Squidguard Auto Blacklist Updating

thekITchen

That actually would be a handy feature.  I know that in the case of urlblacklist, downloads are tracked if you are not a member, so in cases like that an auto-downloader may not be practical.  However, an auto-download would be a wonderful addition to pfSense.

• Can pfSense handle more than one Blacklist?  (Say downloading both the Shalla list and urlblacklist?)

• It seems that after upgrading to 2.0 RC1, that I can no longer download from urlblacklist.  Anyone know what might be causing that?

ben.suffolk

If you manually update the blacklist, you will see squidGuardcreates a script :-

/tmp/squidGuard_blacklist_update.sh

Copy this script to /usr/local/bin, and then add it to cron to run once a day.

That should auto update your rules.

Note: I have not actually tested this yet.

Regards

Ben

seraphyn

@ben.suffolk:

/tmp/squidGuard_blacklist_update.sh

Copy this script to /usr/local/bin, and then add it to cron to run once a day.

That should auto update your rules.

Note: I have not actually tested this yet.

Regards

Ben

Sounds nice.
Would be a nice addition to further things,
Thanks

ben.suffolk

BTW I set it up laster night so it would update this morning, and it worked fine.

Ben

seraphyn

Hi Ben,

possible to post the script, so we do not need to go to /tmp and all other user could be send to this thread?
Or what about a wiki entry?
Greetings Chris

ben.suffolk

I'm not sure copying a file from /tmp is that hard for people, in fact probably easier than creating a new file ;)

#!/usr/local/bin/php -f
    $incl = "/usr/local/pkg/squidguard_configurator.inc";
    if (file_exists($incl)) {
        require_once($incl);
        sg_reconfigure_blacklist( "http://www.shallalist.de/Downloads/shallalist.tar.gz", "" );
    }
    exit;
?>

Regards

Ben

seraphyn

g
Read the Forum… I read some things that .... Keep up the good work  ;D
In short: It's Easier to link to this thread.
Thx and greetings

noitalever

so… lets say I'm pretty good at following directions, but seem to be missing some steps...

I'm only familar with the web interface of pfsense when it comes to linux. I've done some cisco programming, and use dos all the time, just don't know the commands or security structure here.

I installed cron on pfsense 1.2.3 and understand how I "might" upload a file(script) under the Diagnostics>Command section and even could maybe figure out how to then run that script daily...

so, am I on the right track? and if so... what format does the file need to be in. (speak windows for me please, I know, I know) i.e. script.txt or cronjob.cron or whatever...

or, using the aforementioned "command" line, could I just copy the above script from the tmp folder to the right folder for cron to access it? if so, what would the commands be and then what would the cron command be to start running it daily.

If someone feels like holding my hand through this, awesome. If not... then I probably won't do it, no prob.
And yes, I could probably google and rtfm but this seems pretty easy for someone who lives in linuxville.  I just don't know if I can copy from tmp to the right folder just using the command line, or things like that, and I'd really rather not learn the base security premise of this linux distro just to setup a cron job.

Peace.

_igor_

to get that thing running start up putty (http://www.putty.org/) and open a new connection, IP or name of your pfsense.
You get a typical login-window, name: root, password: put in your pw.
then start via webbrowser the update of squidguard.

Now do a (in the putty-window)

cd /tmp
cp squidGuard_blacklist_update.sh /root
exit

Your putty will close. The shell-part is done.

Now open cron via "Services" - "Cron" and add a new job.

Fill in the time you want the script gets started.
The correct calll of the script will be (in our case)

/root/squidGuard_blacklist_update.sh

The right user is "root".

I like to settle scripts like this in /root, because in case of a software-crash its much easier to get all self created or changed portions of whatever from one folder than looking for them all over the system. After a while i don't know what and where i changed things, so this is a good place for that. But feel free to put your script whereever you want.

Good luck!

benafed

thans scripts is very good. :)