Hi,
I've been struggling with this for a few days now...
Apologies for the long posting but I hope I have all relevant info here.
I have a Fedora Core 3 box using iptables & squid setup for transparent
proxy.
I have my iptables redirect rule working just fine as I can make the the
squid ACLs work as needed (allow's & deny's)
I have tried setting up SquidGuard with the intention of using its
blacklists and its 'redirect' option within the acls.
I cannot seem to get squid to use SquidGuard.
I have set the 'redirect_program /usr/local/bin/squidGuard' option into
/etc/squid.conf
I can see that SquidGuard is initialised when squid starts (it shows in the
logs - including loading the blacklists specified in squidGuard.conf)
If I comment out my custom ACLs & http_access rules from squid.conf then no
matter what I have in squidGuard.conf I keep getting the standard Squid
'Access denied' (the last http_access rule is to deny all)
I have also tried a squidGuard acl of ...
default {
pass all
}
but still only get the default Squid 'Access denied' page.
While scouring the Internet I cam across a test script as follows...
==========================================
#!/bin/sh
#
SG_HOME=/usr/local/squidGuard
SG=/usr/local/bin/squidGuard
SG_CONF=$SG_HOME/squidGuard.conf
LD_LIBRARY_PATH=/usr/local/BerkeleyDB/lib
export LD_LIBRARY_PATH
echo "http://www.squidguard.org 192.168.5.56/- - GET" | $SG -c $SG_CONF -d
================================================
When run (as user squid) I get the following...
================================================
bash-3.00$ ./test.sh
2004-11-23 11:46:11 [8396] init urllist
/usr/local/squidGuard/db/Banks.desturllist
2004-11-23 11:46:11 [8396] init domainlist
/usr/local/squidGuard/db/Banks.destdomainlist
2004-11-23 11:46:11 [8396] init urllist
/usr/local/squidGuard/db/blacklists/gambling/urls
2004-11-23 11:46:11 [8396] init domainlist
/usr/local/squidGuard/db/blacklists/gambling/domains
2004-11-23 11:46:11 [8396] init urllist
/usr/local/squidGuard/db/blacklists/porn/urls
2004-11-23 11:46:11 [8396] init domainlist
/usr/local/squidGuard/db/blacklists/porn/domains
2004-11-23 11:46:12 [8396] init urllist
/usr/local/squidGuard/db/blacklists/drugs/urls
2004-11-23 11:46:12 [8396] init domainlist
/usr/local/squidGuard/db/blacklists/drugs/domains
2004-11-23 11:46:12 [8396] squidGuard 1.2.0 started (1101203171.773)
2004-11-23 11:46:12 [8396] recalculating alarm in 22428 seconds
2004-11-23 11:46:12 [8396] squidGuard ready for requests (1101203172.267)
2004-11-23 11:46:12 [8396] squidGuard stopped (1101203172.267)
================================================
note the blank second last line - correct for my squidGuard.conf
then if I change the last line of the script to the following
#echo "http://www.casino.com 192.168.5.56/- - GET" | $SG -c $SG_CONF -d
I get the following as output
================================================
bash-3.00$ ./test.sh
2004-11-23 11:48:34 [8400] init urllist
/usr/local/squidGuard/db/Banks.desturllist
2004-11-23 11:48:34 [8400] init domainlist
/usr/local/squidGuard/db/Banks.destdomainlist
2004-11-23 11:48:34 [8400] init urllist
/usr/local/squidGuard/db/blacklists/gambling/urls
2004-11-23 11:48:34 [8400] init domainlist
/usr/local/squidGuard/db/blacklists/gambling/domains
2004-11-23 11:48:34 [8400] init urllist
/usr/local/squidGuard/db/blacklists/porn/urls
2004-11-23 11:48:34 [8400] init domainlist
/usr/local/squidGuard/db/blacklists/porn/domains
2004-11-23 11:48:34 [8400] init urllist
/usr/local/squidGuard/db/blacklists/drugs/urls
2004-11-23 11:48:34 [8400] init domainlist
/usr/local/squidGuard/db/blacklists/drugs/domains
2004-11-23 11:48:34 [8400] squidGuard 1.2.0 started (1101203314.410)
2004-11-23 11:48:34 [8400] recalculating alarm in 22286 seconds
2004-11-23 11:48:34 [8400] squidGuard ready for requests (1101203314.903)
2004-11-23 11:48:34 [8400] Request(FullAccess/bl_gambling/-)
http://www.casino.com 192.168.5.56/- - GET
http://localhost/cgi/blocked?clientaddr=192.168.5.56&clientname=&clientuser=&clientgroup=FullAccess&url=http://www.casino.com
192.168.5.56/- - GET
2004-11-23 11:48:34 [8400] squidGuard stopped (1101203314.903)
================================================
Note now that the second last line is no longer blank - correct for my
squidGuard.conf
Here is the output from a ps looking for squid...
================================================
# ps -ef | grep squid
root 8417 1 0 11:52 ? 00:00:00 squid -D
squid 8420 8417 0 11:52 ? 00:00:00 (squid) -D
squid 8421 8420 12 11:52 ? 00:00:00 (squidGuard)
squid 8422 8420 12 11:52 ? 00:00:00 (squidGuard)
squid 8423 8420 12 11:52 ? 00:00:00 (squidGuard)
squid 8424 8420 12 11:52 ? 00:00:00 (squidGuard)
squid 8425 8420 12 11:52 ? 00:00:00 (squidGuard)
squid 8426 8420 0 11:52 ? 00:00:00 (unlinkd)
================================================
No errors show in my squidGuard.log file when squid restarts - all lists
seem to init ok.
It seems to me that Squid might not actually be calling squidGuard at all or
I need some other acl or http_access rule somewhere...
After scouring the Internet for days trying to get this to work, I'm now
trying this list...
Please could someone help me.*********************************************************************
Disclaimer
This e-mail transmission is confidential and intended solely for the
person or organization to whom it is addressed. If you are not the
intended recipient, you must not copy, distribute or disseminate the
information, or take any action in reliance of it. Any views expressed
in this message are those of the individual sender, except where the
sender specifically states them to be the views of any organization or
employer. If you have received this message in error, do not open any
attachment but please notify the sender (above) deleting this message
>from your system. Please rely on your own virus check no
responsibility is taken by the sender for any damage arising out of
any bug or virus infection.
*********************************************************************
