Problemas com SQUID e SQUIDGUARD autenticando no AD

lucaspolli

Ele autentica e tudo no browser da estação mais deixa passar os sites bloqueados globo.com e terra.com.br dominios cadastrados para bloqueados.

ja esta autenticando entao.. agora seu problema é so as configuracoes de blacklist bem mais simples.. segue o que falei acima que vai funcionar

davidjrsp

Bom dia Lucas

Tentei fazer as configurações que falou e também não ta bloqueando
Vc falou General Settings vc deixa como deny no General Setting nao achei a opção Deny

estou te mandando uns prints.

Henrique Deixei o b minusculo e também não foi :(

pfsenselucas01.jpg_thumb

pfsenseluca02.jpg_thumb

pfsenselucas03.jpg_thumb

pfsenselucas04.jpg_thumb

davidjrsp

Estou dando o Apply e ainda vou em status e coloco para recarregar filtro
fecho o browser do usuario e logo novamente, e limpo o cache também do browser

lucaspolli

@davidjrsp:

Vc falou General Settings vc deixa como deny no General Setting nao achei a opção Deny

Desculpe, errei o local é em Common ACL, na blacklist

davidjrsp

Lucas também não funcionou vc acredita !!!!!

pfsenselucas05.jpg_thumb

lucaspolli

deixe a Bloqueia Sites como –- nessa pagina vc nao altera nada, somente se for colocar um whitelist

davidjrsp

Coloquei o –----- e também não funcionou

pfsense06.jpg_thumb

lucaspolli

limpou o cache do squid?

davidjrsp

Não Limpei, é via Shell Console ? ou da pra fazer com a interface WEB

lucaspolli

prefiro via shell, va no diretorio do cache, pare o squid, remova todos os arquivos (rm -R *), mais antes verifique se esta no local correto, depois de remover digite squid -z para recriar o cache e inicie novamente o squid, limpe o cache do navegador tb

davidjrsp

Olá Lucas

fiz os seguintes comados via console e limpei o cache do browser

E também não rolo ate parei o serviço do squidguard e subi novamente e nada

/usr/local/etc/rc.d/squid.sh stop

rm -rf /var/squid/cache/

mkdir -p /var/squid/cache/

chown proxy:proxy /var/squid/cache/

chmod 750 /var/squid/cache/
squid -z

/usr/local/etc/rc.d/squid.sh start

lucaspolli

a porta esta aberta no seu firewall?

davidjrsp

Eu desabilitei o Firewall do Windows Server 2012 r2

lucaspolli

firewall do pfsense..

davidjrsp

Como o pfsense nao esta em producao ainda ta tudo liberado
Wan e Lan

to mandando print

pfsenseregrasfirewall.jpg_thumb

pfsenseregrasfirewall2.jpg_thumb

lucaspolli

verifica os logs se aparece algum erro ao reiniciar o squid+squidguard

davidjrsp

SquidGuard

Show top 50 entries. List from the line: << 0 >>
16.06.2014 15:16:03 [squid_reconfigure] Add new redirector options to Squid config.
16.06.2014 15:16:03 [squid_reconfigure] Remove old redirector options from Squid config.
16.06.2014 15:16:03 [sg_reconfigure] Save squidGuard config to '/usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard.conf'.
16.06.2014 15:16:03 [sg_redirector_base_url] Select redirector base url (http://192.168.1.240:80/sgerror.php?url=403%20&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
16.06.2014 15:16:03 [sg_create_config] Add Default
16.06.2014 15:16:03 [sg_create_config] Add ACL's: bloqueado;
16.06.2014 15:16:02 [sg_create_config] Add rewrites: safesearch;
16.06.2014 15:16:02 [sg_create_config] Add destinations: Bloqueia_Sites;
16.06.2014 15:16:02 [sg_create_config] Add sources: bloqueado
16.06.2014 15:16:02 [squidguard_rebuild_db] Start rebuild DB.
16.06.2014 15:15:52 [squidguard_rebuild_db] Create rebuild config '/usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard__usrdbrebuild.conf'.
16.06.2014 15:15:52 [sg_redirector_base_url] Select redirector base url (http://192.168.1.240:80/sgerror.php?url=403%20404&a=%a&n=%n&;i=%i&s=%s&t=%t&u=%u)
16.06.2014 15:15:52 [sg_create_simple_config] Added item 'Bloqueia_Sites' = '/var/db/squidGuard/Bloqueia_Sites'.
16.06.2014 15:15:52 [sg_create_simple_config] Begin with dbhome='/var/db/squidGuard'.
16.06.2014 15:15:52 [squidguard_rebuild_db] Begin with path '/var/db/squidGuard'.
16.06.2014 15:15:51 [sg_reconfigure_user_db] Add Bloqueia_Sites domains 'terra.com.br globo.com';
16.06.2014 15:15:51 [sg_reconfigure_user_db] Add user entries
16.06.2014 15:15:51 [sg_reconfigure_user_db] Begin with '/var/db/squidGuard'
16.06.2014 15:15:14 [squid_reconfigure] Add new redirector options to Squid config.
16.06.2014 15:15:14 [sg_reconfigure] Save squidGuard config to '/usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard.conf'.
16.06.2014 15:15:14 [sg_redirector_base_url] Select redirector base url (http://192.168.1.240:80/sgerror.php?url=403%20&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
16.06.2014 15:15:14 [sg_create_config] Add Default
16.06.2014 15:15:14 [sg_create_config] Add ACL's: bloqueado;
16.06.2014 15:15:14 [sg_create_config] Add rewrites: safesearch;
16.06.2014 15:15:14 [sg_create_config] Add destinations: Bloqueia_Sites;
16.06.2014 15:15:14 [sg_create_config] Add sources: bloqueado
16.06.2014 15:15:14 [squidguard_rebuild_db] Start rebuild DB.
16.06.2014 15:14:51 [squidguard_rebuild_db] Create rebuild config '/usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard__usrdbrebuild.conf'.
16.06.2014 15:14:51 [sg_redirector_base_url] Select redirector base url (http://192.168.1.240:80/sgerror.php?url=403%20404&a=%a&n=%n&;i=%i&s=%s&t=%t&u=%u)
16.06.2014 15:14:51 [sg_create_simple_config] Added item 'Bloqueia_Sites' = '/var/db/squidGuard/Bloqueia_Sites'.
16.06.2014 15:14:51 [sg_create_simple_config] Begin with dbhome='/var/db/squidGuard'.
16.06.2014 15:14:51 [squidguard_rebuild_db] Begin with path '/var/db/squidGuard'.
16.06.2014 15:14:51 [sg_reconfigure_user_db] Add Bloqueia_Sites domains 'terra.com.br globo.com';
16.06.2014 15:14:51 [sg_reconfigure_user_db] Add user entries
16.06.2014 15:14:51 [sg_reconfigure_user_db] Begin with '/var/db/squidGuard'
16.06.2014 15:13:57 [squid_reconfigure] Remove old redirector options from Squid config.
16.06.2014 15:13:57 [sg_reconfigure] Save squidGuard config to '/usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard.conf'.
16.06.2014 15:13:57 [sg_redirector_base_url] Select redirector base url (http://192.168.1.240:80/sgerror.php?url=403%20&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
16.06.2014 15:13:57 [sg_create_config] Add Default
16.06.2014 15:13:57 [sg_create_config] Add ACL's: bloqueado;
16.06.2014 15:13:57 [sg_create_config] Add rewrites: safesearch;
16.06.2014 15:13:57 [sg_create_config] Add destinations: Bloqueia_Sites;
16.06.2014 15:13:57 [sg_create_config] Add sources: bloqueado
16.06.2014 15:13:57 [squidguard_rebuild_db] Start rebuild DB.
16.06.2014 15:13:46 [squidguard_rebuild_db] Create rebuild config '/usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard__usrdbrebuild.conf'.
16.06.2014 15:13:46 [sg_redirector_base_url] Select redirector base url (http://192.168.1.240:80/sgerror.php?url=403%20404&a=%a&n=%n&;i=%i&s=%s&t=%t&u=%u)
16.06.2014 15:13:46 [sg_create_simple_config] Added item 'Bloqueia_Sites' = '/var/db/squidGuard/Bloqueia_Sites'.
16.06.2014 15:13:46 [sg_create_simple_config] Begin with dbhome='/var/db/squidGuard'.
16.06.2014 15:13:46 [squidguard_rebuild_db] Begin with path '/var/db/squidGuard'.
16.06.2014 15:13:45 [sg_reconfigure_user_db] Add Bloqueia_Sites domains 'terra.com.br globo.com';

davidjrsp

eu dei um tail dentro de cd /var/squid/logs tinha o arquivo cache.log

só tinha esse arquivo

[2.1.3-RELEASE][root@pfsense.localdomain]/var/squid/logs(36): tail -f cache.log
2014-06-16 15:16:03 [78648] New setting: ldapbindpass: SENHA
2014-06-16 15:16:03 [78648] syntax error in configfile /usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard.conf line 11
2014-06-16 15:16:03 [78648] Going into emergency mode
2014/06/16 15:16:03| Accepting proxy HTTP connections at 192.168.1.240, port 3128, FD 27.
2014/06/16 15:16:03| Accepting proxy HTTP connections at 192.168.21.240, port 3128, FD 28.
2014/06/16 15:16:03| Accepting HTCP messages on port 4827, FD 30.
2014/06/16 15:16:03| Accepting SNMP messages on port 3401, FD 31.
2014/06/16 15:16:03| WCCP Disabled.
2014/06/16 15:16:03| Loaded Icons.
2014/06/16 15:16:03| Ready to serve requests.

davidjrsp

Log do SquidGuard

[2.1.3-RELEASE][root@pfsense.localdomain]/var/squidGuard/log(44): tail -f sg_configurator.log
16.06.2014 15:16:02 : [squidguard_rebuild_db] Start rebuild DB.
16.06.2014 15:16:02 : [sg_create_config] Add sources: bloqueado
16.06.2014 15:16:02 : [sg_create_config] Add destinations: Bloqueia_Sites;
16.06.2014 15:16:02 : [sg_create_config] Add rewrites: safesearch;
16.06.2014 15:16:03 : [sg_create_config] Add ACL's: bloqueado;
16.06.2014 15:16:03 : [sg_create_config] Add Default
16.06.2014 15:16:03 : [sg_redirector_base_url] Select redirector base url (http://192.168.1.240:80/sgerror.php?url=403%20&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
16.06.2014 15:16:03 : [sg_reconfigure] Save squidGuard config to '/usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard.conf'.
16.06.2014 15:16:03 : [squid_reconfigure] Remove old redirector options from Squid config.
16.06.2014 15:16:03 : [squid_reconfigure] Add new redirector options to Squid config.

davidjrsp

Parece que tem um erro na conf do squidguard

vou mandar a conf aqui

logdir /var/squidGuard/log
dbhome /var/db/squidGuard
ldapbinddn cn=administrator,cn=Users,dc=dominio,dc=srv
ldapbindpass senha do administrator
ldapprotover 3

src bloqueado {
ldapusersearch ldap://192.168.1.208:3268/DC=meudominio,DC=srv?sAMAccountName?sub?(&(sAMAccountName=%s)(memberOf=CN=bloqueado%2cCN=Users%2cDC=meudominio%2cDC=srv))
log block.log
}

dest Bloqueia_Sites {
domainlist Bloqueia_Sites/domains
log block.log
}

rew safesearch {
s@(google../search?.q=.)@\1&safe=active@i
s@(google../images.q=.)@\1&safe=active@i
s@(google../groups.q=.)@\1&safe=active@i
s@(google../news.q=.)@\1&safe=active@i
s@(yandex../yandsearch?.text=.)@\1&fyandex=1@i
s@(search.yahoo../search.p=.)@\1&vm=r&v=1@i
s@(search.live../.q=.)@\1&adlt=strict@i
s@(search.msn../.q=.)@\1&adlt=strict@i
s@(.bing..*/.q=.)@\1&adlt=strict@i
log block.log
}

acl {
#
bloqueado {
pass !Bloqueia_Sites all
log block.log
}
#
default {
pass none
redirect http://192.168.1.240:80/sgerror.php?url=403%20&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
log block.log