Did you check the squidguard installation without squid?
----------------------------------------------------------------------------
-----
First basic test: Does squidguard block a site from the blacklist?
----------------------------------------------------------------------------
-----
My own test shell for this case:
#!/bin/sh
#
SG_HOME=/usr/local/squidGuard
SG=/usr/local/bin/squidGuard
SG_CONF=$SG_HOME/etc/squidguard.conf
LD_LIBRARY_PATH=/usr/local/BerkeleyDB.4.0/lib
export LD_LIBRARY_PATH
echo "http://www.sex.com 10.23.4.134/- - GET" | \
$SG -c $SG_CONF -d
Output:
2003-10-14 08:49:49 [106687] Request(default/porn/-) http://www.sex.com
10.23.4134/- - GET
http://boge-proxy/cgi-bin/squidGuard.cgi?clientaddr=10.23.4.134&clientname=&;
clintuser=&clientgroup=default&targetgroup=porn&url=http://www.sex.com
10.23.4.134- - GET
<################# NO BLANK LINE: blocked!
###################
2003-10-14 08:49:49 [106687] squidGuard stopped (1066114189.332)
----------------------------------------------------------------------------
--------
Second basic test: Does squidguard show sites that are not part of the
blacklist?
----------------------------------------------------------------------------
--------
My own test shell for this case:
#!/bin/sh
#
SG_HOME=/usr/local/squidGuard
SG=/usr/local/bin/squidGuard
SG_CONF=$SG_HOME/etc/squidguard.conf
LD_LIBRARY_PATH=/usr/local/BerkeleyDB.4.0/lib
export LD_LIBRARY_PATH
echo "http://www.google.de 10.23.4.134/- - GET" | \
$SG -c $SG_CONF -d
Output:
2003-10-14 08:52:43 [106728] squidGuard 1.2.0 started (1066114363.578)
2003-10-14 08:52:43 [106728] squidGuard ready for requests
(1066114363.659)
< ####### blank line: site is not blocked #########
2003-10-14 08:52:43 [106728] squidGuard stopped (1066114363.661)
Mit freundlichem Gru� / regards
Werner Rost
GM-FIR - Netzwerk
ZF Boge Elastmetall GmbH
Friesdorfer Str. 175
53175 Bonn
Tel. +49 228 38 25 - 420
Fax +49 228 38 25 - 398
mailto:[EMAIL PROTECTED]
www.zf.com/boge-elastmetall
> -----Urspr�ngliche Nachricht-----
> Von: Dan Egli [mailto:[EMAIL PROTECTED]
> Gesendet: Montag, 13. Oktober 2003 19:22
> An: [EMAIL PROTECTED]
> Betreff: [squid-users] SquidGuard not relaying??
>
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Ok. Hopefully someone here can help me out. I tried sending
> this to the squidguard list, but I think it's defunct or
> somthing because I got no replies and didn't even get a copy
> of my own messages.
>
> I'm trying to use squidGuard with squid to provide a filter
> for our internet connection here at home. I installed the
> blacklists, configured squidGuard to read the blacklist (at
> least I THOUGHGT I did), configured squid to call squidGuard, etc...
>
> Problem 1: On a graphical browser (internet explorer,
> netscape, mozilla, etc..) when traffic is directed to the
> proxy, it just sits there, forever. Does not matter if the
> site is blacklisted or not
>
> Problem 2: on a text only browser (tested using elinks), the
> proxy allows access to ANY site, blacklisted or not. I called
> elinks as: HTTP_PROXY='localhost:3128' elinks www.blacklsitedsite.com
>
> the result was that squid grabbed the home page from
> blacklisted site and forwarded it to the browser. I know it
> went through squid because in squid's access log I see a HTTP
> MISS for the site.
>
> I'm including my squidGuard and squid config files. Can
> anyone shed any light on whats up?
>
> thanks!!
>
> - --- Dan
>
> squidGuard.conf:
>
> #
> # CONFIG FILE FOR SQUIDGUARD
> #
> # See http://www.squidguard.org/config/ for more examples
> #
>
> dbhome /var/squidGuard/blacklists
> logdir /var/log/squidGuard
>
> dest ads {
> ~ log ads
> ~ domainlist ads/domains
> ~ urllist ads/urls
> }
>
> dest audio-video {
> ~ log audio-video
> ~ domainlist audio-video/domains
> ~ urllist audio-video/urls
> }
>
> dest aggressive {
> ~ log aggressive
> ~ domainlist aggressive/domains
> ~ urllist aggressive/urls
> }
>
> dest drugs {
> ~ log drugs
> ~ domainlist drugs/domains
> ~ urllist drugs/urls
> }
>
> dest gambling{
> ~ log gambling
> ~ domainlist gambling/domains
> ~ urllist gambling/urls
> }
>
> dest hacking {
> ~ log hacking
> ~ domainlist hacking/domains
> ~ urllist hacking/urls
> }
>
> #dest mail {
> # log mail
> # domainlist mail/domains
> # urllist mail/urls
> #}
>
> dest porn{
> ~ log porn
> ~ domainlist porn/domains
> ~ urllist porn/urls
> }
>
> #dest proxy{
> # log proxy
> # domainlist proxy/domains
> # urllist proxy/urls
> #}
>
> dest violence{
> ~ log violence
> ~ domainlist violence/domains
> ~ urllist violence/urls
> }
>
> dest warez{
> ~ log warez
> ~ domainlist warez/domains
> ~ urllist warez/urls
> }
>
> #dest local-ok{
> # domainlist local-ok/domains
> # urllist local-ok/urls
> #}
>
> #dest local-block{
> # log local-block
> # domainlist local-block/domains
> # urllist local-block/urls
> #}
>
>
> acl {
> ~ default {
> ~ pass !aggressive !drugs !gambling !hacking !porn !violence
> !warez all
>
> ~ redirect
> 302:http://eglifamily.dnsalias.net/cgi-bin/squidGuard.cgi?clie
> ntaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetgroup
> =%t&url=%u
> ~ # redirect
> 302:http://eglifamily.dnsalias.net/cgi-bin/squidGuard-simple.c
> gi?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targ
> etclass=%t&url=%u
> ~ }
> }
>
>
> squid.conf:
> (whole file is over 100k, but here's the redirector line)
>
> # TAG: redirect_program
> # Specify the location of the executable for the URL redirector.
> # Since they can perform almost any function there isn't
> one included.
> # See the FAQ (section 15) for information on how to write one.
> # By default, a redirector is not used.
> #
> #Default:
> # none
>
> redirect_program /usr/local/bin/squidGuard -c
> /etc/squid/squidGuard.conf redirect_children 5
>
>
>
>
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.1 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQE/it8GtwT22Jak4/4RAs2BAJ9lSG4p+7glE4y/5IY1NuwppuzBKQCg3YGV
> uxxSkwbzqseYGcLwrwh2E3Y=
> =Ylda
> -----END PGP SIGNATURE-----
>
>
