Dave wrote:
Hello,
I've updated from squid 2.5 to 2.6 on a FreeBSD box using ports.
I'm using squid as a transparent proxy and this is working fine. My
problem is my spam, spyware and pornography rejections are no longer
working and i copied those files and config lines directly from a
previously working 2.5 setup. Here are the relevant lines of my
squid.conf file:
acl our_networks src xxx.xxx.xxx.xxx/24
acl chat dstdomain "/usr/local/etc/squid/chat.txt"
acl porn url_regex "/usr/local/etc/squid/porn"
acl spyware dstdomain "/usr/local/etc/squid/spyware.acl"
http_access allow our_networks
http_access deny chat porn spyware
Since in my previous config i had this line:
http_access allow our_networks !chat !porn !spyware
Why did you change this line with the new Squid version? In any case,
you might want to have a look at the FAQ section on common ACL mistakes
(http://wiki.squid-cache.org/SquidFaq/SquidAcl#head-57610c67cac987182f6055118dd6d29e1ccd4445).
I added ! to those acls on the httpd_access deny line above and that
did not work either. My files have lines similar to this:
chat.txt
#chat.yahoo.com
spyware
.180solutions.com
.cometsystems.com
porn
stardoll.com
myspace.com
I'm wondering if there's a more flexible way of having squid block
this junk, i've tried squidguard as a redirector but I wasn't happy
with the performance i was getting, it seemed to slow things down very
noticeably. Suggestions welcome.
Dans Guardian seems to be a popular choice, judging by people on the
mailing list.
Thanks.
Dave.
Chris