Squidguard Auto Blacklist Updating



  • I've been using and installing pfSense for over a year now. Today we built some boxes for web filtering so I installed Squidguard. Configured it and it works well so far.

    So it won't auto grab the blacklist periodically? Only manually? What good is that? If so does anyone have a script to update it? Or use something else entirely that autoupdates its blacklist urls?

    I don't want to have to log into 30+ boxes every week/month and manually update them. Any/all advise appreciated.



  • So everyone logs into their routers and updates them manually?



  • It is possible to write a script and use it with a cronjob.
    Greetings



  • @seraphyn:

    It is possible to write a script and use it with a cronjob.
    Greetings

    I'm sure you can write a script. But that's silly. Think about it, a content filter is only as good as it's blacklist. It should be incorporated in the GUI by default. Just like virus definitions. I'm sure the Antivirus packages autoupdates. Who wrote the Squidguard package for pfSense? Maybe they can help.



  • I had the same idea, but when i looked into the respective pages (squidguard.inc, xml) i found out that i don't understand how its done. Maybe some other persion with knowledge of scripting php will find out how its being done. I think, a simple shell-script which downloads the shallalist or other resource and moves the content to the right place will do that too.



  • I even have issues with the manual update.  I run the manual update and all goes well.  But when I go into the browser I notice that all blocking is disabled.  So i then have to go back to squidguard and hit the apply settings.
      I guess if there is enough people that want it, we could start a bounty and see if any developer wants to take up the task.



  • That actually would be a handy feature.  I know that in the case of urlblacklist, downloads are tracked if you are not a member, so in cases like that an auto-downloader may not be practical.  However, an auto-download would be a wonderful addition to pfSense.

    • Can pfSense handle more than one Blacklist?  (Say downloading both the Shalla list and urlblacklist?)

    • It seems that after upgrading to 2.0 RC1, that I can no longer download from urlblacklist.  Anyone know what might be causing that?



  • If you manually update the blacklist, you will see squidGuardcreates a script :-

    /tmp/squidGuard_blacklist_update.sh

    Copy this script to /usr/local/bin, and then add it to cron to run once a day.

    That should auto update your rules.

    Note: I have not actually tested this yet.

    Regards

    Ben



  • @ben.suffolk:

    /tmp/squidGuard_blacklist_update.sh

    Copy this script to /usr/local/bin, and then add it to cron to run once a day.

    That should auto update your rules.

    Note: I have not actually tested this yet.

    Regards

    Ben

    Sounds nice.
    Would be a nice addition to further things,
    Thanks



  • BTW I set it up laster night so it would update this morning, and it worked fine.

    Ben



  • Hi Ben,

    possible to post the script, so we do not need to go to /tmp and all other user could be send to this thread?
    Or what about a wiki entry?
    Greetings Chris



  • I'm not sure copying a file from /tmp is that hard for people, in fact probably easier than creating a new file ;)

    #!/usr/local/bin/php -f
        $incl = "/usr/local/pkg/squidguard_configurator.inc";
        if (file_exists($incl)) {
            require_once($incl);
            sg_reconfigure_blacklist( "http://www.shallalist.de/Downloads/shallalist.tar.gz", "" );
        }
        exit;
    ?>
    

    Regards

    Ben



  • g
    Read the Forum… I read some things that .... Keep up the good work  ;D
    In short: It's Easier to link to this thread.
    Thx and greetings



  • so… lets say I'm pretty good at following directions, but seem to be missing some steps...

    I'm only familar with the web interface of pfsense when it comes to linux. I've done some cisco programming, and use dos all the time, just don't know the commands or security structure here.

    I installed cron on pfsense 1.2.3 and understand how I "might" upload a file(script) under the Diagnostics>Command section and even could maybe figure out how to then run that script daily...

    so, am I on the right track? and if so... what format does the file need to be in. (speak windows for me please, I know, I know) i.e. script.txt or cronjob.cron or whatever...

    or, using the aforementioned "command" line, could I just copy the above script from the tmp folder to the right folder for cron to access it? if so, what would the commands be and then what would the cron command be to start running it daily.

    If someone feels like holding my hand through this, awesome. If not... then I probably won't do it, no prob.
    And yes, I could probably google and rtfm but this seems pretty easy for someone who lives in linuxville.  I just don't know if I can copy from tmp to the right folder just using the command line, or things like that, and I'd really rather not learn the base security premise of this linux distro just to setup a cron job.

    Peace.



  • to get that thing running start up putty (http://www.putty.org/) and open a new connection, IP or name of your pfsense.
    You get a typical login-window, name: root, password: put in your pw.
    then start via webbrowser the update of squidguard.

    Now do a (in the putty-window)

    cd /tmp
    cp squidGuard_blacklist_update.sh /root
    exit
    
    

    Your putty will close. The shell-part is done.

    Now open cron via "Services" - "Cron" and add a new job.

    Fill in the time you want the script gets started.
    The correct calll of the script will be (in our case)

    /root/squidGuard_blacklist_update.sh
    

    The right user is "root".

    I like to settle scripts like this in /root, because in case of a software-crash its much easier to get all self created or changed portions of whatever from one folder than looking for them all over the system. After a while i don't know what and where i changed things, so this is a good place for that. But feel free to put your script whereever you want.

    Good luck!



  • thans scripts is very good. :)


Locked