3. SquidGuard destination groups

SquidGuard destination groups

  • A

    I'm attempting to setup SquidGuard on pfSense (1.2-RC4) and am running into a problem with having more than one destination group.  It seems that whenever I am using more than one destination group, none of them are enforced. I can only get it working when using a single destination group.

    I can add additional destination groups and everything continues to work while they are empty, but as soon as domain, url or regex fields are populated, SquidGuard stops blocking all the destination groups.

    I think destination groups after the initial one aren't creating database files in /var/db/squidGuard (my first group did create a db file there), although they are being added to the squidGuard.conf file so maybe that is causing squidGuard to not use any of the blacklist databases?

    Is anyone successfully using multiple destination group definitions?

    0
  • D

    Enable logview on General page and looking error messages. SG create 'block all' config, if found error's in config data.

    0
  • A

    Thanks for all the work you've done on this package dvserg.  Here is a snippet of the log, I'm building a very basic blacklist right now just trying to get the multiple destination groups to work.

    13.02.2008 08:13:56 : sg_reconfigure: start.
13.02.2008 08:13:56 : sg_reconfigure_user_db: begin at '/var/db/squidGuard'
13.02.2008 08:13:56 : sg_reconfigure_user_db: -- add domains 'myspace.com youtube.com friendster.com facebook.com'
13.02.2008 08:13:56 : sg_reconfigure_user_db: Create dir /var/db/squidGuard/security
13.02.2008 08:13:56 : sg_reconfigure_user_db: -- add domains 'gotomypc.com'
13.02.2008 08:13:56 : sg_rebuild_db: Begin with path '/var/db/squidGuard'.
13.02.2008 08:13:56 : sg_create_rebuild_config: Begin with dbhome='/var/db/squidGuard'.
13.02.2008 08:13:56 : sg_create_rebuild_config: Added item 'usr_social' = '/var/db/squidGuard/social'.
13.02.2008 08:13:56 : sg_create_rebuild_config: Added item 'usr_security' = '/var/db/squidGuard/security'.
13.02.2008 08:13:57 : sg_redirector_base_url: select redirector base url (301:404)
13.02.2008 08:13:57 : sg_create_rebuild_config: ATTENTION! Created default configuration. All content will blocked.
13.02.2008 08:13:57 : sg_rebuild_db: Create temporary config '/tmp/squidGuard_rebuild.conf_usrdb'.
13.02.2008 08:13:57 : sg_rebuild_db: Started SH script '/tmp/squidGuard_db_rebuild.sh_usrdb'.
13.02.2008 08:13:57 : sg_rebuild_db: End.
13.02.2008 08:13:57 : sg_remove_unused_db_entries: begin
13.02.2008 08:13:57 : sg_remove_unused_db_entries: Error delete /var/db/squidGuard/security
13.02.2008 08:13:57 : sg_remove_unused_db_entries: end
13.02.2008 08:13:57 : sg_reconfigure_user_db: end

    I'm confused by the phrase "All content will blocked." because it's not blocking anything, it's allowing all traffic to pass through. I also get that same error in the log when I clear the domains list of the second content group and squidGuard is successfully blocking the domains in the first list.

    13.02.2008 08:18:13 : sg_reconfigure: start.
13.02.2008 08:18:13 : sg_reconfigure_user_db: begin at '/var/db/squidGuard'
13.02.2008 08:18:14 : sg_reconfigure_user_db: -- add domains 'myspace.com youtube.com friendster.com facebook.com'
13.02.2008 08:18:14 : sg_reconfigure_user_db: Create dir /var/db/squidGuard/security
13.02.2008 08:18:14 : sg_rebuild_db: Begin with path '/var/db/squidGuard'.
13.02.2008 08:18:14 : sg_create_rebuild_config: Begin with dbhome='/var/db/squidGuard'.
13.02.2008 08:18:14 : sg_create_rebuild_config: Added item 'usr_social' = '/var/db/squidGuard/social'.
13.02.2008 08:18:14 : sg_create_rebuild_config: Ignored item 'usr_security' = '/var/db/squidGuard/security'.
13.02.2008 08:18:14 : sg_redirector_base_url: select redirector base url (301:404)
13.02.2008 08:18:14 : sg_create_rebuild_config: ATTENTION! Created default configuration. All content will blocked.
13.02.2008 08:18:14 : sg_rebuild_db: Create temporary config '/tmp/squidGuard_rebuild.conf_usrdb'.
13.02.2008 08:18:14 : sg_rebuild_db: Started SH script '/tmp/squidGuard_db_rebuild.sh_usrdb'.
13.02.2008 08:18:14 : sg_rebuild_db: End.
13.02.2008 08:18:14 : sg_remove_unused_db_entries: begin
13.02.2008 08:18:14 : sg_remove_unused_db_entries: Error delete /var/db/squidGuard/security
13.02.2008 08:18:14 : sg_remove_unused_db_entries: end

    Looking over the squidGuard.conf file, it looks correct, so I'm unsure where the error is originating.

    0
  • D

    OK, I change notification.
    And i found one my bug  :-[ - will fixed.
    –-
    What can you do now:
    " Ignored item 'usr_security' = '/var/db/squidGuard/security' " - comment: item can't be empty, else them will ignored.

    Checking file "/var/db/squidGuard/security" for permission (post here pls)

    Test with this:
    Select Redirect mode as 'Internal' (General page) (first - Save, them Apply)
    WebGUI pfSense must have 'http' proto

    Thanks
    Serg

    0
  • C

    I had multiple destinations working until the update I installed today.

    0
  • D

    @ciarocci:

    I had multiple destinations working until the update I installed today.

    I checking bug's now and tomorrow too  :-[
    Sorry

    0
  • A

    OK, I changed the redirect to internal (I was defining the redirect address in the destination group and it seemed to be working correctly, is that wrong?).

    The /var/db/squidGuard/security directory is not being created even though the logs say it is…  The social directory is 0755 and owned by user proxy.

    
13.02.2008 11:19:23 : sg_reconfigure: start.
13.02.2008 11:19:23 : sg_reconfigure_user_db: begin at '/var/db/squidGuard'
13.02.2008 11:19:23 : sg_reconfigure_user_db: -- add domains 'myspace.com youtube.com friendster.com facebook.com'
13.02.2008 11:19:23 : sg_reconfigure_user_db: Create dir /var/db/squidGuard/security
13.02.2008 11:19:23 : sg_reconfigure_user_db: -- add domains 'gotomypc.com'
13.02.2008 11:19:23 : sg_rebuild_db: Begin with path '/var/db/squidGuard'.
13.02.2008 11:19:23 : sg_create_rebuild_config: Begin with dbhome='/var/db/squidGuard'.
13.02.2008 11:19:23 : sg_create_rebuild_config: Added item 'usr_social' = '/var/db/squidGuard/social'.
13.02.2008 11:19:23 : sg_create_rebuild_config: Added item 'usr_security' = '/var/db/squidGuard/security'.
13.02.2008 11:19:23 : sg_redirector_base_url: select redirector base url (http://10.0.0.120:8080/sgerror.php?url=404&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
13.02.2008 11:19:23 : sg_create_rebuild_config: ATTENTION! Created default configuration. All content will blocked.
13.02.2008 11:19:23 : sg_rebuild_db: Create temporary config '/tmp/squidGuard_rebuild.conf_usrdb'.
13.02.2008 11:19:24 : sg_rebuild_db: Started SH script '/tmp/squidGuard_db_rebuild.sh_usrdb'.
13.02.2008 11:19:24 : sg_rebuild_db: End.
13.02.2008 11:19:24 : sg_remove_unused_db_entries: begin
13.02.2008 11:19:24 : sg_remove_unused_db_entries: Error delete /var/db/squidGuard/security
13.02.2008 11:19:24 : sg_remove_unused_db_entries: end
13.02.2008 11:19:24 : sg_reconfigure_user_db: end

    thanks serg!

    0
  • D

    Sources updated.
    Please reinstall SG XML (gui) only and test it.
    May be all bugs fixed or no  ::)
    Goodnight,
    Serg.

    0
  • A

    I reinstalled the SG XML and it's working!
    Thank you  ;D

    0
  • D

    @aaron:

    I reinstalled the SG XML and it's working!
    Thank you  ;D

    Yahoooo!  :)

    0
Locked
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy