examples:
/etc/init.d/squidguard start
/etc/init.d/squidguard restart
/etc/init.d/squidguard stop
/etc/init.d/httpd - this starts and stops apache, use the same as above
/usr/sbin/update_squidguard_blacklists - this script updates and
rebuilds and restarts the squid/squidguard service
this file is run nightly from a cron file /etc/cron.d/squidGuard
On Fri, 4 Mar 2005 16:26:47 -0600, Adam Melancon <adammelancon at gmail.com> wrote:
> If you are using squidguard, not just squid, use squid-squidguard.conf
> and only start /etc/init.d/squidguard
>
> Check out my "important files" section of my how-to
> http://www.vermilion.lib.la.us/sysadminsite/squidguard/
>
> Important Files:
>
> /etc/squid/squid-squidGuard.conf - this is the configuration file
> for squid. There are two files, one is squid.conf the other is
> squid-squidGuard.conf, ignore squid.conf and use the squidGuard.conf
> file to configure squid. squid.conf is there if you are only running
> squid with no squidguard.
>
> /etc/squid/squidGuard.conf - This file is to configure squidGuard
>
> /var/log/squidGuard/squidGuard.log - this file will tell you if
> there is a problem with squid, or if it started correctly.
>
> /var/log/squid/access.log - If your traffic is routing correctly you
> will see EVERY web request in this file. You can see this by typing
> "tail -f /var/log/squid/access.log"
>
> /var/squidGuard/blacklists/(porn|warez|gambling|etc)/domains
> /var/squidGuard/blacklists/(porn|warez|gambling|etc)/urls
> These files (domains, urls) are the text files that contain the sites
> that are to be blocked. When the server is restarted each of these
> directores will now have a database file (domains.db, urls.db) built
> from these text files that squidguard will use to filter with.
>
> /etc/rc.d/rc.local - This is kind of like a startup file for Linux.
> I use it to run an iptables script that redirects incoming port 80
> traffic to port 3128
>
> /etc/httpd/conf/httpd.conf - apache's config file
>
> Enjoy!
>
>
> On Fri, 4 Mar 2005 14:23:55 -0700 (MST), Joe Guenther
> <jguenther at chinooksedge.ab.ca> wrote:
> > I am trying to set up Squid and SquidGuard.
> >
> > It seems that Squid starts, but Squidguard will not start. When I type
> > service squid start .... [FAILED]
> > but then
> > service squid status shows that it is running with 2 processes. I know
> > that it is working, because I can use it as a proxy from another machine
> > in the network. But it will not filter unwanted sites. Is the [FAILED]
> > there because it knows that squidguard did not start properly
> >
> > I also notice that there are TWO config files - squid.conf and
> > squid-squidGuard.conf. Which one of these is used?
> >
> > In the services, do I tell the server to start BOTH squid and squidGuard
> > on startup? Or will it start both when squidguard is started. I ask this
> > because when I put in /etc/init.d/squidguard start it seems to start squid
> > first and then try to start squidguard. ... will only setting squidguard
> > suffice? If both are selected to start on boot, will it load too many
> > processes of itself?
> >
> > any help is appreciated as always
> > Joe Guenther
> >
> > P.S. I have included a few log files & squidGuard.conf...
> > = = = = = =
> > /var/log/squidGuard/squidGuard.log
> >
> > 2005-03-03 17:21:43 [5339] init domainlist
> > /var/squidGuard/blacklists/ads/domains
> > 2005-03-03 17:21:43 [5337] init domainlist
> > /var/squidGuard/blacklists/ads/domains
> > 2005-03-03 17:21:43 [5340] init domainlist
> > /var/squidGuard/blacklists/ads/domains
> > 2005-03-03 17:21:43 [5341] init domainlist
> > /var/squidGuard/blacklists/ads/domains
> > 2005-03-03 17:21:43 [5338] init domainlist
> > /var/squidGuard/blacklists/ads/domains
> > 2005-03-03 17:21:43 [5340] /var/squidGuard/blacklists/ads/domains:
> > Permission denied
> > 2005-03-03 17:21:43 [5340] going into emergency mode
> > 2005-03-03 17:21:43 [5341] /var/squidGuard/blacklists/ads/domains:
> > Permission denied
> > 2005-03-03 17:21:43 [5341] going into emergency mode
> > 2005-03-03 17:21:43 [5339] /var/squidGuard/blacklists/ads/domains:
> > Permission denied
> > 2005-03-03 17:21:43 [5339] going into emergency mode
> > 2005-03-03 17:21:43 [5338] /var/squidGuard/blacklists/ads/domains:
> > Permission denied
> > 2005-03-03 17:21:43 [5338] going into emergency mode
> > 2005-03-03 17:21:43 [5337] /var/squidGuard/blacklists/ads/domains:
> > Permission denied
> > 2005-03-03 17:21:43 [5337] going into emergency mode
> >
> > = = = = = = = =
> > /var/log/squid/cache.log
> >
> > 2005/03/03 17:20:43| Preparing for shutdown after 413 requests
> > 2005/03/03 17:20:43| Waiting 30 seconds for active connections to finish
> > 2005/03/03 17:20:43| FD 12 Closing HTTP connection
> > 2005/03/03 17:20:45| Shutting down...
> > 2005/03/03 17:20:45| FD 13 Closing ICP connection
> > 2005/03/03 17:20:45| Closing unlinkd pipe on FD 10
> > 2005/03/03 17:20:45| storeDirWriteCleanLogs: Starting...
> > 2005/03/03 17:20:45| Finished. Wrote 409 entries.
> > 2005/03/03 17:20:45| Took 0.0 seconds (101262.7 entries/sec).
> > CPU Usage: 35.189 seconds = 34.331 user + 0.858 sys
> > Maximum Resident Size: 0 KB
> > Page faults with physical i/o: 1
> > Memory usage for squid via mallinfo():
> > total space in arena: 29032 KB
> > Ordinary blocks: 28954 KB 20 blks
> > Small blocks: 0 KB 5 blks
> > Holding blocks: 200 KB 1 blks
> > Free Small blocks: 0 KB
> > Free Ordinary blocks: 77 KB
> > Total in use: 29154 KB 100%
> > Total free: 77 KB 0%
> > 2005/03/03 17:20:45| Squid Cache (Version 2.5.STABLE8): Exiting normally.
> > 2005/03/03 17:21:11| Starting Squid Cache version 2.5.STABLE8 for
> > i386-redhat-linux-gnu...
> > 2005/03/03 17:21:11| Process ID 5315
> > 2005/03/03 17:21:11| With 1024 file descriptors available
> > 2005/03/03 17:21:11| DNS Socket created at 0.0.0.0, port 32775, FD 5
> > 2005/03/03 17:21:11| Adding nameserver 10.24.100.3 from /etc/resolv.conf
> > 2005/03/03 17:21:11| helperOpenServers: Starting 5 'squidGuard' processes
> > 2005/03/03 17:21:43| User-Agent logging is disabled.
> > 2005/03/03 17:21:43| Referer logging is disabled.
> > 2005/03/03 17:21:43| Unlinkd pipe opened on FD 15
> > 2005/03/03 17:21:43| Swap maxSize 102400 KB, estimated 7876 objects
> > 2005/03/03 17:21:43| Target number of buckets: 393
> > 2005/03/03 17:21:43| Using 8192 Store buckets
> > 2005/03/03 17:21:43| Max Mem size: 8192 KB
> > 2005/03/03 17:21:43| Max Swap size: 102400 KB
> > 2005/03/03 17:21:43| Rebuilding storage in /var/spool/squid (CLEAN)
> > 2005/03/03 17:21:43| Using Least Load store dir selection
> > 2005/03/03 17:21:43| Set Current Directory to /var/spool/squid
> > 2005/03/03 17:21:43| Loaded Icons.
> > 2005/03/03 17:21:43| Accepting HTTP connections at 0.0.0.0, port 3128, FD 17.
> > 2005/03/03 17:21:43| Accepting ICP messages at 0.0.0.0, port 3130, FD 18.
> > 2005/03/03 17:21:43| WCCP Disabled.
> > 2005/03/03 17:21:43| Ready to serve requests.
> > 2005/03/03 17:21:44| Done reading /var/spool/squid swaplog (409 entries)
> > 2005/03/03 17:21:44| Finished rebuilding storage from disk.
> > 2005/03/03 17:21:44| 409 Entries scanned
> > 2005/03/03 17:21:44| 0 Invalid entries.
> > 2005/03/03 17:21:44| 0 With invalid flags.
> > 2005/03/03 17:21:44| 409 Objects loaded.
> > 2005/03/03 17:21:44| 0 Objects expired.
> > 2005/03/03 17:21:44| 0 Objects cancelled.
> > 2005/03/03 17:21:44| 0 Duplicate URLs purged.
> > 2005/03/03 17:21:44| 0 Swapfile clashes avoided.
> > 2005/03/03 17:21:44| Took 1.9 seconds ( 213.8 objects/sec).
> > 2005/03/03 17:21:44| Beginning Validation Procedure
> > 2005/03/03 17:21:45| Completed Validation Procedure
> > 2005/03/03 17:21:45| Validated 409 Entries
> > 2005/03/03 17:21:45| store_swap_size = 4096k
> > 2005/03/03 17:21:45| storeLateRelease: released 0 objects
> >
> > = = = = =
> > /etc/squidGuard.conf
> >
> > #
> > # CONFIG FILE FOR SQUIDGUARD
> > #
> > # See http://www.squidguard.org/config/ for more examples
> > #
> >
> > dbhome /var/squidGuard/blacklists
> > logdir /var/log/squidGuard
> >
> > dest ads {
> > log ads
> > domainlist ads/domains
> > urllist ads/urls
> > }
> >
> > dest audio-video {
> > log audio-video
> > domainlist audio-video/domains
> > urllist audio-video/urls
> > }
> >
> > dest aggressive {
> > log aggressive
> > domainlist aggressive/domains
> > urllist aggressive/urls
> > }
> >
> > dest drugs {
> > log drugs
> > domainlist drugs/domains
> > urllist drugs/urls
> > }
> >
> > dest gambling{
> > log gambling
> > domainlist gambling/domains
> > urllist gambling/urls
> > }
> >
> > dest hacking {
> > log hacking
> > domainlist hacking/domains
> > urllist hacking/urls
> > }
> >
> > dest mail {
> > log mail
> > domainlist mail/domains
> > urllist mail/urls
> > }
> >
> > dest porn{
> > log porn
> > domainlist porn/domains
> > urllist porn/urls
> > }
> >
> > dest proxy{
> > log proxy
> > domainlist proxy/domains
> > urllist proxy/urls
> > }
> >
> > dest violence{
> > log violence
> > domainlist violence/domains
> > urllist violence/urls
> > }
> >
> > dest warez{
> > log warez
> > domainlist warez/domains
> > urllist warez/urls
> > }
> >
> > dest local-ok{
> > domainlist local-ok/domains
> > urllist local-ok/urls
> > }
> >
> > dest local-block{
> > log local-block
> > domainlist local-block/domains
> > urllist local-block/urls
> > }
> >
> > rewrite google {
> > s@(google.com/search.*q=.*)@\1\&safe=active at i
> > s@(google.com/images.*q=.*)@\1\&safe=active at i
> > s@(google.com/groups.*q=.*)@\1\&safe=active at i
> > s@(google.com/news.*q=.*)@\1\&safe=active at i
> > # log google
> > }
> >
> > acl {
> > default {
> > # for google to be in "safe mode"
> > rewrite google
> >
> > # the default categories are conservative, please add any additional
> > # categories listed above or simply comment out this line and uncomment
> > # out the line below it.
> > pass local-ok !local-block !gambling !porn !warez all
> > # pass local-ok !local-block !aggressive !drugs !gambling !hacking
> > !porn !proxy !violence !warez all
> >
> > redirect
> > 302:http://squid.chinooksedge.ab.ca/cgi-bin/squidGuard.cgi?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetgroup=%t&url=%u
> > # redirect
> > 302:http://squid.chinooksedge.ab.ca/cgi-bin/squidGuard-simple.cgi?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetclass=%t&url=%u
> > }
> > }
> >
> > = = = = = = = = = = = = =
> > Lantech - Didsbury
> > Chinook's Edge School Div.
> >
> > _______________________________________________
> > K12OSN mailing list
> > K12OSN at redhat.com
> > https://www.redhat.com/mailman/listinfo/k12osn
> > For more info see <http://www.k12os.org>
> >
>
> --
> Adam Melancon
> Work: http://www.vermilion.lib.la.us
> Personal: http://www.melancon.org
>
--
Adam Melancon
Work: http://www.vermilion.lib.la.us
Personal: http://www.melancon.org
More information about the K12OSN
mailing list