Running debian 4 on kernel 2.6.18 and having some problems getting squidguard to read the ACL. The squid proxy is 2.6 and seems to be functioning correctly. Access log shows the traffic proxied. Also, if I move the proxy restriction "deny all|" in front of the "allow our_networks" in the squid.conf file it blocks everything as expected. What seems to not be happening is that redirect to squidGuard to control/manage the ACLs is broken. More likely I have got something wrong with the SquidGuard.conf.

Here is what is in my squid.conf

http_port 172.16.0.254:3128 transparent
http_port 80 transparent
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
access_log /var/log/squid/access.log
cache_log /var/log/squid/debug.log
hosts_file /etc/hosts
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 # https
acl SSL_ports port 563 # snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
acl our_networks src 172.16.0.0/16
http_access allow our_networks
http_access allow localhost
http_access deny all
http_reply_access allow all
icp_access allow all
cache_effective_group proxy
coredump_dir /var/spool/squid
redirect_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf

And here is my squidguard.conf

dbhome /var/lib/squidguard/db
logdir /var/log/squid

dest local {
domainlist local/domains
}

acl {
default {
pass local none
}
}

I'm trying to deny all except for explicitly allowed domains or urls. Here is the output from a command line test.

echo "http://www.ark.com 172.16.0.254/ - - GET" | squidGuard -c etc/squid/squidGuard.conf -d
2008-09-19 17:11:34 [25548] New setting: dbhome: /var/lib/squidguard/db
2008-09-19 17:11:34 [25548] New setting: logdir: /var/log/squid
2008-09-19 17:11:34 [25548] init domainlist /var/lib/squidguard/db/local/domainsProcessing file and database /var/lib/squidguard/db/local/domains
[==================================================] 100 % done
2008-09-19 17:11:34 [25548] squidGuard 1.3 started (1221869494.912)
2008-09-19 17:11:34 [25548] squidGuard ready for requests (1221869494.919)
2008-09-19 17:11:35 [25548] source not found
2008-09-19 17:11:35 [25548] no ACL matching source, using default

2008-09-19 17:11:35 [25548] squidGuard stopped (1221869495.077)

The output does not change if I use an domain that exists in the domain list or not.\


Suggestions??

thanks,
Jeff