On 08/29/2012 06:13 PM, Derek Simon wrote:
Nichols,
It appears that I need to preprocess the lists before handing them to Squid, removing all subdomains were the parent domain is present.
I don't see anything special about your configuration that would somehow remedy this issue. Perhaps your lists are sanitized?
You might want to look at ufdbGuard.
ufdbGuard is a URL filter for Squid and you can use your own lists of domains+urls.
ufdbGuard deals differently with the issue with domains and subdomains
and merely gives a warning and works.
So if you have
abc.example.com
def.example.com
example.com/dirtywords.html
.example.com
ufdbGuard simply warns and due to the last line,
blocks example.com and all its subdomains.
I see that you use shallalist. It can be used without modification by ufdbGuard.
Marcus
______________________________
Derek Simon
IT Support
d'Oliveira & Associates, P.C.
401-431-1990
On 8/29/2012 7:37 AM, mrnicholsb wrote:
Hello, I use squid 3.1 to block with acl, porn sites, malicious sites
and ads.
I can tell you the WARNING: you should remove basically means you have
subdomains added to your list
when you have somesite.something.com it leaves something.com accessable,
you want to remove somesite.something.com and just let it block
something.com to block the entire site, including subdomains, unless you
are just wanting to block a sub but not the whole domain, then just
ignore the error.
btw, heres the syntax of how I do it on my squid 3.1 for addressing your
bungled line error.
acl blacklist dstdomain "/etc/squid3/squid-block.acl"
acl ipblacklist dst "/etc/squid3/squid-ipblock.acl"
acl zeusblacklist dstdomain "/etc/squid3/squid-block-zeus.acl"
and then
http_access deny zeusblacklist
http_access deny blacklist
http_access deny ipblacklist
I hope this helps you solve your issues.
fix nichols
haxradio.com
On 08/28/2012 02:53 PM, Derek Simon wrote:
Hi all,
I am migrating a Squid 2.7 server to Squid 3.1.
In 2.7 I was using the Shallalists without issue, after prefixing each
line with a period, as prescribed:
http://www.shallalist.de/faq.html#squid
I would reference them in squid.conf as such:
acl SL_Adv dstdomain "adv/domains.squid"
I more or less copied these ACL lines from the 2.7 conf to the 3.1 and
I get the following errors when reparsing:
Processing: acl SL_Adv dstdomain
"/etc/squid3/lists/shallalist/adv/domains.squid"
WARNING: You should remove '.addesktop.com' from the ACL named 'SL_Adv'
WARNING: You should remove '.addesktop.com' from the ACL named 'SL_Adv'
ERROR: You should remove '.ads360.com' from the ACL named 'SL_Adv'
FATAL: Bungled squid.conf line 732: acl SL_Adv dstdomain
"/etc/squid3/lists/shallalist/adv/domains.squid"
Squid Cache (Version 3.1.19): Terminated abnormally.
What gives? I used to get the warnings in 2.7, and I understand the
splay tree performance issue, but why is this now fatal behavior in 3.1?
Thanks,
______________________________
Derek Simon
IT Support
d'Oliveira & Associates, P.C.
401-431-1990
