Michel,
Proxies are the URL filter circumventors, so if you like
to use a URL filter, you should always block proxies.
Henrik stated in a separate response that some browsers have
problems with HTTP 302 redirect responses. I have no access
to all types of web browsers, and Microsoft Internet Explorer
has indeed problems (displays a vague error) and Firefox 3.0.6
has no problem.
You may also want to look at ufdbGuard, a free alternative
for squidGuard which has more features like
Safesearch enforcement, HTTPS connection verification for
proper SSL certificates and use of FQDNs.
Marcus
Michel Bulgado wrote:
Hello
It may sound a little off-topic topic but I posted a message on the list
of squidguard and I just not received a reply, it is likely that the
list is not working or just having support.
My problem is this:
I'm trying to implement squid with squidGuard 1.4 black lists
management. but it happens that when I log login.yahoo.com great site as
it returns me an error code 404 that the page not found. only happens to
me with ssl pages.
I'm using squid-2.6.STABLE21-3.el5 on CentOS, authenticated access
against active directory users stating my squidguard.
I made another test by removing the authentication and access by putting
the IP address can access squidguard and perfectly, I guess not this
happening squid user to squidguard squidguard or perhaps can not handle
requests ssl?
This is my config and my logs:
squid.conf
------------
auth_param basic program /usr/lib/squid/ldap_auth -v 3 -b
\"ou=HOME,dc=home,dc=cu\" -D \"cn=conector,cn=Users,dc=home,dc=cu\" -w
**** -f
\"(&(objectClass=user)(!(objectClass=computer))(sAMAccountName=%s))\" -H
ldap://ads.home.cu
auth_param basic children 5
auth_param basic realm Server Proxy
auth_param basic credentialsttl 30 minute
redirect_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf
redirect_children 8
redirector_bypass on
acl loginmail proxy_auth REQUIRED
http_access allow loginmail
squidGuard.conf
---------------
dbhome /var/lib/squidguard
logdir /var/log/squid
src webmailusers {
userlist usersmail
}
dest mail {
domainlist db/mail/domains
urllist db/mail/urls
log accessdenied
}
dest webmail {
domainlist db/webmail/domains
urllist db/webmail/urls
log accessdenied
}
dest onlinegames {
domainlist db/onlinegames/domains
urllist db/onlinegames/urls
log accessdenied
}
dest porn {
domainlist db/porn/domains
urllist db/porn/urls
log accessdenied
}
acl {
webmailusers {
pass mail webmail !porn !onlinegames all
}
default {
pass !mail !webmail !porn !onlinegames all
redirect http://www.home.cu/block.html
}
}
10.71.53.27 - - [01/Mar/2010:16:53:04 -0500] "CONNECT
login.yahoo.com:443 HTTP/1.1" 404 0 TCP_MISS:DIRECT
10.71.53.27 - - [01/Mar/2010:16:53:05 -0500] "CONNECT
login.yahoo.com:443 HTTP/1.1" 404 0 TCP_MISS:DIRECT
10.71.53.27 - - [01/Mar/2010:16:53:09 -0500] "CONNECT
login.yahoo.com:443 HTTP/1.1" 404 0 TCP_MISS:DIRECT
Thanks
Michel