Find the answer to your Linux question:
Results 1 to 7 of 7
Hi there, I'm wondering if anyone can help me? I've installed squid & squidguard with the intention of protecting the kids from unwelcome content on the net. When I point ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Feb 2005
    Location
    United Kingdom
    Posts
    4

    Squid & Squidguard


    Hi there,

    I'm wondering if anyone can help me?

    I've installed squid & squidguard with the intention of protecting the kids from unwelcome content on the net.

    When I point my browser to the squid proxy I get the following

    ERROR
    The requested URL could not be retrieved

    While trying to retrieve the URL: http://www.ask.com/

    The following error was encountered:

    * Access Denied.

    Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect.


    I have set the redirection program in squid.conf and pointed it to my squidguard.conf as follows

    redirect_program /etc/sbin/squidguard -c /etc/squid/squidguard.conf

    and am using the following squidguard.conf

    #
    # CONFIG FILE FOR SQUIDGUARD
    #

    dbhome /var/lib/squidguard
    logdir /var/log/squidguard

    #
    # TIME RULES:
    # abbrev for weekdays:
    # s = sun, m = mon, t =tue, w = wed, h = thu, f = fri, a = sat

    #time workhours {
    # weekly mtwhf 08:00 - 16:30
    # date *-*-01 08:00 - 16:30
    #}

    #
    # REWRITE RULES:
    #

    #rew dmz {
    # s@://admin/@://admin.foo.bar.no/@i
    # s@://foo.bar.no/@://www.foo.bar.no/@i
    #}

    #
    # SOURCE ADDRESSES:
    #

    #src admin {
    # ip 1.2.3.4 1.2.3.5
    # user root foo bar
    # within workhours
    #}

    #src foo-clients {
    # ip 172.16.2.32-172.16.2.100 172.16.2.100 172.16.2.200
    #}

    #src bar-clients {
    # ip 172.16.4.0/26
    #}

    #
    # DESTINATION CLASSES:
    #

    #dest good {
    #}

    dest local {
    urllist /etc/squid/local/good/urls
    }

    #dest adult {
    # domainlist dest/adult/domains
    # urllist dest/adult/urls
    # expressionlist dest/adult/expressions
    # redirect #http://admin.foo.bar.no/cgi/blocked?...lass=%t+url=%u
    #}


    acl {
    # admin {
    # pass any
    # }

    # foo-clients within workhours {
    # pass good !in-addr !adult any
    # } else {
    # pass any
    # }

    # bar-clients {
    # pass local none
    # }

    default {
    pass local none
    # rewrite dmz
    redirect 302:www.bbc.co.uk
    }
    }


    Hope somebody can help

    Thanks

    Paul

  2. #2
    Linux Engineer jledhead's Avatar
    Join Date
    Oct 2004
    Location
    North Carolina
    Posts
    1,077
    how bout your squid.conf?? squid gets hit first and then if its rules say its OK it passes to squidguard. look for your ACLs in your squid.conf


    Code:
    acl all src 0.0.0.0/0.0.0.0
    acl manager proto cache_object
    acl localhost src 127.0.0.1/255.255.255.255
    acl SSL_ports port 443 563
    acl Safe_ports port 80		# http
    acl Safe_ports port 21		# ftp
    acl Safe_ports port 443 563	# https, snews
    acl Safe_ports port 70		# gopher
    acl Safe_ports port 210		# wais
    acl Safe_ports port 1025-65535	# unregistered ports
    acl Safe_ports port 280		# http-mgmt
    acl Safe_ports port 488		# gss-http
    acl Safe_ports port 591		# filemaker
    acl Safe_ports port 777		# multiling http
    acl Safe_ports port 901		# SWAT
    acl purge method PURGE
    acl CONNECT method CONNECT
    no_cache deny QUERY
    and then your http_access rules, specificlly this one
    Code:
    http_access allow all

  3. #3
    Just Joined!
    Join Date
    Feb 2005
    Location
    United Kingdom
    Posts
    4
    Thanks for that I'll give that a try and let you know if it worked

  4. #4
    Just Joined!
    Join Date
    Feb 2005
    Location
    United Kingdom
    Posts
    4
    I did that and Squid wouldn't restart after that.I'm going to remove squidguard and get squid working first then install squidguard after that!

  5. #5
    Linux Engineer jledhead's Avatar
    Join Date
    Oct 2004
    Location
    North Carolina
    Posts
    1,077
    Quote Originally Posted by linuxguru
    I did that and Squid wouldn't restart after that.I'm going to remove squidguard and get squid working first then install squidguard after that!
    well why didn't it restart? check your error log, probably /var/log/squid/* and see what it said. I remember I had the access denied problem when I first started using squid and I think squid out of the box installed to not allow any access.

  6. #6
    Just Joined!
    Join Date
    Feb 2005
    Location
    United Kingdom
    Posts
    4
    I've got the squid side of things running,I checked through the logs and spotted the following entry after I'd got squid running :-

    2005/02/06 23:28:20| clientAccessCheck: proxy request denied in accel_only mode
    2005/02/06 23:28:20| clientAccessCheck: proxy request denied in accel_only mode
    After removing the references to accel mode in the conf file I can access the squid proxy and get to websites fine,so fingers crossed now I've got this part done squidguard should be a piece of cake.

    Thanks for your support

    Paul[/code]

  7. #7
    Just Joined!
    Join Date
    Nov 2006
    Posts
    1

    SquidGuard shuts down proxy in IPCop.

    I recently installed the "Addons Server" to my IPCop machine and after downloading SquidGuard and turning it on ALL the computers on my network are unable to surf the web. When I go to the "Status" tab and select "System Status" the "Web Proxy" is shown to be disabled. When I go to the "Services" tab and select "Proxy" then "Save" web access is restored (and according to SquidGuard's documentation SquidGurad is then disabled). Note also that ALL computers loose web access when SquidGuard is Started including those in the "Priviledged IP Range".

    Guidance is greatly appreciated...

    Dave Ovad

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •