RE: SquidGuard Newbie, problem

Rick Matthews Mon, 21 Jun 2004 17:45:31 -0700

What is logged in squidGuard.log?

Are you being processed in the source group that you expect? (Source
acl_it *should* be allowed to browse anywhere.)


You use "within leisure-time" and it is not defined.  I would expect
that squidGuard is going into emergency mode and passing everything.
(That's what it will say in squidGuard.log)

Your default acl includes:
       pass restdest
       pass none     

To the best of my knowledge, that's not legal.  Replace it with:
       pass restdest none

That should get you started.

Rick



marcusv wrote:
> 
> Problem Description:
> I can still browser any site that I want to, After the system
> authenticates me.
> 
> OS = WhiteBox Enterprise Linux [Same as REDHAT ENTERPRISE LINUX]
> Squid-2.5
> SquidGuard-1.2.0-2
> 
> These are some of the lines in squid.conf
> ///////
> http_port 3128
> redirect_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf
> auth_param basic program /etc/webmin/squid/squid-auth.pl
> /etc/webmin/squid/users
> auth_param basic realm SIEMAG INTERNET FIREWALL
> acl SIEMAG proxy_auth REQUIRED
> http_access allow SIEMAG
> snmp_port 3401
> snmp_access deny all
> http_access allow manager localhost
> http_access deny manager
> ///////
> 
> This is the complete squidGuard.conf file
> 
> Please assist.
> Regards
> Marcus Van Wyk
> .
> ////////////////////////////////////////
> ########################################################################
> ######
> # CONFIGURATION DIRECTORIES
> ########################################################################
> ######
> dbhome /usr/share/squidGuard/db
> logdir /var/log/squidGuard
> 
> ########################################################################
> ######
> # TIME RULES:
> # abbrev for weekdays: 
> # s = sun, m = mon, t =tue, w = wed, h = thu, f = fri, a = sat
> ########################################################################
> ######
> 
> #time leisure-time 
> #     {
> #        weekly * 00:00-08:00 16:00-24:00       # night and evening
> #        weekly fridays 16:00-17:00             # weekend
> #        #weekly a s               # weekend
> #        date   *.01.01                         # New Year's Day
> #        date   *.05.01                         # Labour Day
> #        date   *.05.17                         # National Day
> #        date   *.12.24 12:00-24:00             # Christmas Eve
> #        date   *.12.25                         # Christmas Day
> #        date   *.12.26                         # Boxing Day
> #     }
> 
> ########################################################################
> ######
> # SOURCE ADDRESSES (by IP)
> ########################################################################
> ######
> #src tlm_servers  { ip 192.168.1.1-192.168.1.10 }
> 
> ########################################################################
> ######
> # SOURCE ADDRESSES (by Luser ID)
> ########################################################################
> ######
> src acl_it     
>     { 
>        user ituser1 ituser2
>     }
> 
> src acl_users
>     { 
>        user user1 user2 user 3
>        user user4 user5 user6
>    }
> 
> src acl_block_all
>     { 
>        user block1 block2
>     }
> 
> ########################################################################
> #######
> # The good ol' destination rules
> ########################################################################
> #######
> dest porn 
>      { 
>         domainlist     porn/domains            
>         urllist        porn/urls               
>         expressionlist porn/expressions        
>         log            /var/log/squidGuard/porn.log
>      }
> 
> dest adult 
>      {
>         domainlist      adult/domains
>         urllist         adult/urls
>         expressionlist  adult/expressions
>         log             /var/log/squidGuard/adult.log
>      }
> 
> dest audio-video 
>      {
>         domainlist audio-video/domains
>         urllist    audio-video/urls
>         log        /var/log/squidGuard/audio-video.log
>      }
> 
> dest forums 
>      {
>         domainlist      forums/domains
>         urllist         forums/urls
>         expressionlist  forums/expressions
>         log             /var/log/squidGuard/forums.log
>      }
> 
> dest hacking 
>      {
>         domainlist hacking/domains
>         urllist hacking/urls
>         log     /var/log/squidGuard/hacking.log
>      }
> 
> dest redirector 
>      {
>         domainlist      redirector/domains
>         urllist         redirector/urls
>         expressionlist  redirector/expressions
>         log             /var/log/squidGuard/redirector.log
>      }
> 
> dest warez 
>      {
>         domainlist warez/domains
>         urllist    warez/urls
>         log        /var/log/squidGuard/warez.log
>      }
> 
> dest ads 
>      {
>         domainlist ads/domains
>         urllist    ads/urls
>         log        /var/log/squidGuard/ads.log
>      }
> 
> dest aggressive 
>      {
>         domainlist aggressive/domains
>         urllist    aggressive/urls
>         log        /var/log/squidGuard/agressive.log
>      }
> 
> dest drugs 
>      {
>         domainlist drugs/domains
>         urllist    drugs/urls
>         log        /var/log/squidGuard/drugs.log
>      }
> 
> dest gambling 
>      {
>         domainlist gambling/domains
>         urllist    gambling/urls
>         log        /var/log/squidGuard/gambling.log
>      }
> 
> dest publicite 
>     {
>        domainlist      publicite/domains
>        urllist         publicite/urls
>        expressionlist  publicite/expressions
>        log             /var/log/squidGuard/publicite.log
>     }
> 
> dest violence 
>     {
>        domainlist     violence/domains
>        urllist        violence/urls
>        expressionlist violence/expressions
>        log            /var/log/squidGuard/violence.log
>     }
> 
> dest banneddestination 
>      {
>         domainlist      banneddestination/domains
>         urllist         banneddestination/urls
>         expressionlist  banneddestination/expressions
>         log             /var/log/squidGuard/banneddestination.log
>      }
> 
> dest advertising 
>      {
>         domainlist advertising/domains
>         urllist    advertising/urls
>         redirect   http://10.128.15.7/squidGuard/nulbanner.png
>         log        /var/log/squidGuard/advertising.log
>      }
> 
> dest restdest
>      {
>         domainlist restdest/domains
>         urllist    restdest/domains
>      }
> 
> ########################################################################
> #######
> # The ACL's
> ########################################################################
> #######
> acl 
> { 
>    acl_it 
>    { 
>       pass all 
>    }
>  
>    acl_block_all 
>    { 
>       pass none 
>       redirect
> http://10.128.15.7/cgi-bin/squidGuard/squidGuard.cgi?clientaddr=%a&clien
> tname=%n&clientuser=%i&srcclass=%s&targetclass=%t&url=%u
>    }
> 
>    acl_users
>    within leisure-time 
>        { 
>          pass all 
>        } 
>    else 
>       { 
>          pass  !porn !adult !audio-video !forums !hacking 
>                !redirector !warez !aggressive !drugs !gambling 
>                !publicite !violence !banneddestination 
>                !advertising all
>          redirect
> http://10.128.15.7/cgi-bin/squidGuard/squidGuard.cgi?clientaddr=%a&clien
> tname=%n&clientuser=%i&srcclass=%s&targetclass=%t&url=%u
>        }
> 
>    default 
>    { 
>       pass restdest
>       pass none                          # reject unknown clients
>       redirect
> http://10.128.15.7/cgi-bin/squidGuard/squidGuard.cgi?clientaddr=%a&clien
> tname=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u
>    }
> }
> ////////////////////////////////////////
>

RE: SquidGuard Newbie, problem

Reply via email to