Problemas com SQUID e SQUIDGUARD autenticando no AD
-
Ele autentica e tudo no browser da estação mais deixa passar os sites bloqueados globo.com e terra.com.br dominios cadastrados para bloqueados.
ja esta autenticando entao.. agora seu problema é so as configuracoes de blacklist bem mais simples.. segue o que falei acima que vai funcionar
-
Bom dia Lucas
Tentei fazer as configurações que falou e também não ta bloqueando
Vc falou General Settings vc deixa como deny no General Setting nao achei a opção Denyestou te mandando uns prints.
Henrique Deixei o b minusculo e também não foi :(
-
Estou dando o Apply e ainda vou em status e coloco para recarregar filtro
fecho o browser do usuario e logo novamente, e limpo o cache também do browser -
Vc falou General Settings vc deixa como deny no General Setting nao achei a opção Deny
Desculpe, errei o local é em Common ACL, na blacklist
-
Lucas também não funcionou vc acredita !!!!!
-
deixe a Bloqueia Sites como –- nessa pagina vc nao altera nada, somente se for colocar um whitelist
-
Coloquei o –----- e também não funcionou
-
limpou o cache do squid?
-
Não Limpei, é via Shell Console ? ou da pra fazer com a interface WEB
-
prefiro via shell, va no diretorio do cache, pare o squid, remova todos os arquivos (rm -R *), mais antes verifique se esta no local correto, depois de remover digite squid -z para recriar o cache e inicie novamente o squid, limpe o cache do navegador tb
-
Olá Lucas
fiz os seguintes comados via console e limpei o cache do browser
E também não rolo ate parei o serviço do squidguard e subi novamente e nada
/usr/local/etc/rc.d/squid.sh stop
rm -rf /var/squid/cache/
mkdir -p /var/squid/cache/
chown proxy:proxy /var/squid/cache/
chmod 750 /var/squid/cache/
squid -z/usr/local/etc/rc.d/squid.sh start
-
a porta esta aberta no seu firewall?
-
Eu desabilitei o Firewall do Windows Server 2012 r2
-
firewall do pfsense..
-
Como o pfsense nao esta em producao ainda ta tudo liberado
Wan e Lanto mandando print
-
verifica os logs se aparece algum erro ao reiniciar o squid+squidguard
-
SquidGuard
Show top 50 entries. List from the line: << 0 >>
16.06.2014 15:16:03 [squid_reconfigure] Add new redirector options to Squid config.
16.06.2014 15:16:03 [squid_reconfigure] Remove old redirector options from Squid config.
16.06.2014 15:16:03 [sg_reconfigure] Save squidGuard config to '/usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard.conf'.
16.06.2014 15:16:03 [sg_redirector_base_url] Select redirector base url (http://192.168.1.240:80/sgerror.php?url=403%20&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
16.06.2014 15:16:03 [sg_create_config] Add Default
16.06.2014 15:16:03 [sg_create_config] Add ACL's: bloqueado;
16.06.2014 15:16:02 [sg_create_config] Add rewrites: safesearch;
16.06.2014 15:16:02 [sg_create_config] Add destinations: Bloqueia_Sites;
16.06.2014 15:16:02 [sg_create_config] Add sources: bloqueado
16.06.2014 15:16:02 [squidguard_rebuild_db] Start rebuild DB.
16.06.2014 15:15:52 [squidguard_rebuild_db] Create rebuild config '/usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard__usrdbrebuild.conf'.
16.06.2014 15:15:52 [sg_redirector_base_url] Select redirector base url (http://192.168.1.240:80/sgerror.php?url=403%20404&a=%a&n=%n&;i=%i&s=%s&t=%t&u=%u)
16.06.2014 15:15:52 [sg_create_simple_config] Added item 'Bloqueia_Sites' = '/var/db/squidGuard/Bloqueia_Sites'.
16.06.2014 15:15:52 [sg_create_simple_config] Begin with dbhome='/var/db/squidGuard'.
16.06.2014 15:15:52 [squidguard_rebuild_db] Begin with path '/var/db/squidGuard'.
16.06.2014 15:15:51 [sg_reconfigure_user_db] Add Bloqueia_Sites domains 'terra.com.br globo.com';
16.06.2014 15:15:51 [sg_reconfigure_user_db] Add user entries
16.06.2014 15:15:51 [sg_reconfigure_user_db] Begin with '/var/db/squidGuard'
16.06.2014 15:15:14 [squid_reconfigure] Add new redirector options to Squid config.
16.06.2014 15:15:14 [sg_reconfigure] Save squidGuard config to '/usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard.conf'.
16.06.2014 15:15:14 [sg_redirector_base_url] Select redirector base url (http://192.168.1.240:80/sgerror.php?url=403%20&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
16.06.2014 15:15:14 [sg_create_config] Add Default
16.06.2014 15:15:14 [sg_create_config] Add ACL's: bloqueado;
16.06.2014 15:15:14 [sg_create_config] Add rewrites: safesearch;
16.06.2014 15:15:14 [sg_create_config] Add destinations: Bloqueia_Sites;
16.06.2014 15:15:14 [sg_create_config] Add sources: bloqueado
16.06.2014 15:15:14 [squidguard_rebuild_db] Start rebuild DB.
16.06.2014 15:14:51 [squidguard_rebuild_db] Create rebuild config '/usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard__usrdbrebuild.conf'.
16.06.2014 15:14:51 [sg_redirector_base_url] Select redirector base url (http://192.168.1.240:80/sgerror.php?url=403%20404&a=%a&n=%n&;i=%i&s=%s&t=%t&u=%u)
16.06.2014 15:14:51 [sg_create_simple_config] Added item 'Bloqueia_Sites' = '/var/db/squidGuard/Bloqueia_Sites'.
16.06.2014 15:14:51 [sg_create_simple_config] Begin with dbhome='/var/db/squidGuard'.
16.06.2014 15:14:51 [squidguard_rebuild_db] Begin with path '/var/db/squidGuard'.
16.06.2014 15:14:51 [sg_reconfigure_user_db] Add Bloqueia_Sites domains 'terra.com.br globo.com';
16.06.2014 15:14:51 [sg_reconfigure_user_db] Add user entries
16.06.2014 15:14:51 [sg_reconfigure_user_db] Begin with '/var/db/squidGuard'
16.06.2014 15:13:57 [squid_reconfigure] Remove old redirector options from Squid config.
16.06.2014 15:13:57 [sg_reconfigure] Save squidGuard config to '/usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard.conf'.
16.06.2014 15:13:57 [sg_redirector_base_url] Select redirector base url (http://192.168.1.240:80/sgerror.php?url=403%20&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
16.06.2014 15:13:57 [sg_create_config] Add Default
16.06.2014 15:13:57 [sg_create_config] Add ACL's: bloqueado;
16.06.2014 15:13:57 [sg_create_config] Add rewrites: safesearch;
16.06.2014 15:13:57 [sg_create_config] Add destinations: Bloqueia_Sites;
16.06.2014 15:13:57 [sg_create_config] Add sources: bloqueado
16.06.2014 15:13:57 [squidguard_rebuild_db] Start rebuild DB.
16.06.2014 15:13:46 [squidguard_rebuild_db] Create rebuild config '/usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard__usrdbrebuild.conf'.
16.06.2014 15:13:46 [sg_redirector_base_url] Select redirector base url (http://192.168.1.240:80/sgerror.php?url=403%20404&a=%a&n=%n&;i=%i&s=%s&t=%t&u=%u)
16.06.2014 15:13:46 [sg_create_simple_config] Added item 'Bloqueia_Sites' = '/var/db/squidGuard/Bloqueia_Sites'.
16.06.2014 15:13:46 [sg_create_simple_config] Begin with dbhome='/var/db/squidGuard'.
16.06.2014 15:13:46 [squidguard_rebuild_db] Begin with path '/var/db/squidGuard'.
16.06.2014 15:13:45 [sg_reconfigure_user_db] Add Bloqueia_Sites domains 'terra.com.br globo.com'; -
eu dei um tail dentro de cd /var/squid/logs tinha o arquivo cache.log
só tinha esse arquivo
[2.1.3-RELEASE][root@pfsense.localdomain]/var/squid/logs(36): tail -f cache.log
2014-06-16 15:16:03 [78648] New setting: ldapbindpass: SENHA
2014-06-16 15:16:03 [78648] syntax error in configfile /usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard.conf line 11
2014-06-16 15:16:03 [78648] Going into emergency mode
2014/06/16 15:16:03| Accepting proxy HTTP connections at 192.168.1.240, port 3128, FD 27.
2014/06/16 15:16:03| Accepting proxy HTTP connections at 192.168.21.240, port 3128, FD 28.
2014/06/16 15:16:03| Accepting HTCP messages on port 4827, FD 30.
2014/06/16 15:16:03| Accepting SNMP messages on port 3401, FD 31.
2014/06/16 15:16:03| WCCP Disabled.
2014/06/16 15:16:03| Loaded Icons.
2014/06/16 15:16:03| Ready to serve requests. -
Log do SquidGuard
[2.1.3-RELEASE][root@pfsense.localdomain]/var/squidGuard/log(44): tail -f sg_configurator.log
16.06.2014 15:16:02 : [squidguard_rebuild_db] Start rebuild DB.
16.06.2014 15:16:02 : [sg_create_config] Add sources: bloqueado
16.06.2014 15:16:02 : [sg_create_config] Add destinations: Bloqueia_Sites;
16.06.2014 15:16:02 : [sg_create_config] Add rewrites: safesearch;
16.06.2014 15:16:03 : [sg_create_config] Add ACL's: bloqueado;
16.06.2014 15:16:03 : [sg_create_config] Add Default
16.06.2014 15:16:03 : [sg_redirector_base_url] Select redirector base url (http://192.168.1.240:80/sgerror.php?url=403%20&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
16.06.2014 15:16:03 : [sg_reconfigure] Save squidGuard config to '/usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard.conf'.
16.06.2014 15:16:03 : [squid_reconfigure] Remove old redirector options from Squid config.
16.06.2014 15:16:03 : [squid_reconfigure] Add new redirector options to Squid config. -
Parece que tem um erro na conf do squidguard
vou mandar a conf aqui
logdir /var/squidGuard/log
dbhome /var/db/squidGuard
ldapbinddn cn=administrator,cn=Users,dc=dominio,dc=srv
ldapbindpass senha do administrator
ldapprotover 3src bloqueado {
ldapusersearch ldap://192.168.1.208:3268/DC=meudominio,DC=srv?sAMAccountName?sub?(&(sAMAccountName=%s)(memberOf=CN=bloqueado%2cCN=Users%2cDC=meudominio%2cDC=srv))
log block.log
}dest Bloqueia_Sites {
domainlist Bloqueia_Sites/domains
log block.log
}rew safesearch {
s@(google../search?.q=.)@\1&safe=active@i
s@(google../images.q=.)@\1&safe=active@i
s@(google../groups.q=.)@\1&safe=active@i
s@(google../news.q=.)@\1&safe=active@i
s@(yandex../yandsearch?.text=.)@\1&fyandex=1@i
s@(search.yahoo../search.p=.)@\1&vm=r&v=1@i
s@(search.live../.q=.)@\1&adlt=strict@i
s@(search.msn../.q=.)@\1&adlt=strict@i
s@(.bing..*/.q=.)@\1&adlt=strict@i
log block.log
}acl {
#
bloqueado {
pass !Bloqueia_Sites all
log block.log
}
#
default {
pass none
redirect http://192.168.1.240:80/sgerror.php?url=403%20&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
log block.log