Postavila sam squidGuard na testni proxy server, i ne radi (tj. ne zabranjuje ništa, sve prolazi kao da ga nema).
Konfiguracija je u potpunosti testna, tako da mogu da probam sve predloge ;-)
Konfiguracioni fajlovi :
/usr/local/squidGuard/squidGuard.conf
dbhome /usr/local/squidGuard/db
logdir /usr/local/squidGuard/log
src admin {
ip 10.32.34.141
user root
}
src lan {
ip 192.168.112.0/24
}
dest porn {
domainlist /usr/local/squidGuard/db/blacklists/porn/domains
urllist /usr/local/squidGuard/db/blacklists/porn/urls
}
acl {
admin {
pass any
}
lan {
pass !porn all
}
default {
pass !porn all
redirect http://192.168.112.1
}
}
I relevantni deo iz /etc/squid/squid.conf-a :
redirect_program /usr/local/bin/squidGuard -c /usr/local/squidGuard/squidGuard.conf
redirect_children 5
redirector_access deny localhost
redirector_bypass on
Što se vlasništva nad /usr/local/squidGuard/db/blacklists i /usr/local/squidGuard/log fajlova i konfiguracionog fajla tiče :
-rw-r--r-- 1 squid squid 799 Jun 5 15:26 squidGuard.conf
drwxr-xr-x 3 squid root 4.0K Jun 4 12:34 db
drw-r--r-- 2 squid squid 4.0K Jun 4 15:19 log
drwxr-xr-x 13 squid squid 4.0K Jun 4 12:34 blacklists
drwxr-xr-x 2 squid squid 4.0K Jun 5 09:38 porn
-rw-r--r-- 1 squid squid 0 Jun 4 15:19 porn.log
-rw-r--r-- 1 squid squid 11K Jun 5 11:19 squidGuard.log
Blacklists su prevedeni u db format bez ikakvih problema.
ALI kada uradim # squidclient -p 8080 mgr:redirect ne dobijam stranu koju sam navela kao redirect stranu (kod mene je to default strana Apache-a na proxy serveru) nego ovo :
HTTP/1.0 404 Not Found
Server: squid/2.5.STABLE14
Mime-Version: 1.0
Date: Wed, 06 Jun 2007 07:37:06 GMT
Content-Type: text/html
Content-Length: 1207
Expires: Wed, 06 Jun 2007 07:37:06 GMT
X-Squid-Error: ERR_INVALID_URL 0
X-Cache: MISS from balrog.trezor
(ovo je samo prvih par redova)
Takođe kada uradim testiranje za zabranjenu stranu (iz "porn" liste) :
]# echo "http://www.pussy.com 192.168.112.2/ - - GET" | squidGuard -c /usr/local/squidGuard/squidGuard.conf -d
2007-06-06 09:40:05 [7610] New setting: dbhome: /usr/local/squidGuard/db
2007-06-06 09:40:05 [7610] New setting: logdir: /usr/local/squidGuard/log
2007-06-06 09:40:05 [7610] Added User: root
2007-06-06 09:40:05 [7610] init domainlist /usr/local/squidGuard/db/blacklists/porn/domains
2007-06-06 09:40:05 [7610] loading dbfile /usr/local/squidGuard/db/blacklists/porn/domains.db
2007-06-06 09:40:05 [7610] init urllist /usr/local/squidGuard/db/blacklists/porn/urls
2007-06-06 09:40:05 [7610] loading dbfile /usr/local/squidGuard/db/blacklists/porn/urls.db
2007-06-06 09:40:05 [7610] squidGuard 1.2.1 started (1181115605.624)
2007-06-06 09:40:05 [7610] squidGuard ready for requests (1181115605.685)
http://192.168.112.1 192.168.112.2/- - -
2007-06-06 09:40:05 [7610] squidGuard stopped (1181115605.707)
Gde je 192.168.112.2 IP adresa klijentske mašine. ovo izgleda OK (linije sa http://192.168.112.1 nema ako probam sajt koji nije zabranjen, kao npr. google). Ovo upućuje na to da priča funkcioniše, ali nije tako. ako sa klijentske mašine probam zabranjeni sajt, jednostavno dobijem da URL is not available, a NE redirektovanu stranu. I u /usr/local/squidGuard/log/porn.log i squidGuard.log nema ničega po tom pitanju (samo u /var/log/squid/access.log, normalna priča o access-u strani).
IDEJE???
Jer ja ih više nemam. Posle priličnih pretraga po Internetu, konstatovala sam da je sve ovo gore košer, ali ipak ne radi....