Hi Ryan, Rick is right. I didn't regard the empty destination groups. Of course you have to tell squidGuard the domainlist and/or urllist which contains the blacklisted domains/urls. In your last configuration squidGuard has nothing to block. Fill in the destinations and try it again. If it doesn't work please post the relevant extracts from your logfile.
P.S. Rick, surely you are right that Squid doesn't read the squidguard.conf... But I think it's obvious that I meant squidGuard instead of Squid :-) -----Urspr�ngliche Nachricht----- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Ryan Nix Gesendet: Montag, 1. M�rz 2004 01:22 An: Rick Matthews Cc: Stephan M. Ott; [EMAIL PROTECTED] Betreff: Re: AW: AW: Not blocking Hi Rick, All I would like Squidguard to do, is all access to all websites EXCEPT those found in the squidguard audio-video and porn databases. I would also like any IP address on the internal network to have access to the Squid server. I believe I had the destination group setup before (I think) however Squid wasn't working at all with that configuration. Ryan Rick Matthews wrote: >squidGuard is doing exactly what you are telling it to do. Nothing. > >You set 2 destination groups, and both are empty. > >Your access control list then tells squidGuard to pass everything. > >Do you have something you want squidGuard to do? > >Rick > > > > >>-----Original Message----- >>From: [EMAIL PROTECTED] >>[mailto:[EMAIL PROTECTED] Behalf Of Ryan Nix >>Sent: Sunday, February 29, 2004 4:08 PM >>To: Stephan M. Ott >>Cc: [EMAIL PROTECTED] >>Subject: Re: AW: AW: Not blocking >> >> >>This is too weird. >> >>This seems to be the only sem-working/logging squidguard.conf file: >> >>2004-02-29 16:02:48 [3141] squidGuard 1.2.0 started (1078092168.639) >>2004-02-29 16:02:48 [3141] squidGuard ready for requests (1078092168.640) >> >>dbhome /usr/share/squidGuard-1.2.0/db >>logdir /var/log/squidGuard >> >>destination bl_porn { >>} >> >>destination bl_audio-video { >>} >> >>acl { >> >> default { >> pass all >> } >>} >> >>This is really frustrating. I know why this thing took you three days to get it working with no help. :) >> >> >>Stephan M. Ott wrote: >> >> >> >>>Change the acl into >>> >>>acl { >>> default { >>> pass !bl_audo-video !bl_porn >>> } >>>} >>> >>>Leave the "all" away. >>> >>>Normally Squid shouldn't regard the all as it is positioned at the end, >>>but this is the only thing which comes to my mind. >>> >>> >>>-----Urspr�ngliche Nachricht----- >>>Von: Ryan Nix [mailto:[EMAIL PROTECTED] >>>Gesendet: Sonntag, 29. Februar 2004 19:26 >>>An: Matthew Trey; [EMAIL PROTECTED]; [EMAIL PROTECTED] >>>Betreff: Re: AW: Not blocking >>> >>>Still not blocking for some reason. /var/log/Squidguard/error.log and >>>and access.log don't seem to be loging anything. >>> >>>However, /var/log/squid/access.log does: >>> >>>172.38.20.24 - - [29/Feb/2004:12:20:13 -0600] "GET >>>http://www.cultureddb.com/ HTTP/1.0" 200 31798 TCP_MISS:DIRECT >>>172.38.20.24 - - [29/Feb/2004:12:20:20 -0600] "GET >>>http://www.mp3.com.com/ HTTP/1.0" 503 1476 TCP_MISS:NONE >>>172.38.20.24 - - [29/Feb/2004:12:20:31 -0600] "GET http://www.mp3.com/ >>>HTTP/1.0" 200 6362 TCP_MISS:DIRECT >>>172.38.20.24 - - [29/Feb/2004:12:20:39 -0600] "GET >>>http://playboy.com/tools/js/newhomepage.js HTTP/1.0" 200 3869 >>>TCP_HIT:NONE >>>172.38.20.24 - - [29/Feb/2004:12:20:39 -0600] "GET http://playboy.com/ >>>HTTP/1.0" 200 41346 TCP_MISS:DIRECT >>> >>>Here is what I have in the squidguard.conf now: >>> >>>dbhome /usr/share/squidGuard-1.2.0/db >>>logdir /var/log/squidGuard >>> >>>destination bl_audio-video { >>> domainlist audio-video/domains >>> urllist audio-video/urls >>>} >>> >>>destination bl_porn { >>> domainlist porn/domains >>> urllist porn/urls >>>} >>> >>>acl { >>> >>> default { >>> pass !bl_audo-video !bl_porn all >>> } >>>} >>> >>> >>>Any ideas? >>> >>> >>> >>>Matthew Trey wrote: >>> >>> >>> >>> >>> >>>>acl { >>>> >>>> default { >>>> block !bl_audo-video !bl_porn >>>> } >>>>} >>>> >>>>this acl is the problem, your blacklists are set (Provided the path is >>>>correct) >>>> >>>>however, the rule should be: >>>> >>>>pass !bl_audo-video !bl_porn all >>>> >>>>this is like: pass (not)bl_audo-video (not)bl_porn all >>>>in other words, pass everything BUT bl_audo-video and bl_porn >>>> >>>>acl { >>>> >>>> default { >>>> block !bl_audo-video !bl_porn >>>> } >>>>} >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>> >>> >>> >>> >> >> > > > >
