Forum Debian Users Gang

goofy7 · 2009-03-12 14:07:28

Witam mam zainstalowanego squida do tego dodany squidguard i niestety wszystkie strony są przepuszczane (całkowitej konfiguracji chciałem dokonać poprzez webmina). Taki wpis został dodany do squida:

redirect_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf

a tak wygląda squidguard.conf:

# CONFIG FILE FOR SQUIDGUARD
#

dbhome /var/lib/squidguard/db/blacklists
logdir /var/log/squid

source ludki {
ip 192.168.1.20
}

destination bl_porn {
domainlist blacklists/porn/domains
urllist blacklists/porn/urls
}

acl {
ludki {
redirect www.wp.pl
pass !bl_porn any
}

default {
pass !bl_porn any
redirect http://www.wp.pl
}
}

Proxy działa jako transparrent oczywiście podany IP jest moim w logach acces.log widać jakie strony odwiedzam. Jedyny problem to to, że są przepuszczane strony znajdujące sie w kategorii "porn"

kayo · 2009-03-12 21:18:37

source ludki {
ip 192.168.1.0/24
}

goofy7 · 2009-03-13 07:10:33

Niestety tak też próbowałem i nie działa. Może potrzebny jest jeszcze jakiś wpis do squida ? Bo kończą mi się już pomysły. Mam wrażenie, że samo ustawienie squidguarda jako redirect program nic nie daje.

kayo · 2009-03-13 07:52:47

A bazy squidGuarda były inicjalizowane?

Kod:

squidGuard -C all
chown -R <squiduser> /usr/local/squidGuard/db/*

I nie potrzeba definiowac sieci w jakiej ma dzialac, bedzie dzialac dla kazdego.

goofy7 · 2009-03-13 09:13:28

No wiec zrobiłem jak napisałeś i nadal nic w logach wygląda wszystko na ok squidguard:

Kod:

2009-03-13 08:39:44 [6930] squidGuard 1.2.0 started (1236929984.339)
2009-03-13 08:39:44 [6930] squidGuard ready for requests (1236929984.340)
2009-03-13 08:39:44 [6926] init domainlist /var/lib/squidguard/db/blacklists/blacklists/porn/domains
2009-03-13 08:39:44 [6926] loading dbfile /var/lib/squidguard/db/blacklists/blacklists/porn/domains.db
2009-03-13 08:39:44 [6926] init urllist /var/lib/squidguard/db/blacklists/blacklists/porn/urls
2009-03-13 08:39:44 [6926] loading dbfile /var/lib/squidguard/db/blacklists/blacklists/porn/urls.db
2009-03-13 08:39:44 [6926] squidGuard 1.2.0 started (1236929984.341)
2009-03-13 08:39:44 [6926] squidGuard ready for requests (1236929984.342)

a w logach squida:

Kod:

2009/03/13 09:07:44| Starting Squid Cache version 2.7.STABLE3 for i386-debian-linux-gnu...
2009/03/13 09:07:44| Process ID 7250
2009/03/13 09:07:44| With 1024 file descriptors available
2009/03/13 09:07:44| Using epoll for the IO loop
2009/03/13 09:07:44| Performing DNS Tests...
2009/03/13 09:07:44| Successful DNS name lookup tests...
2009/03/13 09:07:44| DNS Socket created at 0.0.0.0, port 51040, FD 6
2009/03/13 09:07:44| Adding domain localdomain from /etc/resolv.conf
2009/03/13 09:07:44| Adding domain localdomain from /etc/resolv.conf
2009/03/13 09:07:44| Adding nameserver 192.168.1.2 from /etc/resolv.conf
2009/03/13 09:07:44| Adding nameserver 194.204.159.1 from /etc/resolv.conf
2009/03/13 09:07:44| helperOpenServers: Starting 5 'squidGuard' processes
2009/03/13 09:07:44| User-Agent logging is disabled.
2009/03/13 09:07:44| Referer logging is disabled.
2009/03/13 09:07:44| logfileOpen: opening log /var/log/squid/access.log
2009/03/13 09:07:44| Unlinkd pipe opened on FD 16
2009/03/13 09:07:44| Swap maxSize 102400 KB, estimated 7876 objects
2009/03/13 09:07:44| Target number of buckets: 393
2009/03/13 09:07:44| Using 8192 Store buckets
2009/03/13 09:07:44| Max Mem  size: 8192 KB
2009/03/13 09:07:44| Max Swap size: 102400 KB
2009/03/13 09:07:44| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
2009/03/13 09:07:44| logfileOpen: opening log /var/log/squid/store.log
2009/03/13 09:07:44| Rebuilding storage in /var/spool/squid (CLEAN)
2009/03/13 09:07:44| Using Least Load store dir selection
2009/03/13 09:07:44| Set Current Directory to /var/spool/squid
2009/03/13 09:07:44| Loaded Icons.
2009/03/13 09:07:45| Accepting transparently proxied HTTP connections at 0.0.0.0, port 3128, FD 18.
2009/03/13 09:07:45| Accepting ICP messages at 0.0.0.0, port 3130, FD 19.
2009/03/13 09:07:45| HTCP Disabled.
2009/03/13 09:07:45| WCCP Disabled.
2009/03/13 09:07:45| Ready to serve requests.
2009/03/13 09:07:45| Done reading /var/spool/squid swaplog (259 entries)
2009/03/13 09:07:45| Finished rebuilding storage from disk.
2009/03/13 09:07:45|       259 Entries scanned
2009/03/13 09:07:45|         0 Invalid entries.
2009/03/13 09:07:45|         0 With invalid flags.
2009/03/13 09:07:45|       259 Objects loaded.
2009/03/13 09:07:45|         0 Objects expired.
2009/03/13 09:07:45|         0 Objects cancelled.
2009/03/13 09:07:45|         0 Duplicate URLs purged.
2009/03/13 09:07:45|         0 Swapfile clashes avoided.
2009/03/13 09:07:45|   Took 0.3 seconds ( 974.4 objects/sec).
2009/03/13 09:07:45| Beginning Validation Procedure
2009/03/13 09:07:45|   Completed Validation Procedure
2009/03/13 09:07:45|   Validated 259 Entries
2009/03/13 09:07:45|   store_swap_size = 1452k
2009/03/13 09:07:45| storeLateRelease: released 0 objects

I niestety nadal przepuszcza te strony....

goofy7 · 2009-03-13 10:06:35

Dzieki za pomoc jak zwykle diabeł tkwi w szczegółach ...
miałem redirect www.wp.pl zmieniłem na redirect http://www.wp.pl i działa....
Teraz mam jeszcze pytanie chyba nie związane ze squidem. Nie działa nic praktycznie poza www (linux firewall ma tylko regułki dla maskarady i squida) ale gg thunderbird itp wywalają błąd połączenia.

Time (s)	Query
0.00013	SET CHARSET latin2
0.00004	SET NAMES latin2
0.00091	SELECT u., g., o.logged FROM punbb_users AS u INNER JOIN punbb_groups AS g ON u.group_id=g.g_id LEFT JOIN punbb_online AS o ON o.ident='18.191.27.78' WHERE u.id=1
0.00081	REPLACE INTO punbb_online (user_id, ident, logged) VALUES(1, '18.191.27.78', 1732570206)
0.00043	SELECT * FROM punbb_online WHERE logged<1732569906
0.00059	SELECT topic_id FROM punbb_posts WHERE id=113755
0.00007	SELECT id FROM punbb_posts WHERE topic_id=13689 ORDER BY posted
0.00070	SELECT t.subject, t.closed, t.num_replies, t.sticky, f.id AS forum_id, f.forum_name, f.moderators, fp.post_replies, 0 FROM punbb_topics AS t INNER JOIN punbb_forums AS f ON f.id=t.forum_id LEFT JOIN punbb_forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id=3) WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.id=13689 AND t.moved_to IS NULL
0.00005	SELECT search_for, replace_with FROM punbb_censoring
0.00140	SELECT u.email, u.title, u.url, u.location, u.use_avatar, u.signature, u.email_setting, u.num_posts, u.registered, u.admin_note, p.id, p.poster AS username, p.poster_id, p.poster_ip, p.poster_email, p.message, p.hide_smilies, p.posted, p.edited, p.edited_by, g.g_id, g.g_user_title, o.user_id AS is_online FROM punbb_posts AS p INNER JOIN punbb_users AS u ON u.id=p.poster_id INNER JOIN punbb_groups AS g ON g.g_id=u.group_id LEFT JOIN punbb_online AS o ON (o.user_id=u.id AND o.user_id!=1 AND o.idle=0) WHERE p.topic_id=13689 ORDER BY p.id LIMIT 0,25
0.00092	UPDATE punbb_topics SET num_views=num_views+1 WHERE id=13689
Total query time: 0.00605 s

Forum Debian Users Gang

Ogłoszenie

#1 2009-03-12 14:07:28

goofy7 - Użytkownik

squidguard nie blokuje stron

#2 2009-03-12 21:18:37

kayo - Członek DUG

Re: squidguard nie blokuje stron

#3 2009-03-13 07:10:33

goofy7 - Użytkownik

Re: squidguard nie blokuje stron

#4 2009-03-13 07:52:47

kayo - Członek DUG

Re: squidguard nie blokuje stron

Kod:

#5 2009-03-13 09:13:28

goofy7 - Użytkownik

Re: squidguard nie blokuje stron

Kod:

Kod:

#6 2009-03-13 10:06:35

goofy7 - Użytkownik

Re: squidguard nie blokuje stron

Stopka forum

Informacje debugowania