Is the squidguard package stable at the moment…..



  • I occasionally get the implode type of error when I've deleted a destination group or blacklist group and haven't gone through all the ACLs to update them.  Perhaps it's a similar problem?

    Also, heiko, I am using squidGuard in a production environment and am happy with the results.



  • This happens on fresh install with no destination groups deleted. It happens after uploading Blacklist or hitting apply changes. Then error goes away and no content is blocked.



  • Thanks for previous bug-report's.
    I fix it (may be  >:( ) and update sources.
    If possible check this bugs now.

    Also i remake ACL-ordering code for more stable.



  • Seems to be working now. Since the last few changes, I can no longer access the blocked log report tab….I get block_log report disabled. The other thing I'm trying to figure out is how to whitelist certain sites that are in the blacklist...



  • I can no longer access the blocked log report tab....I get block_log report disabled.
    

    I disable this function. After short time i return to renew this code with more quick algorithm (i houpe).
    If you need this now - you can modify squidGuard.php:

    • comment with '#' line 710
    #                                $slog .= 'block_log report disabled';  
    
    • delete '/' and '/' symbols in  711 and 747 lines.

    ps this actual on today time; in next time code can changed.



  • Sorry dvserg, i wouldn´t set off an avalanche with my question.
    Greetings
    Heiko



  • I finally figured out how to whitelist a url that's blacklisted. In destination tab I created a whitelist and blacklist. When I put a url that I want to add to the blacklist it worked. However when I put a url that I want to whitelist it still didn't work. I looked in the squidgaurd config and found this:
    dest whitelist {
    domainlist whitelist/domains
    urllist whitelist/urls
    log block.log
    }

    dest Blacklist {
    domainlist Blacklist/domains
    urllist Blacklist/urls
    redirect http://192.168.0.1/sgerror.php?url=http://www.yahoo.com&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
    log block.log
    }

    acl {
    default {
    pass !blk_BL_adv !blk_BL_aggressive !blk_BL_chat !blk_BL_drugs !blk_BL_gamble !blk_BL_hacking !blk_BL_porn !blk_BL_redirector !blk_BL_spyware !blk_BL_tracker !blk_BL_warez whitelist !Blacklist all
    redirect http://192.168.0.1/sgerror.php?url=http://www.yahoo.com&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
    }
    }

    However the my whitelist and blacklist were added to the back of the config. I edited my xml config and replaced it with this:
    dest whitelist {
    domainlist whitelist/domains
    urllist whitelist/urls
    log block.log
    }

    dest Blacklist {
    domainlist Blacklist/domains
    urllist Blacklist/urls
    redirect http://192.168.0.1/sgerror.php?url=http://www.yahoo.com&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
    log block.log
    }

    acl {
    default {
    pass whitelist !Blacklist !blk_BL_adv !blk_BL_aggressive !blk_BL_chat !blk_BL_drugs !blk_BL_gamble !blk_BL_hacking !blk_BL_porn !blk_BL_redirector !blk_BL_spyware !blk_BL_tracker !blk_BL_warez all
    redirect http://192.168.0.1/sgerror.php?url=http://www.yahoo.com&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
    }
    }

    I put my whitelist and blacklist in front of the file…..it now works.



  • @ColdFusion:

    I put my whitelist and blacklist in front of the file…..it now works.

    You wanted say, what SG dest order has important meaning?
    I not found information in manuals about this
    If you can - please help find it fo me - this is really important.
    Thanks.



  • Maybe I should clarify. The order seems important. If you look at the example above I just moved the whitelist to the front. The additional blacklist created doesn’t matter the order. I found the info at http://squidguard.shalla.de/Doc/configure.html

    1. Whitelisting

    Sometimes there is a demand to allow specific URLs and domains although they are part of the blocklists for a good reason. In this case you want to whitelist these domains and URLs.
    Defining a whitelist
    dest white {
    domainlist white/domains
    urllist white/urls
    }

    acl {
            default {
                    pass    white !adv !porn !warez all
                    redirect http://localhost/block.html
                    }

    }

    Basically the whitelist works before the blacklist.



  • I guess one would get the same result if you named your whitelist something like AA….first order seems to be ads.....Example AA ads aggressive......

    acl {
    default {
    pass AA !blk_adv !blk_BL_aggressive !blk_BL_chat !blk_BL_drugs !blk_BL_gamble !blk_BL_hacking !blk_BL_porn !blk_BL_redirector !blk_BL_spyware !

    didn't try this though but should work.

    John



  • Thanks!!!
    English causes some difficulties for me, and nuances sometimes disappear  :-\

    A chnange config generator AS:
    pass <allow_rules><block_rules>all|none</block_rules></allow_rules>



  • After a de-install and reinstallation of SG i get the following error each time i press apply in the general settings tab:

    Warning: implode(): Bad arguments. in /usr/local/pkg/squidguard_configurator.inc on line 312 Warning: Cannot modify header information - headers already sent by (output started at /usr/local/pkg/squidguard_configurator.inc:312) in /usr/local/www/pkg_edit.php on line 35

    ..and nothing is blocked anymore :(

    pls help!



  • @acidrop:

    After a de-install and reinstallation of SG i get the following error each time i press apply in the general settings tab:

    Warning: implode(): Bad arguments. in /usr/local/pkg/squidguard_configurator.inc on line 312 Warning: Cannot modify header information - headers already sent by (output started at /usr/local/pkg/squidguard_configurator.inc:312) in /usr/local/www/pkg_edit.php on line 35

    ..and nothing is blocked anymore :(

    pls help!

    I had the same problem. I had to reinstall the package xml…then that cleared up the error and everything is working fine.



  • Well, I spoke to soon….There were changes to SquidGuard today, so  I downloaded it again on a test box to see if I get the error....and I am.......Warning: implode(): Bad arguments. in /usr/local/pkg/squidguard_configurator.inc on line 312 Warning: Cannot modify header information - headers already sent by (output started at /usr/local/pkg/squidguard_configurator.inc:312) in /usr/local/www/pkg_edit.php on line 35



  • Fixed Please update package.  :-[



  • thnx for the quick fix!  ;D



  • @acidrop:

    thnx for the quick fix!  ;D

    I have found this yesterday and has corrected, but has forgotten to save to pfsense.com



  • Hi,
    now SG works for me with a fresh installation of 1.2rc5 and your updates for SQ. First of all, thank you very much. I have setup the default config, no special destinations, times and so on…..
    The redirector page does not work for me. For each blocked url i became

    While trying to retrieve the URL: https://192.168.6.1:61003/sgerror.php?
    The following error was encountered: ........

    Furthermore i cannot fetch the blocked url´s at the log-tab, is reporting disabled?

    The checkboxes for choosing the blocked destinations on the default tab (default access | all -- deny access) cannot always save if i click on the save button, sometimes it is saved with checked, sometimes is after a php-reload the checkbox again unchecked.....

    I have special rewrites on the "rewrite tab"  and cannot save the rewrite because i have in the rewrite-name a non-valid-symbol so all of my typed rewrite were lost. And how the rewrites works?? I have a rewrite and choose this rewrite template at the "default" tab, the click save and apply (General settings), but the rewrite is not function....

    Without a correct redirect and a blocked-url-log i cannot say to the staff member which is passed.....

    My config errors maybe....

    Greetings
    Heiko



  •  https://192.168.6.1:61003/sgerror.php?
    

    This is big problem for use Internal error generator 'sgerror.php' and https
    I can't view way for 'frienship' this
    In https gui mode you must set 'Redirect mode' as external (General page) and use ext page in ext server  >:(
    –-
    Log tab i today recreated (old version very slowly on big log's)
    Pls Reinstall and check this.

    Rewrites work as replacer url or url-template to specified you url
    for example
    */porn.jpg - http://myweb.com/pornstop.jpg
    replace all pron.jpg to you pornstop.jpg
    if you can - place screenshots of error-names.
    I can't retry you error (test rc-4 and rc-2).

    ps where take rc-5?
    Best regards.
    Serg



  • OK, i will do
    Thanks



  • dvserg,

    Nice work. SG is working great. My whitelist is working perfectly and now the block logging works.

    Outstanding Job!!

    John



  • OK, block logging works, thanks, but why is www.google.de blocked from "filter/porn". I don´t know, i think i must setup also a whitelist….

    If i setup the redirect to external , nothing blocks anymore. I have made severals "saves and applys" on the general and default. Nothing happens.

    Greetings
    Heiko



  • @dvserg:

     
    Rewrites work as replacer url or url-template to specified you url
    for example
    */porn.jpg - http://myweb.com/pornstop.jpg
    replace all pron.jpg to you pornstop.jpg
    if you can - place screenshots of error-names.
    I can't retry you error (test rc-4 and rc-2).
    
    ps where take rc-5?
    Best regards.
    Serg
    
    

    Ah, i will test it again with rewrites and here you can get rc5/release
    http://snapshots.pfsense.org/FreeBSD6/RELENG_1_2/updates/


Log in to reply