hi all .
the other day i failed to run dansguardian .
so this time i try squidGuard on openbsd4.3 .
this is my first trial to use filtering .
so my procedure has some mistakes .
to install squidGuard on openbsd4.3
1) nesessary packages
squid-2.6.STABLE18p0-transparent WWW and FTP proxy cache and accelerator
squidGuard-1.2.1p0 filter, redirector and access controller for Squid
2) configuratin files
# /etc/squid/squid.conf
- ----------------------------------------------
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
acl our_networks src 192.168.72.0/24 #<-for my intara network
http_access allow our_networks
http_access deny all
icp_access allow all
acl localclients src 192.168.72.0/24 #<-for my intra network
http_port 3128
hierarchy_stoplist cgi-bin ?
access_log /var/squid/logs/access.log squid
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
coredump_dir /var/squid/cache
redirect_program /usr/local/bin/squidGuard -c
/etc/squidguard/squidguard.conf
/etc/squidguard/squidguard.conf
--------------------------------
dbhome /var/squidguard/db #<- here , i have blacklists data base
logdir /var/squidguard/log
src intra {
ip 192.168.72.0/24
}
###blacklists
# http://www.squidguard.org/Doc/configure.html
# http://www.shallalist.de/Downloads/shallalist.tar.gz
dest porn {
domainlist porn/domains
urllist porn/urls
#expressionlist porn/expressions
}
dest lingerie {
domainlist sex/lingerie/domains
urllist sex/lingerie/urls
}
###
acl {
intra {
#pass !porn !lingerie all
pass !porn !lingerie # is this OK ?
}
default {
pass none
redirect http://nakajin.dyndns.org/dame.html
}
}
3)how to get blacklist
according to http://www.squidguard.org/Doc/configure.htm
#cd /tmp
#wget http://www.shallalist.de/Downloads/shallalist.tar.gz
#tar zxvf shallalist.tar.gz
#cd BL
#cp -Rf porn /var/squidguard/db
#cp -Rf sex /var/squidguard/db
and in order to make Berkeley data base
#cd /var/squidguard/db
#/usr/local/bin/squidGuard -C all
#chown -R _squid /var/squidguard/db/*
4) i can't tell next process may be unnessary or not .
cp /usr/local/share/examples/squidguard/squidGuard.cgi
/var/www/cgi-bin/
5) how to restart squidguard
/root/Squid.bat
--------------------------------------
echo " squid stop "
/usr/local/sbin/squid -k shutdown
ps -ax | grep squid
echo "---"
sleep 10
/usr/local/sbin/squid -k shutdown
ps -ax | grep squid
echo "-------------------------------------"
echo " squid start "
/usr/local/sbin/squid
ps -ax | grep squid
reguard
takesima , a japanese
