Squidguard… problems and questions
-
I am not a programmer, but would like to help if I can. I have been using URLFilter <http: urlfilter.net="">which I have running on IPCOP and looking to see how difficult it'd be to port over to pfsense. It is all CGI for the gui config interface. I can send screen shots if you don't have IPCOP and are interested in seeing what has been done for URLFilter. SquidGuard is an awesome pkg and addition to pfsense, just like to see it get better. URLFilter has some automated grabbing of the BlackLists db's and lets you choose the BlackList db you wish as well. The interface is pretty easy as well, however the pfsense SquidGuard pkg may have more capability.
BTW, where are the php files for SquidGuard config pages?
Thanks,
KH</http:> -
I wanted rich-functional package. Easy interface in this situation non-functional :-[
-
Don't misunderstand me, I think the package is awesome. I'm almost ready to move it into production and replace IPCOP. URLFilter has configuration parameters to pull the blacklist daily, weekly or monthly and apply it. I have it running very late after hours so no to disrupt anything. There is also a nice block page which shows client IP, site trying to connect to, and category which triggered the block.
Is there a way to do the above with this SquidGuard package?
Thank you,
KH -
Okay, problem was with https. I now get a block page.
Still trying to figure out how to automatically grab new blacklist file. I can grab via cron, but what would be the commands to reconfigure just like if pressing upload button?
KH
-
Okay, problem was with https. I now get a block page.
Still trying to figure out how to automatically grab new blacklist file. I can grab via cron, but what would be the commands to reconfigure just like if pressing upload button?
KH
From GUI - nothig
You may use in you php script
php function from squidGuard.inc
sg_reconfigure_blacklist($url, $proxy);You can create script and adding him to the cron.
…
require_once('squidguard.inc');
$url="URL";
sg_reconfigure_blacklist($url, '');
...squid & squidGuard will restart automaticly
There is also a nice block page which shows client IP, site trying to connect to, and category which triggered the block.
Is there a way to do the above with this SquidGuard package?Possible in HTTP webgui & Redirect mode= 'Internal'
GUI HTTPS - know problem and expected Redirect mode='External' with you self Error-page from external www serverTest
http://youpfSense/sgerror.php?url=403%20No%20access&a=10.0.0.0&n=MyClient&i=clientUser&s=clientgroup&t=porno/sex&u=http://porno.ru& -
I just did a clean pfSense install last night, and managed to get squidGuard running. However, this was very difficult. I had many of the same problems noted here.
It was VERY touchy. Often squidGuard would say STOPPED. The only way to make it say STARTED was to upload the blacklist again. Then, if I changed ANY setting, the filter would stop working.
For example: I uploaded the blacklist. Clicked Save. I changed default destination to:```
!allI changed squidGuard to:``` !blk_BL_porn all ```I clicked **Apply**. Now nothing was blocked. Porn and everything else was let through. I saw squid logging the website access. I saw no errors of any kind in the squidGuard or the squid logs. Very frustrating. I checked permissions. I tried changing /var/squidGuard to proxy:proxy (chmod -R proxy:proxy /var/squidGuard). No help. It was very slow downloading the blacklist over and over, so I fetched it to: /var/tmp/squidGuard/hold/shallalist.tar.gz and set that path for **Blacklist URL**. That way I could just click **Upload Url**, and the DB would be processed again. Everything works ONLY when I perform the following steps: 1) Change filter settings. 2) **Apply**. 3) Click **Upload Url**. 4) Click **Apply**. In other words, the filter stops working every time I change a squidGuard setting. It works again if I re-process the database. As I said, there were never any error messages, so there is nothing I can send from the logs. -
I had similar problems to you, did you also change permissions to " /var/db/squidGurad" ? that is what finally fixed it for me.
see my previous post. -
Thanks!
I fix bug with '/var/db/squidGuard' right's in installation.
Pls test. -
I have reinstalled pfSense yesterday and could thus test your fixes for the rights. Anything seems to be ok now.
Many thanks.
-
Is there a way to enable safe search?
-
What do you mean by “safe search”?
-
I have same problem, all is ok but nothing is filtered
-
Renew package (today updated) and try now.
-
I delete and reinstall ?
-
-
I talk about package ^^
-
-
It's done but not filtering is active :(
Can I delete times ?
here is my log :
5.05.2008 16:44:52 : sg_reconfigure: Begin.
15.05.2008 16:44:52 : sg_reconfigure_user_db: Begin with '/var/db/squidGuard'
15.05.2008 16:44:52 : sg_reconfigure_user_db: Nothing. User destinations list empty.
15.05.2008 16:44:52 : sg_remove_unused_db_entries: Begin.
15.05.2008 16:44:52 : sg_remove_unused_db_entries: end
15.05.2008 16:44:52 : sg_create_config: Create squidGuard config.
15.05.2008 16:44:52 : sg_create_config: Checking configuration data.
15.05.2008 16:44:52 : sg_create_config: Error configuration data. It's all errors:
BLACKLIST 'blk_blacklists_agressif' error: file '/var/db/squidGuard/blk_blacklists_agressif' not found
BLACKLIST 'blk_blacklists_drugs' error: file '/var/db/squidGuard/blk_blacklists_drugs' not found
BLACKLIST 'blk_blacklists_mail' error: file '/var/db/squidGuard/blk_blacklists_mail' not found
BLACKLIST 'blk_blacklists_porn' error: file '/var/db/squidGuard/blk_blacklists_porn' not found
BLACKLIST 'blk_blacklists_publicite' error: file '/var/db/squidGuard/blk_blacklists_publicite' not found
BLACKLIST 'blk_blacklists_redirector' error: file '/var/db/squidGuard/blk_blacklists_redirector' not found
BLACKLIST 'blk_blacklists_violence' error: file '/var/db/squidGuard/blk_blacklists_violence' not found
15.05.2008 16:44:52 : sg_create_config: Terminated.
15.05.2008 16:44:52 : sg_create_simple_config: Begin with dbhome='/var/db/squidGuard'.
15.05.2008 16:44:52 : sg_redirector_base_url: Select redirector base url (https://192.168.0.254/sgerror.php?url=Error%21%20Check%20squidGuard%20configuration%20data.%20%28sg_create_config%3A%20%5B2%5D%29.&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
15.05.2008 16:44:52 : sg_reconfigure: Generate squidGuard config and save to '/usr/local/etc/squidGuard/squidGuard.conf'.
15.05.2008 16:44:52 : squid_reconfigure: Begin.
15.05.2008 16:44:52 : squid_reconfigure: Remove old redirector options from Squid config.
15.05.2008 16:44:52 : squid_reconfigure: Add new redirector options to Squid config.
15.05.2008 16:44:52 : sg_init: Start.
15.05.2008 16:45:01 : sg_init: Start.
15.05.2008 16:45:02 : sg_init: Start. -
Upload blacklist previous version not make blacklist archive. And temporary set HTTP webGUI pfSense. In https can have troubles.
-
What can I do ? If I add small GZ blacklist it's OK, but with big blacklist it fails (ftp://ftp.univ-tlse1.fr/pub/reseau/cache/squidguard_contrib/blacklists.tar.gz)