Rakhmat Farunuddin wrote:
>
> actually i'm not posted a complete squidGuard.conf, time kantor is
> ready on my squidGuard.conf, squidGuard is running well in my
> configuration, time kantor is working good.
Good. Wish you would have let us see that.
> now, squidGuard is logging user's access
> there's nothing wrong with the squid, all is running smoothly.
> the strange is (as i mentioned before), all cat2 user can access
> another site defined, but only sonyerricsons.com
> i found another squidguard missaction like sonyerricsons.com:
> www.beacukai.go.id, www.indonesia.go.id
Now that you have all of the logging in place, please follow the
denied transaction all the way through. For example:
In your previous message, you said:
> user mentioned in cat2_definite_user file can't access
> sonyericsson.com, they (cat2_user) can access another domain
> (eg 123xfun.com).
Get a cat2_definite_user ("bonie") to try and access sonyericsson.com.
Based on what you've said, it will be denied. Look in squid's access
log and you should see:
9999999999.999 999 [bonie's ip] \
TCP_MISS/403 9999 GET http://sonyericsson.com/ bonie \
DIRECT/192.168.100.105 text/html
This will appear all on one line (without the "\"), and the 9999's will
be different numbers. But you should see bonie's ip, "/403",
"http:\\sonyericsson.com/", "bonie", and "192.168.100.105".
That access log entry says that bonie requested sonyericsson.com and
received a 403 (forbidden), and was redirected to 192.168.100.105.
Now look in squidGuard's "user.log", or whatever you called it. What
entry is logged there? There will be an entry because squidGuard
redirected the transaction. The entry will show the src and dest
groups telling you why it was denied.
Please verify those log entries and tell me what you find.
Rick
