I just installed Squid/2.3.STABLE4 and SquidGuard (1.1.4 - Berkeley
DB 2.7.7) on a PC (Mandrake Single Network Firewall 7.2, kernel 2.2).
The configuration is made with a web front end (from Mandrake), so
the squid.conf and squidGuard.conf should be good (see below).
But when I try to acces an URL (from another computer of my LAN) with
my web browser (well configured to talk to the proxy), I always get the
answer :
The requested URL could not be retrieved
The following error was encountered: Access Denied.
Access control configuration prevents your request from being allowed
at this time. Please contact your service provider if you feel this is
incorrect.
Your cache administrator is root.
Generated Thu, 11 Oct 2001 14:59:59 GMT by proxy1.geomath.fr (Squid/2.3.STABLE4)
SquidGuard is not running in emergency mode, the log file doesn't seem
to report an error.
The different files and directories (/var/log/squidGuard, /usr/share/squidGuard-1.1.4/db,
/etc/squid/squidGuard.conf ...) are owned by user/group squid/squid
If I use Squid without SquidGuard, I can acces the proxy (and so the
web) correctly.
I really need HELP ! I don't know where to search ...
#----------------------------------------------------------------
# DO NOT MODIFY THIS FILE AS IT IS MODIFIED BY THE TEMPLATE
#----------------------------------------------------------------
# SquidGuard CONFIGURATION FILE
#----------------------------------------------------------------
# CONFIGURATION DIRECTORIES
dbhome /usr/share/squidGuard-1.1.4/db
logdir /var/log/squidGuard
# TIME RULES:
# abbrev for weekdays:
# s = sun, m = mon, t =tue, w = wed, h = thu, f = fri, a = sat
time workhours {
weekly s 07:30-13:00 13:00-20:00
weekly m 07:30-13:00 13:00-20:00
weekly t 07:30-13:00 13:00-20:00
weekly w 07:30-13:00 13:00-20:00
weekly h 07:30-13:00 13:00-20:00
weekly f 07:30-13:00 13:00-20:00
weekly a 07:30-13:00 13:00-20:00
}
# SOURCE ADDRESSES:
src privilegedsource {
iplist privilegedsource/ips
}
src bannedsource {
iplist bannedsource/ips
}
src timerestriction {
iplist lansource/lan
}
src lansource {
iplist lansource/lan
}
# DESTINATION CLASSES:
dest banneddestination {
domainlist banneddestination/domains
urllist banneddestination/urls
expressionlist banneddestination/expressions
}
domainlist advertising/domains
urllist advertising/urls
redirect http://127.0.0.1:8444/nulbanner.png
log /var/log/squidGuard/advertising.log
}
# ACLs
acl {
privilegedsource {
pass !advertising all
redirect http://127.0.0.1:8444/squidGuard.cgi?clientaddr=%a&srcclass=%s&
}
bannedsource {
pass none
redirect http://127.0.0.1:8444/squidGuard.cgi?clientaddr=%a&srcclass=%s&
}
timerestriction outside workhours {
pass none
redirect http://127.0.0.1:8444/squidGuard.cgi?clientaddr=%a&srcclass=%s& } else {
pass !banneddestination !advertising all
redirect http://127.0.0.1:8444/squidGuard.cgi?clientaddr=%a&srcclass=%s& }
default {
pass none
redirect http://127.0.0.1:8444/squidGuard.cgi?clientaddr=%a&srcclass=%s&
}
}-- __________________________________________ Frédéric FOURCHON tel : (33) 1 47 08 81 31 email : [EMAIL PROTECTED] 232, avenue Napoleon Bonaparte 92502 Rueil Malmaison, FRANCE
