Squid + Dansguardian: Logs say "block" but content passes ?!



  • G'day all

    I've been trying to get dansguardian with Squid working. Since I need more than just URL blocking, I guess there is no other way around dansguardian.

    I'v currently added shalla's list, redirect Port 80 on LAN to localhost:8080 where dansguardian runs. It uses the (non-transparent) squid on localhost:3268. I see dansguardian handling requests in access.log but I can still navigate to a adult site - although the frigging dg access logs tell i.e.:

    2013.7.27 xx:xx:xx - <src-ip>http://www.sex.com/images/sex/favicon.ico DENIED Banned Regular Expression URL: (big|cyber|hard|huge|mega|small|soft|super|ti …. )s? GET 0 0 Banned Regular Expression URLs 1 403 -  Default  - -

    I already tried uninstalling the packages, reloading the firewall by exporting a config.xml without package information (apparently config.xml keeps config of uninstalled pkgs), after reloading the box with the config without pkg I reinstalled and had the same situation.

    Reporting Level is: Use HTML template file (default)

    I'd be glad to get a pointer where to look for the brokenness.</src-ip>



  • The clue (must have) been that it did block some of the content but not the full site (pictures were absent)
    But since dansguardian is -as it seem to me - quite strict in default settings I'll have to fine-tune this guy (obviously it even blocks .exe or signature updates of some Antivirus clients (Forefront Endpoint uses .cab)

    So the main issue between keyboard and chair ;-)

    Additionally IE seems to less like getting "broken" sites than other browsers like Chrome or Firefox…