SquidGuard ACL ?

wompy

squidguard has been working great but now I want to tweak whats blocked for different groups. I'm playing around with the ACL but things aren't working quite right. this is what I'd like:

1. I'd like all users blocked from porn. (forwarded to a external block page)
2. I want guest that use DHCP (ip 192.168.2.150-250) to have a stricter setting (also forwarded to an external block page.)
3. I'd like all spyware thats blocked be redirected to a transparent 1 pixel jpeg.

The problem I'm having right now is that 2 & 3 are overlapping. 3 is 192.168.2.0/24 so if its above 2 in the ACL then only spyware is block. anyway I can do all this? or any other ideas?

thank you in advance

dvserg

1. I'd like all users blocked from porn. (forwarded to a external block page)
Define Destination rule or use from blacklist

2. I want guest that use DHCP (ip 192.168.2.150-250) to have a stricter setting (also >forwarded to an external block page.)
Define ALC1 with ip 192.168.2.150-250 (must be before)
Define ACL2 with ip 192.168.2.0/24 (must be after ACL1)
Select full Dest ruleset for ACL1 and full Dest ruleset for ACL2.
Select full Dest ruleset for Default

3. I'd like all spyware thats blocked be redirected to a transparent 1 pixel jpeg.
Create Destination rule and select this for each ACL (and Default too)

The problem I'm having right now is that 2 & 3 are overlapping. 3 is 192.168.2.0/24 >so if its above 2 in the ACL then only spyware is block. anyway I can do all this? or >any other ideas?

ACL - order based. Any ACL proccessed only self clients. All other clients processed by Default.

wompy

@dvserg:

Dest ruleset for Default

3. I'd like all spyware thats blocked be redirected to a transparent 1 pixel jpeg.
Create Destination rule and select this for each ACL (and Default too)

I'm using the shallalist.de and would like to just use their blacklist of spyware and several others. can I just edit the squidGuard.conf and add a redirect URL

dest blk_BL_spyware {
domainlist blk_BL_spyware/domains
urllist blk_BL_spyware/urls
<add my="" url="" here="">log block.log
}</add>

dvserg

I'm using the shallalist.de and would like to just use their blacklist of spyware and several others. can I just edit the squidGuard.conf and add a redirect URL

dest blk_BL_spyware {
domainlist blk_BL_spyware/domains
urllist blk_BL_spyware/urls
<add my="" url="" here="">log block.log
}</add>

Possible. Only if you "APPLY" new config from gui, this will replaced.

wompy

good point, that might be a pain. I guess I could just cut and paste the data from blk_spyware and place that in a new destination.

My main objective is to block the spyware category, but since most of it is ads on websites, I want it to look transparent to the users.

dvserg

@wompy:

good point, that might be a pain. I guess I could just cut and paste the data from blk_spyware and place that in a new destination.

My main objective is to block the spyware category, but since most of it is ads on websites, I want it to look transparent to the users.

If you use HTTP WebGIU & Internal redirection, possible another way - modification /usr/local/www/sgerror.php.
SG sent many information to redirected page
http://10.62.0.3/sgerror.php?url=404&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
[a] - client address
#                [n] - client name
#                - client user
#                - client group
#                [t] - target group
#                - client url
need checking 't' param with 'blk_spyware' and return redirection to blank Image