Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SquidGard not working [solved]

    Scheduled Pinned Locked Moved pfSense Packages
    11 Posts 4 Posters 6.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Z Offline
      zabidin2
      last edited by

      Hi,

      I install pfsense as my firewall. Also add squid and squidgard. But when i make file blacklist, and put in squidgard the page still can be access. Need help.

      Thank you.

      1 Reply Last reply Reply Quote 0
      • C Offline
        ColdFusion
        last edited by

        More info maybe….Is squid in transparent?? Did you hit the save button then hit apply button on the squidguard page??

        1 Reply Last reply Reply Quote 0
        • Z Offline
          zabidin2
          last edited by

          Squid is transparent. Yes, i did.

          1 Reply Last reply Reply Quote 0
          • E Offline
            eethore
            last edited by

            i also having trouble in squid guard.
            the proxy is started as well as the squid guard from services.
            but, the blacklist, the access control list not making any different.

            this is the system log capture :

            Jun 17 13:13:26 php: /pkg_edit.php: Reloading Squid for configuration sync
            Jun 17 13:09:18 check_reload_status: reloading filter
            Jun 17 13:09:17 php: /pkg_edit.php: Reloading Squid for configuration sync
            Jun 17 13:09:16 squid[21800]: Squid Parent: child process 21802 started
            Jun 17 13:09:16 php: /pkg_edit.php: Starting Squid
            Jun 17 13:09:04 squid[21699]: Squid Parent: child process 21701 started
            Jun 17 13:08:50 squid[21524]: Squid Parent: child process 21526 exited due to signal 9
            Jun 17 13:08:47 squid[21524]: Squid Parent: child process 21526 started
            Jun 17 12:37:21 pftpx[668]: #19 client reset connection
            Jun 17 12:37:21 pftpx[668]: #19 client reset connection
            Jun 17 12:36:57 pftpx[668]: #18 client reset connection
            Jun 17 12:36:57 pftpx[668]: #18 client reset connection
            Jun 17 12:03:54 pftpx[668]: #14 client reset connection
            Jun 17 12:03:54 pftpx[668]: #14 client reset connection
            Jun 17 12:02:38 pftpx[668]: #12 client reset connection
            Jun 17 12:02:38 pftpx[668]: #12 client reset connection
            Jun 17 11:59:58 Squid_Alarm[5964]: Squid has resumed. Reconfiguring filter.
            Jun 17 11:59:56 Squid_Alarm[5555]: Reconfiguring filter…
            Jun 17 11:59:53 squid[5508]: Squid Parent: child process 5511 started
            Jun 17 11:59:53 Squid_Alarm[5499]: Attempting restart…
            Jun 17 11:59:53 Squid_Alarm[5497]: Squid has exited. Reconfiguring filter.
            Jun 17 11:59:02 squid[5220]: Squid Parent: child process 5222 started
            Jun 17 11:58:43 check_reload_status: reloading filter
            Jun 17 11:58:42 php: /pkg_edit.php: Reloading Squid for configuration sync
            Jun 17 11:58:41 php: /pkg_edit.php: Reloading Squid for configuration sync
            Jun 17 11:57:51 check_reload_status: reloading filter
            Jun 17 11:57:48 php: /pkg_edit.php: Reloading Squid for configuration sync
            Jun 17 11:56:24 check_reload_status: reloading filter
            Jun 17 11:56:23 php: /pkg_edit.php: Reloading Squid for configuration sync
            Jun 17 11:55:18 clamd[1493]: LOCAL: Socket file /var/run/clamav/clamd.sock could not be bound: No such file or directory
            Jun 17 11:55:15 Squid_Alarm[2114]: Squid has resumed. Reconfiguring filter.
            Jun 17 11:55:11 Squid_Alarm[1702]: Reconfiguring filter…
            Jun 17 11:55:08 squid[1622]: Squid Parent: child process 1625 started
            Jun 17 11:55:08 Squid_Alarm[1615]: Attempting restart…
            Jun 17 11:55:08 Squid_Alarm[1613]: Squid has exited. Reconfiguring filter.
            Jun 17 11:55:06 login: login on ttyv0 as root
            Jun 17 11:55:04 check_reload_status: check_reload_status is starting
            Jun 17 11:55:03 squid[1490]: Squid Parent: child process 1492 started
            Jun 17 11:55:03 php: : Reloading Squid for configuration sync
            Jun 17 11:55:02 php: : XML error: not well-formed (invalid token) at line 1
            Jun 17 11:55:02 php: : Resyncing configuration for all packages.
            Jun 17 11:55:01 php: : Creating rrd update script
            Jun 17 11:54:59 php: : SQUID is installed but not started. Not installing redirect rules.
            Jun 17 11:54:59 php: : SQUID is installed but not started. Not installing redirect rules.

            1 Reply Last reply Reply Quote 0
            • E Offline
              eethore
              last edited by

              On the next try of uninstall and install the package of squid and squidguard, the log are like these…

              I also trying to uncheck the transparant mode of the squid, and NAT all the request to port 80 to port 3128 (squid port). And still no luck!

              Jun 17 15:28:04 squid[4039]: Squid Parent: child process 9797 started
              Jun 17 15:28:01 squid[4039]: Squid Parent: child process 4042 exited due to signal 6
              Jun 17 15:28:01 kernel: pid 4042 (squid), uid 62: exited on signal 6
              Jun 17 15:28:01 squid[4042]: The url_rewriter helpers are crashing too rapidly, need help!
              Jun 17 15:27:46 check_reload_status: reloading filter
              Jun 17 15:27:42 php: /pkg_edit.php: Reloading Squid for configuration sync
              Jun 17 15:26:44 check_reload_status: reloading filter
              Jun 17 15:26:43 php: /pkg_edit.php: Reloading Squid for configuration sync
              Jun 17 15:26:06 syslogd: kernel boot file is /boot/kernel/kernel

              1 Reply Last reply Reply Quote 0
              • Z Offline
                zabidin2
                last edited by

                Don't know what wrong. ??? ???

                /var/squidGuard/log/sg_configurator.log
ads; aggressive; audio-video; drugs; gambling; hacking; mail; porn; proxy; violence; warez;

22.06.2009 19:23:49 : sg_create_config: add destinations:
Senarai_Hitam;
22.06.2009 19:23:49 : sg_create_config: add rewrites: success safesearch;
22.06.2009 19:23:49 : sg_create_config: add ACL's:
locaIP;
22.06.2009 19:23:49 : sg_create_config: add Default
22.06.2009 19:23:49 : sg_redirector_base_url: Select redirector base url (http://192.168.8.9:441/sgerror.php?url=blank&msg=&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
22.06.2009 19:23:51 : sg_reconfigure: save squidGuard config to '/usr/local/etc/squidGuard/squidGuard.conf'.
22.06.2009 19:23:51 : squid_reconfigure: Remove old redirector options from Squid config.
22.06.2009 19:23:51 : squid_reconfigure: Add new redirector options to Squid config.
23.06.2009 09:09:48 : sg_reconfigure_user_db: Begin with '/var/db/squidGuard'
23.06.2009 09:09:48 : sg_reconfigure_user_db: Add user entries
23.06.2009 09:09:48 : sg_reconfigure_user_db: -- add Senarai_Hitam domains 'www.youtube.com';
23.06.2009 09:09:48 : sg_rebuild_db: Begin with path '/var/db/squidGuard'.
23.06.2009 09:09:48 : sg_create_simple_config: Begin with dbhome='/var/db/squidGuard'.
23.06.2009 09:09:48 : sg_create_simple_config: -- added item 'usr_Senarai_Hitam' = '/var/db/squidGuard/Senarai_Hitam'.
23.06.2009 09:09:48 : sg_redirector_base_url: Select redirector base url (http://192.168.8.9:441/sgerror.php?url=403%20404&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
23.06.2009 09:09:48 : sg_rebuild_db: Create temporary config '/tmp/squidGuard_rebuild.conf_usrdb'.
23.06.2009 09:09:49 : sg_rebuild_db: Started SH script '/tmp/squidGuard_db_rebuild.sh_usrdb'.
23.06.2009 09:09:49 : sg_create_config: add sources:
locaIP
23.06.2009 09:09:49 : sg_create_config: add blacklist entries
23.06.2009 09:09:49 : sg_create_config: added:
ads; aggressive; audio-video; drugs; gambling; hacking; mail; porn; proxy; violence; warez;

23.06.2009 09:09:49 : sg_create_config: add destinations:
Senarai_Hitam;
23.06.2009 09:09:49 : sg_create_config: add rewrites: success safesearch;
23.06.2009 09:09:49 : sg_create_config: add ACL's:
locaIP;
23.06.2009 09:09:49 : sg_create_config: add Default
23.06.2009 09:09:49 : sg_redirector_base_url: Select redirector base url (http://192.168.8.9:441/sgerror.php?url=blank&msg=&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
23.06.2009 09:09:49 : sg_reconfigure: save squidGuard config to '/usr/local/etc/squidGuard/squidGuard.conf'.
23.06.2009 09:09:49 : squid_reconfigure: Remove old redirector options from Squid config.
23.06.2009 09:09:49 : squid_reconfigure: Add new redirector options to Squid config.
23.06.2009 09:10:03 : sg_reconfigure_user_db: Begin with '/var/db/squidGuard'
23.06.2009 09:10:03 : sg_reconfigure_user_db: Add user entries
23.06.2009 09:10:03 : sg_reconfigure_user_db: -- add Senarai_Hitam domains 'www.youtube.com';
23.06.2009 09:10:03 : sg_rebuild_db: Begin with path '/var/db/squidGuard'.
23.06.2009 09:10:03 : sg_create_simple_config: Begin with dbhome='/var/db/squidGuard'.
23.06.2009 09:10:03 : sg_create_simple_config: -- added item 'usr_Senarai_Hitam' = '/var/db/squidGuard/Senarai_Hitam'.
23.06.2009 09:10:03 : sg_redirector_base_url: Select redirector base url (http://192.168.8.9:441/sgerror.php?url=403%20404&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
23.06.2009 09:10:03 : sg_rebuild_db: Create temporary config '/tmp/squidGuard_rebuild.conf_usrdb'.
23.06.2009 09:10:03 : sg_rebuild_db: Started SH script '/tmp/squidGuard_db_rebuild.sh_usrdb'.
23.06.2009 09:10:03 : sg_create_config: add sources:
locaIP
23.06.2009 09:10:03 : sg_create_config: add blacklist entries
23.06.2009 09:10:03 : sg_create_config: added:
ads; aggressive; audio-video; drugs; gambling; hacking; mail; porn; proxy; violence; warez;

23.06.2009 09:10:03 : sg_create_config: add destinations:
Senarai_Hitam;
23.06.2009 09:10:03 : sg_create_config: add rewrites: success safesearch;
23.06.2009 09:10:03 : sg_create_config: add ACL's:
locaIP;
23.06.2009 09:10:03 : sg_create_config: add Default
23.06.2009 09:10:03 : sg_redirector_base_url: Select redirector base url (http://192.168.8.9:441/sgerror.php?url=blank&msg=&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
23.06.2009 09:10:04 : sg_reconfigure: save squidGuard config to '/usr/local/etc/squidGuard/squidGuard.conf'.
23.06.2009 09:10:04 : squid_reconfigure: Remove old redirector options from Squid config.
23.06.2009 09:10:47 : sg_reconfigure_user_db: Begin with '/var/db/squidGuard'
23.06.2009 09:10:47 : sg_reconfigure_user_db: Add user entries
23.06.2009 09:10:47 : sg_reconfigure_user_db: -- add Senarai_Hitam domains 'www.youtube.com';
23.06.2009 09:10:47 : sg_rebuild_db: Begin with path '/var/db/squidGuard'.
23.06.2009 09:10:47 : sg_create_simple_config: Begin with dbhome='/var/db/squidGuard'.
23.06.2009 09:10:47 : sg_create_simple_config: -- added item 'usr_Senarai_Hitam' = '/var/db/squidGuard/Senarai_Hitam'.
23.06.2009 09:10:47 : sg_redirector_base_url: Select redirector base url (http://192.168.8.9:441/sgerror.php?url=403%20404&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
23.06.2009 09:10:47 : sg_rebuild_db: Create temporary config '/tmp/squidGuard_rebuild.conf_usrdb'.
23.06.2009 09:10:47 : sg_rebuild_db: Started SH script '/tmp/squidGuard_db_rebuild.sh_usrdb'.
23.06.2009 09:10:47 : sg_create_config: add sources:
locaIP
23.06.2009 09:10:47 : sg_create_config: add destinations:
Senarai_Hitam;
23.06.2009 09:10:47 : sg_create_config: add rewrites: success safesearch;
23.06.2009 09:10:47 : sg_create_config: add ACL's:
locaIP;
23.06.2009 09:10:47 : sg_create_config: add Default
23.06.2009 09:10:47 : sg_redirector_base_url: Select redirector base url (http://192.168.8.9:441/sgerror.php?url=blank&msg=&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
23.06.2009 09:10:47 : sg_reconfigure: save squidGuard config to '/usr/local/etc/squidGuard/squidGuard.conf'.
23.06.2009 09:10:47 : squid_reconfigure: Add new redirector options to Squid config.
23.06.2009 09:11:17 : sg_reconfigure_user_db: Begin with '/var/db/squidGuard'
23.06.2009 09:11:17 : sg_reconfigure_user_db: Add user entries
23.06.2009 09:11:17 : sg_reconfigure_user_db: -- add Senarai_Hitam domains 'www.youtube.com';
23.06.2009 09:11:17 : sg_rebuild_db: Begin with path '/var/db/squidGuard'.
23.06.2009 09:11:17 : sg_create_simple_config: Begin with dbhome='/var/db/squidGuard'.
23.06.2009 09:11:17 : sg_create_simple_config: -- added item 'usr_Senarai_Hitam' = '/var/db/squidGuard/Senarai_Hitam'.
23.06.2009 09:11:17 : sg_redirector_base_url: Select redirector base url (http://192.168.8.9:441/sgerror.php?url=403%20404&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
23.06.2009 09:11:17 : sg_rebuild_db: Create temporary config '/tmp/squidGuard_rebuild.conf_usrdb'.
23.06.2009 09:11:17 : sg_rebuild_db: Started SH script '/tmp/squidGuard_db_rebuild.sh_usrdb'.
23.06.2009 09:11:17 : sg_create_config: add sources:
locaIP
23.06.2009 09:11:17 : sg_create_config: add blacklist entries
23.06.2009 09:11:17 : sg_create_config: added:
ads; aggressive; audio-video; drugs; gambling; hacking; mail; porn; proxy; violence; warez;

23.06.2009 09:11:17 : sg_create_config: add destinations:
Senarai_Hitam;
23.06.2009 09:11:17 : sg_create_config: add rewrites: success safesearch;
23.06.2009 09:11:17 : sg_create_config: add ACL's:
locaIP;
23.06.2009 09:11:17 : sg_create_config: add Default
23.06.2009 09:11:17 : sg_redirector_base_url: Select redirector base url (http://192.168.8.9:441/sgerror.php?url=blank&msg=&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
23.06.2009 09:11:17 : sg_reconfigure: save squidGuard config to '/usr/local/etc/squidGuard/squidGuard.conf'.
23.06.2009 09:11:17 : squid_reconfigure: Remove old redirector options from Squid config.
23.06.2009 09:11:17 : squid_reconfigure: Add new redirector options to Squid config.
23.06.2009 09:11:38 : sg_reconfigure_user_db: Begin with '/var/db/squidGuard'
23.06.2009 09:11:38 : sg_reconfigure_user_db: Add user entries
23.06.2009 09:11:38 : sg_reconfigure_user_db: -- add Senarai_Hitam domains 'www.youtube.com';
23.06.2009 09:11:38 : sg_rebuild_db: Begin with path '/var/db/squidGuard'.
23.06.2009 09:11:38 : sg_create_simple_config: Begin with dbhome='/var/db/squidGuard'.
23.06.2009 09:11:38 : sg_create_simple_config: -- added item 'usr_Senarai_Hitam' = '/var/db/squidGuard/Senarai_Hitam'.
23.06.2009 09:11:38 : sg_redirector_base_url: Select redirector base url (http://192.168.8.9:441/sgerror.php?url=403%20404&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
23.06.2009 09:11:38 : sg_rebuild_db: Create temporary config '/tmp/squidGuard_rebuild.conf_usrdb'.
23.06.2009 09:11:38 : sg_rebuild_db: Started SH script '/tmp/squidGuard_db_rebuild.sh_usrdb'.
23.06.2009 09:11:38 : sg_create_config: add sources:
locaIP
23.06.2009 09:11:38 : sg_create_config: add blacklist entries
23.06.2009 09:11:38 : sg_create_config: added:
ads; aggressive; audio-video; drugs; gambling; hacking; mail; porn; proxy; violence; warez;

23.06.2009 09:11:38 : sg_create_config: add destinations:
Senarai_Hitam;
23.06.2009 09:11:38 : sg_create_config: add rewrites: success safesearch;
23.06.2009 09:11:38 : sg_create_config: add ACL's:
locaIP;
23.06.2009 09:11:38 : sg_create_config: add Default
23.06.2009 09:11:38 : sg_redirector_base_url: Select redirector base url (http://192.168.8.9:441/sgerror.php?url=blank&msg=&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
23.06.2009 09:11:39 : sg_reconfigure: save squidGuard config to '/usr/local/etc/squidGuard/squidGuard.conf'.
23.06.2009 09:11:39 : squid_reconfigure: Remove old redirector options from Squid config.
                1 Reply Last reply Reply Quote 0
                • D Offline
                  dvserg
                  last edited by

                  By SG log all correct.
                  Possible view SG config ?

                  SquidGuardDoc EN  RU Tutorial
                  Localization ru_PFSense

                  1 Reply Last reply Reply Quote 0
                  • Z Offline
                    zabidin2
                    last edited by

                    As you request, SG config:

                    /usr/local/etc/squidGuard/squidGuard.conf
# ============================================================
# SquidGuard configuration file
# This file generated automaticly with SquidGuard configurator
# (C)2006 Serg Dvoriancev
# email: dv_serg@mail.ru
# ============================================================

logdir /var/squidGuard/log
dbhome /var/db/squidGuard

#
src locaIP {
ip 192.168.8.0/24
}

#
dest ads {
domainlist ads/domains
urllist ads/urls
log block.log
}

#
dest aggressive {
domainlist aggressive/domains
urllist aggressive/urls
log block.log
}

#
dest audio-video {
domainlist audio-video/domains
urllist audio-video/urls
log block.log
}

#
dest drugs {
domainlist drugs/domains
urllist drugs/urls
log block.log
}

#
dest gambling {
domainlist gambling/domains
urllist gambling/urls
log block.log
}

#
dest hacking {
domainlist hacking/domains
urllist hacking/urls
log block.log
}

#
dest mail {
domainlist mail/domains
log block.log
}

#
dest porn {
domainlist porn/domains
expressionlist porn/expressions
urllist porn/urls
log block.log
}

#
dest proxy {
domainlist proxy/domains
urllist proxy/urls
log block.log
}

#
dest violence {
domainlist violence/domains
expressionlist violence/expressions
urllist violence/urls
log block.log
}

#
dest warez {
domainlist warez/domains
urllist warez/urls
log block.log
}

# Blacklist page
dest Senarai_Hitam {
domainlist Senarai_Hitam/domains
}

#
rew safesearch {
s@(google\..*/search?.*q=.*)@\1\&safe=active@i
s@(google\..*/images.*q=.*)@\1\&safe=active@i
s@(google\..*/groups.*q=.*)@\1\&safe=active@i
s@(google\..*/news.*q=.*)@\1\&safe=active@i
s@(yandex\..*/yandsearch?.*text=.*)@\1\&fyandex=1@i
s@(search\.yahoo\..*/search.*p=.*)@\1\&vm=r@i
s@(search\.live\..*/.*q=.*)@\1\&adlt=strict@i
s@(search\.msn\..*/.*q=.*)@\1\&adlt=strict@i
log block.log
}

#
acl {
#
locaIP {
pass all
}
#
default {
pass !in-addr !audio-video !drugs !porn !Senarai_Hitam all
redirect http://192.168.8.9:441/sgerror.php?url=403%20403%20Access%20Forbidden%20For%20This%20Page.&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
log block.log
}
}
                    1 Reply Last reply Reply Quote 0
                    • D Offline
                      dvserg
                      last edited by

                      What you filter here ?

                      locaIP {
                      pass all
                      }

                      ACL 'localIP' no filter any category. And you subnet filtered by this ACL!

                      SquidGuardDoc EN  RU Tutorial
                      Localization ru_PFSense

                      1 Reply Last reply Reply Quote 0
                      • Z Offline
                        zabidin2
                        last edited by

                        Assist me how to add more domain here.

                        Any idea why squidgard working on LAN interfaces only?

                        1 Reply Last reply Reply Quote 0
                        • Z Offline
                          zabidin2
                          last edited by

                          Now my squidgard working perfect.

                          Cheers.

                          –--------------------------
                          Mzar

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.