Thank you for your reply. I've managed to retrieve uncommented config lines:
$ grep -P '^\s*\w' /etc/squid3/squid.conf
$ sudo netstat -nltp | grep squid
tcp6 0 0 :::3128 :::* LISTEN 20292/(squid-1)
$ grep -P '^\s*\w' /etc/squid3/squid.conf
acl localnet src 192.168.0.101 # RFC1918 possible internal network
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
acl myrule dstdom_regex "/etc/squid3/domainblock.txt"
http_access allow myrule
cache deny all
http_access allow localhost manager
http_access deny manager
acl Purge method PURGE
http_access deny Purge
http_access allow localhost
http_port 3128
coredump_dir /var/spool/squid3
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
refresh_pattern . 0 20% 4320
$ sudo netstat -nltp | grep squid
tcp6 0 0 :::3128 :::* LISTEN 20292/(squid-1)
Version info:
$ sudo apt-cache policy squid3
squid3:
Installed: 3.3.8-1ubuntu6.1
Candidate: 3.3.8-1ubuntu6.1
Version table:
*** 3.3.8-1ubuntu6.1 0
500 http://archive.ubuntu.com/ubuntu/ trusty-updates/main i386 Packages
500 http://archive.ubuntu.com/ubuntu/ trusty-security/main i386 Packages
100 /var/lib/dpkg/status
3.3.8-1ubuntu6 0
500 http://archive.ubuntu.com/ubuntu/ trusty/main i386 Packages
$ sudo apt-cache policy squid3
squid3:
Installed: 3.3.8-1ubuntu6.1
Candidate: 3.3.8-1ubuntu6.1
Version table:
*** 3.3.8-1ubuntu6.1 0
500 http://archive.ubuntu.com/ubuntu/ trusty-updates/main i386 Packages
500 http://archive.ubuntu.com/ubuntu/ trusty-security/main i386 Packages
100 /var/lib/dpkg/status
3.3.8-1ubuntu6 0
500 http://archive.ubuntu.com/ubuntu/ trusty/main i386 Packages
Proof that squid is running:
$ ps ax | grep squid
20290 ? Ss 0:00 squid3
20292 ? S 0:06 (squid-1)
31535 ? S 0:00 (logfile-daemon) /var/log/squid3/access.log
31720 pts/28 S+ 0:00 grep --color=auto squid
$ ps ax | grep squid
20290 ? Ss 0:00 squid3
20292 ? S 0:06 (squid-1)
31535 ? S 0:00 (logfile-daemon) /var/log/squid3/access.log
31720 pts/28 S+ 0:00 grep --color=auto squid
So, what i want to achieve in the end is blocking and sometimes unblocking a list of websites based on their domain name. Problem is even the config is changed to "http_access allow myrule" it doesnt reflect allow/deny options accordingly anymore. At this moment, the websites in the list are still non-accessible.
On Mon, Nov 10, 2014 at 3:32 PM, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 11/11/2014 12:22 a.m., Efe wrote:
> OS: Ubuntu 14.04 LTS
>
> After i installed the squid3 package for the 1st time, i've add a
> list of domains to be blocked in squid.conf:
>
> acl myrule dstdom_regex "/etc/squid3/domainblock.txt" http_access
> deny myrule
>
> where domainblock.txt is
>
> someaddress.com blockthis.net
For domain names like this you should be using "dstdomain" ACL type
instead of a regex.
>
> Which worked fine and redirect them to localhost running on my
> LAMP
?? there is nothing about a "redirect" in that squid.conf snippet you
showed.
Can you please display the whole squid.conf. Without all the
documentation #comment or empty lines though.
>
> Index of /
>
> Name Last modified Size Description
>
> html 2014/04/10 ------------------------------
> ---------------------- Apache/2.4.7 (Ubuntu) Server at
> google-analytics.com Port 80
>
> Later i purged it by:
>
> sudo apt-get remove --purge squid3*
>
> and removed every file&folder the command "locate squid" gave,
> including the "/etc/squid3" folder then reboot. But i still couldnt
> access the websites in "domainblock.txt" even though it doesnt
> exist anymore.
"it" being squid I assume?
There is almost always other configuration you had to add in the
network or browser causing the browser to use the proxy. This will
have probably broken your test result.
If you did actually not have any of that, then you just proved that
Squid was not involved with the problem.
>
> Then i re-installed with sudo apt-get install squid3 this time with
> the config to allow those websites in the list:
>
> acl myrule dstdom_regex "/etc/squid3/domainblock.txt" http_access
> allow myrule
>
> But still no luck. I guess some configurations remain even after
> removing the squid in the system. So what should i do now?
What do you want to achieve exactly?
Amos
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
iQEcBAEBAgAGBQJUYL6CAAoJELJo5wb/XPRjF/sIANt7v8/BpcZ4taHWpRZyXbul
mdr6Cq7rfNb8VRiR41GYnEi0qDuSsSb31ciCpVAVoaeIBF48FufleqQ+QH3kn8M3
ETvNuUHis2Wd8gNXKd3pWtqBx+AbVyPzgKpJebBma0KeOw1eE3Jwevsqbjh/yMBq
KLNfDH0CgL63wYkbNquP3AjDkQggv/w/YvD9bFQY1JfMsaTb64CEdP6NdtEbgnhi
PBo9p9/T1HBkfBf2kg+uElR+TMur1OoHaztxx8g+iiqfBHSocaXhWRCtayhqg35X
8DCmysOYNjY9FyQHZAKFaSeb4WyD02On/KOchH3/5ZHCA1P4HG9zF8V4KYmlgfc=
=iena
-----END PGP SIGNATURE-----
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
