Well you could use squids built in blacklist capabilities instead of
adding complexity by trying to us squidGard or DansGuardian,
particularly if your a noob at squid. Ive taken a look at them and
decided that its too much effort to try and implement, Rather, this is
how ive done it.
Try this instead, its what I do.
created a blacklist file, and place it somewhere, mine is in my squid dir
/etc/squid3/squid-block.acl (u can name it whatever u want of course)
add a few test entries to this file in the following format
.pornsite.com
.unwantedsite.com
.whatevershit.com
.someshitwebsite.com
the . will ensure thatwww.pornsite.com or any subdomain is also blocked.
So next add these lines to your squid.conf
#========blacklist by haxradio.com==========
acl blacklist dstdomain "/etc/squid3/squid-block.acl"
http_access deny blacklist
#==================================
then do
squid3 +k reconfigure (assuming that your running squid3.x series)
Voila, you are blocking sites using a black list my friend.
btw, just ignore the stupid warning messages. they do not affect the
functionality of this feature and ive learned
to just ignore them.
Thanks to Amos for helping me to properly do this.
On 03/05/2012 05:19 PM, jeffrey j donovan wrote:
On Mar 5, 2012, at 8:40 AM, Muhammad Yousuf Khan wrote:
can some one plz help. i followed
http://wiki.debian.org/DebianEdu/HowTo/SquidGuard and using lenny
squid 2.7 and squidguard 1.2.0
i write the below line at the end of squid.conf
redirect_program /usr/bin/squidGuard
okay
i denied "ads" in squidGuard.conf and "addme.com" is a domain which i
am sure is in the list of blocklist database.
now when i go to "addme.com" it just open the website (which i dont want though)
here is squidGuard.conf rule.
dest adult {
domainlist ads/domains
# urllist /var/lib/squidguard/db/blacklists/porn/urls
# expressionlist adult/expressions
redirect http://google.com
}
you need to supply a source and destination. basically who is allowed to access squidguard. and then tell squidguard what to do with the clients request,..allow or deny.
eg;
dbhome /usr/local/squidGuard/db
logdir /usr/local/squidGuard/log
#
# SOURCE ADDRESSES:
src admin {
ip 10.1.1.1
}
src fooclients {
ip 10.132.0.0/16 10.155.0.0/16
}
src freedomzone {
ip 10.154.1.0/24 10.154.2.0/24
}
# DESTINATION CLASSES:
#
dest whitelist {
domainlist whitelist/domains
}
dest education {
domainlist education/schools/domains
urllist education/schools/urls
}
dest denied {
domainlist denied/domains
urllist denied/urls
redirect http://10.0.2.3/surfb1.html
log deniedaccess.log
}
acl {
admin {
pass any
}
fooclients {
pass whitelist education !denied any
} else {
pass any
}
freedomzone {
pass whitelist education !pornexp !porn any
redirect http://staff2.beth.k12.pa.us/index.html
} else {
pass any
}
default {
pass none
redirect http://10.0.2.3/index.html
}
}
here is squidguard log. /var/log/squid/squidGuard.log
2012-03-05 08:06:53 [4180] squidGuard 1.2.0 started (1330952813.099)
2012-03-05 08:06:53 [4180] recalculating alarm in 30187 seconds
2012-03-05 08:06:53 [4180] squidGuard ready for requests (1330952813.101)
2012-03-05 08:06:53 [4182] destblock good missing active content, set inactive
2012-03-05 08:06:53 [4182] destblock local missing active content, set inactive
2012-03-05 08:06:53 [4182] init domainlist /var/lib/squidguard/db/ads/domains
2012-03-05 08:06:53 [4182] loading dbfile /var/lib/squidguard/db/ads/domains.db
2012-03-05 08:06:53 [4182] squidGuard 1.2.0 started (1330952813.107)
2012-03-05 08:06:53 [4182] recalculating alarm in 30187 seconds
2012-03-05 08:06:53 [4182] squidGuard ready for requests (1330952813.108)
here is access.log.the thing which is making me confuse that redirect
tag is not present which suppose to be there. however i can not find
any redirect tag in default 2.7 squid.conf file. can u please tell me
what is going on and how can i redirect or can solve the issue
1330953994.304 640 10.51.100.240 TCP_CLIENT_REFRESH_MISS/200 1910
GET http://www.addme.com/favicon.ico - DIRECT/69.43.161.4 image/x-icon
Thanks,
