RE: [squid-users] setting up a blacklist
> A few problems here: > > 1) The first porn acl should be url_regex, not dstdom_regex > (guessing from the > file name) - dstdom_regex won't match anything after the hostname > 2) The 3rd porn acl is missing the acl type (suggest url_regex or > urlpath_regex) > 3) Since you're referencing files, you might have to make those 3 > porn acls > porn1, porn2, and porn3. (You definitely will if they're not the same acl > type) Ok ... I can see that. > 4) The "http_access deny porn" is after you've already allowed your local > network, so it won't have any effect > Oops :-) > I don't see anything that would give the symptoms you report > (excessive CPU > utilization on startup and shutdown). Having too many patterns in Check my top output ... it was memory bog not cpu. > the files > can cause high CPU utilization, but I would expect that to be fairly > constant. Maybe someone else has more insight. > I'm now in the process of setting up squidGuard based on the suggestion Gareth. Thanks for your suggestions too. Bill --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.518 / Virus Database: 316 - Release Date: 9/11/2003
Re: [squid-users] setting up a blacklist
>> Can you post your squid.conf (without comments or blank lines)? > acl homenet src 192.168.212.0/24 > http_access allow homenet > http_access allow localhost > http_access deny all > acl porn dstdom_regex "/usr/share/squid/blacklists/porn/urls" > acl porn dstdom_regex "/usr/share/squid/blacklists/porn/domains" > acl porn "/usr/share/squid/blacklists/porn/expressions" > deny_info ERR_NO_PORNO porn > http_access deny porn A few problems here: 1) The first porn acl should be url_regex, not dstdom_regex (guessing from the file name) - dstdom_regex won't match anything after the hostname 2) The 3rd porn acl is missing the acl type (suggest url_regex or urlpath_regex) 3) Since you're referencing files, you might have to make those 3 porn acls porn1, porn2, and porn3. (You definitely will if they're not the same acl type) 4) The "http_access deny porn" is after you've already allowed your local network, so it won't have any effect I don't see anything that would give the symptoms you report (excessive CPU utilization on startup and shutdown). Having too many patterns in the files can cause high CPU utilization, but I would expect that to be fairly constant. Maybe someone else has more insight. Adam
Re: [squid-users] setting up a blacklist
>> Can you post your squid.conf (without comments or blank lines)? > Here ya go ... I think you're missing a few things - like cache_dir and cache_mem. What are those lines in your squid.conf? Adam
RE: [squid-users] setting up a blacklist
Why don't you save yourself the headache and use squidGuard or DanGuardian www.squidGuard.org http://dansguardian.org/
Re: [squid-users] setting up a blacklist
Bill, -- acl porn dstdom_regex "/usr/share/squid/blacklists/porn/urls" acl porn dstdom_regex "/usr/share/squid/blacklists/porn/domains" acl porn "/usr/share/squid/blacklists/porn/expressions" -- As far as I know this is not correct. Other Squid users: Pls correct me if I'm wrong. rgrds, Bart Bill McCormick wrote: Squid brings my dual Xeon Dell to it's knees on startup and shutdown. Can you post your squid.conf (without comments or blank lines)? Adam Here ya go ... hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours refresh_pattern ^ftp: 144020% 10080 refresh_pattern ^gopher:14400% 1440 refresh_pattern . 0 20% 4320 acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports acl homenet src 192.168.212.0/24 http_access allow homenet http_access allow localhost http_access deny all acl porn dstdom_regex "/usr/share/squid/blacklists/porn/urls" acl porn dstdom_regex "/usr/share/squid/blacklists/porn/domains" acl porn "/usr/share/squid/blacklists/porn/expressions" deny_info ERR_NO_PORNO porn http_access deny porn http_reply_access allow all icp_access allow all visible_hostname billinux coredump_dir /var/spool/squid --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.518 / Virus Database: 316 - Release Date: 9/11/2003
RE: [squid-users] setting up a blacklist
> > > Squid brings my dual Xeon Dell to it's knees on startup and > shutdown. > > Can you post your squid.conf (without comments or blank lines)? > > Adam > > Here ya go ... hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours refresh_pattern ^ftp: 144020% 10080 refresh_pattern ^gopher:14400% 1440 refresh_pattern . 0 20% 4320 acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports acl homenet src 192.168.212.0/24 http_access allow homenet http_access allow localhost http_access deny all acl porn dstdom_regex "/usr/share/squid/blacklists/porn/urls" acl porn dstdom_regex "/usr/share/squid/blacklists/porn/domains" acl porn "/usr/share/squid/blacklists/porn/expressions" deny_info ERR_NO_PORNO porn http_access deny porn http_reply_access allow all icp_access allow all visible_hostname billinux coredump_dir /var/spool/squid --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.518 / Virus Database: 316 - Release Date: 9/11/2003
RE: [squid-users] setting up a blacklist
> Squid brings my dual Xeon Dell to it's knees on startup and shutdown. Can you post your squid.conf (without comments or blank lines)? Adam
