Squidguard stopped filtering over night



  • We have tested this for weeks and everything worked perfect.  We cut over our gateway to push to pfsense, tested around 6 pm yesterday and worked like a charm.  Woke up this morning and figured I would have tons of mean emails from the employees lol but not a single email.  I figured something must be up, hopped on my test machine and porn loaded right up.  I restarted the squid service, reinstalled the services, rebooted the pfsense box and it's still not filtering.  Redownloaded the blacklist as well.

    Running 2.4.0-RC (amd64)
    built on Tue Aug 22 12:41:23 CDT 2017

    and

    squid 0.4.37  
    squidGuard 1.16.3



  • Config

    
     <squidguard><logdir>/var/squidGuard/log</logdir>
    	<dbhome>/var/db/squidGuard</dbhome>
    	<ldap_enable></ldap_enable>
    	<ldapbinddn></ldapbinddn>
    	<ldapbindpass></ldapbindpass>
    	<ldapversion>3</ldapversion>
    	<stripntdomain></stripntdomain>
    	<striprealm></striprealm>
    	<binpath>/usr/local/bin</binpath>
    	<workdir>/usr/local/etc/squidGuard</workdir>
    	<sgxml_file>/usr/local/etc/squidGuard/squidguard_conf.xml</sgxml_file>
    	<enabled>on</enabled>
    	<blacklist_enabled>on</blacklist_enabled>
    	<blacklist_url>http://www.shallalist.de/Downloads/shallalist.tar.gz</blacklist_url>
    
    	 <destinations><name>FileExtension</name>
    
    			<domains></domains>
    			<expressions>(.*\/.*\.(asf|wm|wma|wmv|cab|mp3|avi|mpg|swf|mpeg|mp.|mpv|mp3|wm.|vpu|exe))</expressions>
    			<redirect_mode>rmod_none</redirect_mode>
    
    			<log>on</log> 
    		 <name>DomainWhitelist</name>
    
    			<domains>wellsfargo.com bankofamerica.com googleadservices.com skypeassets.com 23.73.247.53 23.2.99.20 23.11.250.157 apps.skypeassets.com skype.com</domains>
    
    			<redirect_mode>rmod_none</redirect_mode></destinations> 
    	 <rewrites><name>safesearch</name>
    
    			<log>on</log>
    			 <targeturl>(google\..*/search?.*q=.*)</targeturl>
    				<replaceto>\1\&safe=active</replaceto>
    				<mode>i</mode> 
    			 <targeturl>(google\..*/images.*q=.*)</targeturl>
    				<replaceto>\1\&safe=active</replaceto>
    				<mode>i</mode> 
    			 <targeturl>(google\..*/groups.*q=.*)</targeturl>
    				<replaceto>\1\&safe=active</replaceto>
    				<mode>i</mode> 
    			 <targeturl>(google\..*/news.*q=.*)</targeturl>
    				<replaceto>\1\&safe=active</replaceto>
    				<mode>i</mode> 
    			 <targeturl>(yandex\..*/yandsearch?.*text=.*)</targeturl>
    				<replaceto>\1\&fyandex=1</replaceto>
    				<mode>i</mode> 
    			 <targeturl>(search\.yahoo\..*/search.*p=.*)</targeturl>
    				<replaceto>\1\&vm=r&v=1</replaceto>
    				<mode>i</mode> 
    			 <targeturl>(search\.live\..*/.*q=.*)</targeturl>
    				<replaceto>\1\&adlt=strict</replaceto>
    				<mode>i</mode> 
    			 <targeturl>(search\.msn\..*/.*q=.*)</targeturl>
    				<replaceto>\1\&adlt=strict</replaceto>
    				<mode>i</mode> 
    			 <targeturl>(\.bing\..*/.*q=.*)</targeturl>
    				<replaceto>\1\&adlt=strict</replaceto>
    				<mode>i</mode></rewrites> 
    
    	 <default><name>default</name>
    
    		<disabled></disabled>
    		<timename></timename>
    		<redirect_mode>rmod_int</redirect_mode>
    
    		<rewritename>safesearch</rewritename>
    		<log>on</log>
    		<notallowingip></notallowingip>
    		<destname>!FileExtension ^DomainWhitelist !blk_BL_aggressive !blk_BL_alcohol !blk_BL_anonvpn !blk_BL_chat !blk_BL_dating !blk_BL_drugs !blk_BL_fortunetelling !blk_BL_jobsearch !blk_BL_models !blk_BL_music !blk_BL_podcasts !blk_BL_porn !blk_BL_radiotv !blk_BL_religion !blk_BL_ringtones !blk_BL_sex_education !blk_BL_sex_lingerie !blk_BL_spyware !blk_BL_tracker !blk_BL_violence !blk_BL_warez !blk_BL_weapons blk_BL_webphone !blk_BL_webradio !blk_BL_webtv all</destname></default> 
    	<enablelog>on</enablelog>
    	<enableguilog>off</enableguilog>
    	<logrotation>off</logrotation>
    	<adv_blankimg>off</adv_blankimg>
    	<current_lan_ip>192.168.0.254</current_lan_ip>
    	<squid_transparent_mode>on</squid_transparent_mode>
    
    	<current_gui_protocol>http</current_gui_protocol></squidguard>