Squidguard just doesn't work: solved !



  • I tried to install squidgaurd on my firewall. Of course first I installed Squid, then squidguard. I followed the manual on http://diskatel.narod.ru/sgquick.htm exactly (only general and default pages). I got the right default page, the log gave no errors, but nothing filtered. Then I installed squid and squidguard again on another pfsense machine (clean install). This time I didn't use blacklists, but just denied access for all. My squidguard.conf looks like this:

    _# ============================================================

    SquidGuard configuration file

    This file generated automaticly with SquidGuard configurator

    (C)2006 Serg Dvoriancev

    email: dv_serg@mail.ru

    ============================================================

    logdir /var/squidGuard/log
    dbhome /var/db/squidGuard

    acl  {

    default  {
    pass ! none
    redirect http://192.168.30.1:80/sgerror.php?url=403 Niet toegestaan%3A Coblin Netprotect&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
    }
    }_

    So I think it should deny everything… But it doesn't, even not after a reboot.

    In this topic: http://forum.pfsense.org/index.php/topic,8417.0.html I saw two steps I couldn't manage:

    …go to the shell, and type more /vare/squid/log. The only thing pfsense sais is: This is a directory.
    …type chown -R proxy:proxy /var/squidGuard. Where do I do that?

    Personally I think there's something wrong with my proxy server settings, but I'm not sure. Can anyone help me out? Thanks in advance!

    my Squidguard log:

    25.09.2008 14:53:45 : sg_reconfigure_user_db: Begin with '/var/db/squidGuard'
    25.09.2008 14:53:45 : sg_reconfigure_user_db: Nothing. User destinations list empty.
    25.09.2008 14:53:45 : sg_create_config: add Default
    25.09.2008 14:53:45 : sg_redirector_base_url: Select redirector base url (http://192.168.30.1:80/sgerror.php?url=403 Niet toegestaan%3A Coblin Netprotect&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
    25.09.2008 14:53:45 : sg_reconfigure: save squidGuard config to '/usr/local/etc/squidGuard/squidGuard.conf'.
    25.09.2008 14:53:45 : squid_reconfigure: Remove old redirector options from Squid config.
    25.09.2008 14:53:45 : squid_reconfigure: Add new redirector options to Squid config.
    25.09.2008 14:57:27 : sg_reconfigure_user_db: Begin with '/var/db/squidGuard'
    25.09.2008 14:57:27 : sg_reconfigure_user_db: Nothing. User destinations list empty.
    25.09.2008 14:57:27 : sg_create_config: add Default
    25.09.2008 14:57:27 : sg_redirector_base_url: Select redirector base url (http://192.168.30.1:80/sgerror.php?url=403 Niet toegestaan%3A Coblin Netprotect&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
    25.09.2008 14:57:27 : sg_reconfigure: save squidGuard config to '/usr/local/etc/squidGuard/squidGuard.conf'.
    25.09.2008 14:57:27 : squid_reconfigure: Remove old redirector options from Squid config.
    25.09.2008 14:57:27 : squid_reconfigure: Add new redirector options to Squid config.



  • pass ! none
    must be 'pass none'

    Possible exists empty Destinations item
    Add one item to Destinations and delete exists empty item (if this present).
    After Default page-Save; General page - Apply.
    Any changes?



  • YES! Thanks a lot! Was that due to the pass !none rule or does one have to add a destination to get it to work? Anyway; after this test I've added the shallalist. This also runs perfect now. Thanks a lot, dvserg!



  • @SourceFinder:

    YES! Thanks a lot! Was that due to the pass !none rule or does one have to add a destination to get it to work? Anyway; after this test I've added the shallalist. This also runs perfect now. Thanks a lot, dvserg!

    I dont know why present 'pass ! none' Maybe this is GUI bug or old configuration settings.
    I save you situation for analyse
    Thanks.



  • In the original configuration the line was pass !all. The ! was already there. I have set this to pass !none. So if there's any bug, then it's just the ! (remark).



  • Maybe you'v e got also a good anser on this one: I enabled transparent proxy in squid. When I disable transparent proxy, squidguard doesn't function…


Locked