Looks like you are starting squidguard from squid in rebuild database
mode. Try starting squidguard in normal mode (no -C all). Normally, in
rebuild mode, squidguard just rebuilds the databases and exits.
Chip Burkitt
===========Original Message Follows===============
I am trying to implement squidGuard (1.2.0 Sleepycat Software: Berkeley
DB 4.1.25: (September 17, 2004)) on a server under Squid Cache version
2.5.STABLE9 for i586-mandrake-linux. I will paste in config files below
for your reference.
My problem is that when I configure squid to start squidGuard, then
restart the squid service, squid does not run at all.
Normal startup, no squidGuard:
# ps auwx|grep squid
root 6219 0.0 0.1 5264 1492 ? Ss 08:38 0:00 squid -D
squid 6221 0.0 0.5 8360 5228 ? S 08:38 0:00 (squid) -D
squid 6224 0.0 0.0 1256 264 ? Ss 08:38 0:00 (unlinkd)
root 6262 0.0 0.0 1760 600 pts/0 R+ 08:58 0:00 grep squid
Startup with squidGuard active (redirect_program /usr/bin/squidGuard -c
/etc/squid/squidGuard.conf -C all):
# ps auwx|grep squid
root 6314 0.0 0.1 5264 1492 ? Ss 09:00 0:00 squid -D
squid 6360 43.0 0.0 0 0 ? Rs 09:00 0:01 [squidGuard]
squid 6361 0.6 0.1 6044 1580 ? Rs 09:00 0:00
(squidGuard) -c /etc/squid/squidGuard.conf -C all
squid 6363 0.3 0.1 5512 1468 ? Rs 09:00 0:00
(squidGuard) -c /etc/squid/squidGuard.conf -C all
squid 6364 7.3 0.1 6440 1996 ? Ds 09:00 0:00
(squidGuard) -c /etc/squid/squidGuard.conf -C all
squid 6368 7.0 0.1 6440 1996 ? Rs 09:00 0:00
(squidGuard) -c /etc/squid/squidGuard.conf -C all
squid 6369 0.3 0.1 4840 1360 ? Rs 09:00 0:00
(squidGuard) -c /etc/squid/squidGuard.conf -C all
root 6372 0.0 0.0 1760 596 pts/0 R+ 09:00 0:00 grep squid
Then after about 30 seconds:
# ps auwx|grep squid
root 6406 0.0 0.0 1760 604 pts/0 S+ 09:01 0:00 grep squid
And of course, the proxy is unreachable.
===Here is the log under failure:
# tail -100 /var/log/squid/cache.log
2005/11/09 09:00:30| Unlinkd pipe opened on FD 20
2005/11/09 09:00:30| Swap maxSize 102400 KB, estimated 7876 objects
2005/11/09 09:00:30| Target number of buckets: 393
2005/11/09 09:00:30| Using 8192 Store buckets
2005/11/09 09:00:30| Max Mem size: 8192 KB
2005/11/09 09:00:30| Max Swap size: 102400 KB
2005/11/09 09:00:30| Rebuilding storage in /var/spool/squid (CLEAN)
2005/11/09 09:00:30| Using Least Load store dir selection
2005/11/09 09:00:30| Set Current Directory to /var/spool/squid
2005/11/09 09:00:30| Loaded Icons.
2005/11/09 09:00:30| Accepting HTTP connections at 0.0.0.0, port 8080,
FD 22.
2005/11/09 09:00:30| Accepting HTTP connections at 0.0.0.0, port 3128,
FD 23.
2005/11/09 09:00:30| Accepting ICP messages at 0.0.0.0, port 3130, FD 24.
2005/11/09 09:00:30| Accepting HTCP messages on port 4827, FD 25.
2005/11/09 09:00:30| Accepting SNMP messages on port 3401, FD 26.
2005/11/09 09:00:30| WCCP Disabled.
2005/11/09 09:00:30| Ready to serve requests.
2005/11/09 09:00:30| Done reading /var/spool/squid swaplog (1227 entries)
2005/11/09 09:00:30| Finished rebuilding storage from disk.
2005/11/09 09:00:30| 1227 Entries scanned
2005/11/09 09:00:30| 0 Invalid entries.
2005/11/09 09:00:30| 0 With invalid flags.
2005/11/09 09:00:30| 1227 Objects loaded.
2005/11/09 09:00:30| 0 Objects expired.
2005/11/09 09:00:30| 0 Objects cancelled.
2005/11/09 09:00:30| 0 Duplicate URLs purged.
2005/11/09 09:00:30| 0 Swapfile clashes avoided.
2005/11/09 09:00:30| Took 0.3 seconds (4206.2 objects/sec).
2005/11/09 09:00:30| Beginning Validation Procedure
2005/11/09 09:00:30| Completed Validation Procedure
2005/11/09 09:00:30| Validated 1227 Entries
2005/11/09 09:00:30| store_swap_size = 14792k
2005/11/09 09:00:31| WARNING: redirector #1 (FD 7) exited
2005/11/09 09:00:32| storeLateRelease: released 0 objects
2005/11/09 09:00:32| WARNING: redirector #2 (FD 8) exited
2005/11/09 09:00:32| WARNING: redirector #3 (FD 9) exited
2005/11/09 09:00:32| WARNING: redirector #8 (FD 14) exited
2005/11/09 09:00:33| WARNING: redirector #5 (FD 11) exited
2005/11/09 09:00:33| Too few redirector processes are running
2005/11/09 09:00:33| storeDirWriteCleanLogs: Starting...
2005/11/09 09:00:33| Finished. Wrote 1227 entries.
2005/11/09 09:00:33| Took 0.0 seconds (1088731.1 entries/sec).
FATAL: The redirector helpers are crashing too rapidly, need help!
====SquidGuard.conf (expurgated of all "#"comments):
hosts_file /etc/hosts
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443 563
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl CONNECT method CONNECT
acl mynetwork src 192.168.1.0/255.255.255.0
http_access allow manager localhost
http_access allow Safe_ports
http_access allow !Safe_ports
http_access allow CONNECT !SSL_ports
http_access allow mynetwork
http_access allow localhost
http_reply_access allow all
icp_access allow all
visible_hostname shuttle.adams-lan.local
coredump_dir /var/spool/squid
cache_effective_user squid
cache_effective_group squid
http_port 8080
http_port 3128
redirect_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf -C all
===squidGuard.conf:
logdir /var/log/squidGuard
dbhome /usr/share/squidGuard-1.2.0/db
dest ads {
domainlist ads/domains
urllist ads/urls
redirect 302:http://web.server.com/1x1.gif
}
dest aggressive {
domainlist aggressive/domains
urllist aggressive/urls
log blocked.log
}
dest audio-video {
domainlist audio-video/domains
urllist audio-video/urls
log blocked.log
}
dest drugs {
domainlist drugs/domains
urllist drugs/urls
log blocked.log
}
dest gambling {
domainlist gambling/domains
urllist gambling/urls
log blocked.log
}
dest hacking {
domainlist hacking/domains
urllist hacking/urls
log blocked.log
}
#dest mail {
# domainlist mail/domains
# urllist mail/urls
# log blocked.log
#}
dest porn {
domainlist porn/domains
urllist porn/urls
log blocked.log
}
dest violence {
domainlist violence/domains
urllist violence/urls
log blocked.log
}
dest warez {
domainlist warez/domains
urllist warez/urls
log blocked.log
}
#dest local-ok {
# domainlist custom/local-ok/domains
# urllist custom/local-ok/urls
#}
destination local-block {
domainlist custom/local-block/domains
urllist custom/local-block/urls
log blocked.log
}
acl {
default {
pass local-ok !local-block !ads !aggressive !audio-video !drugs
!gambling !hacking !porn !violence !warez all
# !mail not included by default
redirect
302:http://web.server.com/cgi-bin/squidGuard.cgi/?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetgroup=%t&url=%u
# redirect
302:http://web.server.com/cgi-bin/squidGuard-simple.cgi/?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetclass=%t&url=%u
}
}
# clientaddr|clientname|clientident|srcclass|targetclass|url
# ads aggressive audio-video drugs gambling hacking porn
violence warez
The directory structure under /usr/share/squidGuard-1.2.0/db exists and
seems fine.
===Ownership and permissions:
# ll /usr/share/squidGuard-1.2.0/db
total 15
drwxr-xr-x 2 squid squid 1752 Nov 8 20:08 ads/
drwxr-xr-x 2 squid squid 184 Jan 21 2005 adult/
drwxr-xr-x 2 squid squid 96 Jan 21 2005 advertising/
drwxr-xr-x 2 squid squid 1872 Jan 21 2005 aggressive/
drwxr-xr-x 2 squid squid 1552 Jan 21 2005 audio-video/
drwxr-xr-x 2 squid squid 128 Jan 21 2005 banneddestination/
drwxr-xr-x 2 squid squid 72 Jan 21 2005 bannedsource/
drwxr-xr-x 2 squid squid 2072 Jan 21 2005 drugs/
drwxr-xr-x 2 squid squid 184 Jan 21 2005 forums/
drwxr-xr-x 2 squid squid 752 Jan 21 2005 gambling/
drwxr-xr-x 2 squid squid 1232 Jan 21 2005 hacking/
drwxr-xr-x 2 squid squid 72 Jan 21 2005 lansource/
drwxr-xr-x 2 squid squid 128 Nov 8 17:13 mail/
drwxr-xr-x 2 squid squid 2184 Nov 8 20:15 porn/
drwxr-xr-x 2 squid squid 72 Jan 21 2005 privilegedsource/
drwxr-xr-x 2 squid squid 336 Jan 21 2005 proxy/
drwxr-xr-x 2 squid squid 184 Jan 21 2005 publicite/
-rw-r--r-- 1 squid squid 508 Mar 25 2000 README
drwxr-xr-x 2 squid squid 184 Jan 21 2005 redirector/
drwxr-xr-x 2 squid squid 72 Jan 21 2005 timerestriction/
drwxr-xr-x 2 squid squid 304 Jan 21 2005 violence/
drwxr-xr-x 2 squid squid 992 Jan 21 2005 warez/
[EMAIL PROTECTED] squid]# ll /var/log/squidGuard
total 508
-rw-r----- 1 squid squid 0 Apr 19 2004 advertising.log
-rw-r----- 1 squid squid 0 Nov 8 17:13 blocked.log
-rw-r----- 1 squid squid 0 Apr 19 2004 squidGuard.error
-rw-r----- 1 squid squid 469693 Nov 9 09:00 squidGuard.log
-rw-r----- 1 squid squid 44603 Nov 9 02:02 squidGuard.log.1.gz
-rw-r----- 1 squid squid 606 Jan 23 2005 squidGuard.log.2.gz
Where else can I look? What else do I need to do to get this thing
filtering?
Thanks.
--
Mark E. Adams
http://adamslan.shyper.com
Random Musing: You can observe a lot just by watching. -- Yogi Berra
begin:vcard
fn:Chip Burkitt
n:Burkitt;Chip
org:Chip Burkitt Consulting
adr;dom:;;385 Page St E;Saint Paul;MN;55107
email;internet:[EMAIL PROTECTED]
tel;work:651 290-9303
tel;fax:651 290-9306
x-mozilla-html:FALSE
url:http://www.orderingchaos.com
version:2.1
end:vcard
