And make sure to run these tests as your cache_effective_user, not root. A very common error in SquidGuard setups is permission issues, preventing SquidGuard from running correctly when called by Squid.
Regards Henrik On Tue, 14 Oct 2003 [EMAIL PROTECTED] wrote: > Did you check the squidguard installation without squid? > > ---------------------------------------------------------------------------- > ----- > First basic test: Does squidguard block a site from the blacklist? > ---------------------------------------------------------------------------- > ----- > My own test shell for this case: > > #!/bin/sh > # > SG_HOME=/usr/local/squidGuard > SG=/usr/local/bin/squidGuard > SG_CONF=$SG_HOME/etc/squidguard.conf > > LD_LIBRARY_PATH=/usr/local/BerkeleyDB.4.0/lib > export LD_LIBRARY_PATH > echo "http://www.sex.com 10.23.4.134/- - GET" | \ > $SG -c $SG_CONF -d > > Output: > > 2003-10-14 08:49:49 [106687] Request(default/porn/-) http://www.sex.com > 10.23.4134/- - GET > > http://boge-proxy/cgi-bin/squidGuard.cgi?clientaddr=10.23.4.134&clientname=&; > clintuser=&clientgroup=default&targetgroup=porn&url=http://www.sex.com > 10.23.4.134- - GET > <################# NO BLANK LINE: blocked! > ################### > 2003-10-14 08:49:49 [106687] squidGuard stopped (1066114189.332) > > > ---------------------------------------------------------------------------- > -------- > Second basic test: Does squidguard show sites that are not part of the > blacklist? > ---------------------------------------------------------------------------- > -------- > My own test shell for this case: > > #!/bin/sh > # > SG_HOME=/usr/local/squidGuard > SG=/usr/local/bin/squidGuard > SG_CONF=$SG_HOME/etc/squidguard.conf > LD_LIBRARY_PATH=/usr/local/BerkeleyDB.4.0/lib > export LD_LIBRARY_PATH > echo "http://www.google.de 10.23.4.134/- - GET" | \ > $SG -c $SG_CONF -d > > Output: > > 2003-10-14 08:52:43 [106728] squidGuard 1.2.0 started (1066114363.578) > 2003-10-14 08:52:43 [106728] squidGuard ready for requests > (1066114363.659) > < ####### blank line: site is not blocked ######### > 2003-10-14 08:52:43 [106728] squidGuard stopped (1066114363.661) > > > Mit freundlichem Gruß / regards > > Werner Rost > GM-FIR - Netzwerk > > ZF Boge Elastmetall GmbH > Friesdorfer Str. 175 > 53175 Bonn > > Tel. +49 228 38 25 - 420 > Fax +49 228 38 25 - 398 > mailto:[EMAIL PROTECTED] > www.zf.com/boge-elastmetall > > > > > > -----Ursprüngliche Nachricht----- > > Von: Dan Egli [mailto:[EMAIL PROTECTED] > > Gesendet: Montag, 13. Oktober 2003 19:22 > > An: [EMAIL PROTECTED] > > Betreff: [squid-users] SquidGuard not relaying?? > > > > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > Ok. Hopefully someone here can help me out. I tried sending > > this to the squidguard list, but I think it's defunct or > > somthing because I got no replies and didn't even get a copy > > of my own messages. > > > > I'm trying to use squidGuard with squid to provide a filter > > for our internet connection here at home. I installed the > > blacklists, configured squidGuard to read the blacklist (at > > least I THOUGHGT I did), configured squid to call squidGuard, etc... > > > > Problem 1: On a graphical browser (internet explorer, > > netscape, mozilla, etc..) when traffic is directed to the > > proxy, it just sits there, forever. Does not matter if the > > site is blacklisted or not > > > > Problem 2: on a text only browser (tested using elinks), the > > proxy allows access to ANY site, blacklisted or not. I called > > elinks as: HTTP_PROXY='localhost:3128' elinks www.blacklsitedsite.com > > > > the result was that squid grabbed the home page from > > blacklisted site and forwarded it to the browser. I know it > > went through squid because in squid's access log I see a HTTP > > MISS for the site. > > > > I'm including my squidGuard and squid config files. Can > > anyone shed any light on whats up? > > > > thanks!! > > > > - --- Dan > > > > squidGuard.conf: > > > > # > > # CONFIG FILE FOR SQUIDGUARD > > # > > # See http://www.squidguard.org/config/ for more examples > > # > > > > dbhome /var/squidGuard/blacklists > > logdir /var/log/squidGuard > > > > dest ads { > > ~ log ads > > ~ domainlist ads/domains > > ~ urllist ads/urls > > } > > > > dest audio-video { > > ~ log audio-video > > ~ domainlist audio-video/domains > > ~ urllist audio-video/urls > > } > > > > dest aggressive { > > ~ log aggressive > > ~ domainlist aggressive/domains > > ~ urllist aggressive/urls > > } > > > > dest drugs { > > ~ log drugs > > ~ domainlist drugs/domains > > ~ urllist drugs/urls > > } > > > > dest gambling{ > > ~ log gambling > > ~ domainlist gambling/domains > > ~ urllist gambling/urls > > } > > > > dest hacking { > > ~ log hacking > > ~ domainlist hacking/domains > > ~ urllist hacking/urls > > } > > > > #dest mail { > > # log mail > > # domainlist mail/domains > > # urllist mail/urls > > #} > > > > dest porn{ > > ~ log porn > > ~ domainlist porn/domains > > ~ urllist porn/urls > > } > > > > #dest proxy{ > > # log proxy > > # domainlist proxy/domains > > # urllist proxy/urls > > #} > > > > dest violence{ > > ~ log violence > > ~ domainlist violence/domains > > ~ urllist violence/urls > > } > > > > dest warez{ > > ~ log warez > > ~ domainlist warez/domains > > ~ urllist warez/urls > > } > > > > #dest local-ok{ > > # domainlist local-ok/domains > > # urllist local-ok/urls > > #} > > > > #dest local-block{ > > # log local-block > > # domainlist local-block/domains > > # urllist local-block/urls > > #} > > > > > > acl { > > ~ default { > > ~ pass !aggressive !drugs !gambling !hacking !porn !violence > > !warez all > > > > ~ redirect > > 302:http://eglifamily.dnsalias.net/cgi-bin/squidGuard.cgi?clie > > ntaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetgroup > > =%t&url=%u > > ~ # redirect > > 302:http://eglifamily.dnsalias.net/cgi-bin/squidGuard-simple.c > > gi?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targ > > etclass=%t&url=%u > > ~ } > > } > > > > > > squid.conf: > > (whole file is over 100k, but here's the redirector line) > > > > # TAG: redirect_program > > # Specify the location of the executable for the URL redirector. > > # Since they can perform almost any function there isn't > > one included. > > # See the FAQ (section 15) for information on how to write one. > > # By default, a redirector is not used. > > # > > #Default: > > # none > > > > redirect_program /usr/local/bin/squidGuard -c > > /etc/squid/squidGuard.conf redirect_children 5 > > > > > > > > > > > > > > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG v1.2.1 (MingW32) > > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > > > iD8DBQE/it8GtwT22Jak4/4RAs2BAJ9lSG4p+7glE4y/5IY1NuwppuzBKQCg3YGV > > uxxSkwbzqseYGcLwrwh2E3Y= > > =Ylda > > -----END PGP SIGNATURE----- > > > > >
