Chris Francy wrote: >The short answer is squid's redirector interface doesn't work that way. >AFAIK there isn't anyway for a redirector to inform squid to return one >of its error messages. Perhaps it could be done, but isn't really >neccesary. > >Squid/squidguard is not a web server so they definatly wouldn't be able >to access or run a CGI. Changing them to do that would greatly increase >how complex they would need to be. With complexness you always get more >bugs and a greature chance for security issues. > >I would suggest that you simply run a small web server on your >squid+squidguard host. I run copy of webfs ( a small http server for >static files only ) on my squid+squidguard host bound to port 9000. >Squidguard is set to redirect to the server on 127.0.0.1:9000. If you >wanted to run the CGI you would need something a little smarter then >webfs though. > > >Oh, as some of the previous people mentioned you would definatly want to >setup an acl in squid+squidguard to allow all ruquests to >127.0.0.1:9000, or whatever the URL is for your redirection. > > >Chris > > > Thanks Chris,
OK Chaps - Finally some progress! I have Apache installed on my system - but it is not enabled by default. I discovered that by turning it on and then step-by-step troubleshooting the errors I was able to get the CGI script to work! YAYYYY! However, does this actually mean that in order for squidGuard to block sites you need to have a webserver up and running? Nowhere in any of the FAQs can I recall seeing this described as a requirement. Squid (on its own) blocked a simple list of sites quite successfully without needing Apache running. All I wanted was the extra flexibility of squidGuard's blacklists etc. I didn't realise that I would have to configure Apache webserver too! If that is the case so be it. I am quite happy I now have squidGuard working (although I haven't tried it with a large - e.g. porn - blacklist yet and I'm sure I will have more questions when I do) but I just wish I had known that at the beginning. Anyway - Thanks for all the help (so far... - I'm sure I'll be back for more!) Mark
signature.asc
Description: OpenPGP digital signature
