OpenSuse 12.3 mit squid und squidguard
Posted: 03. Sep 2013 8:44
Ich habe OpeneSuse 12.3 installiert sowie squid mit redirect auf squidguard.Soweit läuft auch fast alles.
Allerding filtert der squidguard nicht bei mir? Kann mir jemand einen Tip geben.
Anbei meine squid.conf
und meine squidguard.conf
Also das Fehlerbild ist halt, rufe ich die gespeerten Seiten auf, bekomme ich sie angezeigt , anstatt eine Fehlermeldung.
Besten Dank im vorraus
Allerding filtert der squidguard nicht bei mir? Kann mir jemand einen Tip geben.
Anbei meine squid.conf
Code: Select all
#
# Recommended minimum configuration:
#
# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl localnet src fc00::/7 # RFC 4193 local private network range
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
#
# Recommended minimum Access Permission configuration:
#
# Only allow cachemgr access from localhost
http_access allow localhost manager
http_access deny manager
# Deny requests to certain unsafe ports
http_access deny !Safe_ports
# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports
# We strongly recommend the following be uncommented to protect innocent
# web applications running on the proxy server who think the only
# one who can access services on "localhost" is a local user
#http_access deny to_localhost
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#
# Example rule allowing access from your local networks.
# Adapt localnet in the ACL section to list your (internal) IP networks
# from where browsing should be allowed
http_access allow localnet
# Allow localhost always proxy functionality
http_access allow localhost
# And finally deny all other access to this proxy
http_access deny all
# Squid normally listens to port 3128
http_port 3128
# Uncomment and adjust the following to add a disk cache directory.
#cache_dir aufs /var/cache/squid 100 16 256
# Leave coredumps in the first cache dir
coredump_dir /var/cache/squid
# Add any of your own refresh_pattern entries above these.
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
#Eintrag vom 2013/09/02 C.Dahlum
url_rewrite_program /usr/sbin/squidGuard -c /etc/squidguard.conf
url_rewrite_children 4
Code: Select all
logdir /var/log/squidGuard
dbhome /var/lib/squidGuard/db/squidguard-blacklists
dest ads {
domainlist ads/domains
urllist ads/urls
# enable next line to log blocked urls
# log ads-block.log
}
dest aggressive {
domainlist aggressive/domains
urllist aggressive/urls
# enable next line to log blocked urls
# log aggressive-block.log
}
dest audio-video {
domainlist audio-video/domains
urllist audio-video/urls
# enable next line to log blocked urls
# log audio-video-block.log
}
dest drugs {
domainlist drugs/domains
urllist drugs/urls
# enable next line to log blocked urls
# log drugs-block.log
}
dest gambling {
domainlist gambling/domains
urllist gambling/urls
# enable next line to log blocked urls
# log gambling-block.log
}
dest hacking {
domainlist hacking/domains
urllist hacking/urls
# enable next line to log blocked urls
# log hacking-block.log
}
dest mail {
domainlist mail/domains
# enable next line to log blocked urls
# log mail-block.log
}
dest porn {
domainlist porn/domains
urllist porn/urls
# expressionlist squidguard-blacklists/porn/expressions
# enable next line to log blocked urls
# log porn-block.log
}
dest proxy {
domainlist proxy/domains
urllist proxy/urls
# enable next line to log blocked urls
# log proxy-block.log
}
dest sexuality {
domainlist sexuality/domains
urllist sexuality/urls
# expressionlist squidguard-blacklists/sexuality/expressions
# enable next line to log blocked urls
# log porn-block.log
}
dest sexualityeducation {
domainlist sexualityeducation/domains
urllist sexualityeducation/urls
# expressionlist squidguard-blacklists/sexualityeducation/expressions
# enable next line to log blocked urls
# log porn-block.log
}
dest shopping {
domainlist shopping/domains
urllist shopping/urls
# expressionlist squidguard-blacklists/shopping/expressions
# enable next line to log blocked urls
# log porn-block.log
}
dest sportnews {
domainlist sportnews/domains
urllist sportnews/urls
# expressionlist squidguard-blacklists/sportnews/expressions
# enable next line to log blocked urls
# log porn-block.log
}
dest spyware {
domainlist spyware/domains
urllist spyware/urls
# expressionlist squidguard-blacklists/spyware/expressions
# enable next line to log blocked urls
# log porn-block.log
}
dest tobacco {
domainlist tobacco/domains
urllist tobacco/urls
# expressionlist squidguard-blacklists/tobacco/expressions
# enable next line to log blocked urls
# log porn-block.log
}
dest translation {
domainlist translation/domains
urllist translation/urls
# expressionlist squidguard-blacklists/transaltion/expressions
# enable next line to log blocked urls
# log porn-block.log
}
dest updatesites {
domainlist updatesites/domains
urllist updatesites/urls
# expressionlist squidguard-blacklists/updatesites/expressions
# enable next line to log blocked urls
# log porn-block.log
}
dest vacation {
domainlist vacation/domains
urllist vacation/urls
# expressionlist squidguard-blacklists/vacation/expressions
# enable next line to log blocked urls
# log porn-block.log
}
dest warez {
domainlist warez/domains
urllist warez/urls
# enable next line to log blocked urls
# log warez-block.log
}
dest weapons {
domainlist weapons/domains
urllist weapons/urls
# expressionlist squidguard-blacklists/weapons/expressions
# enable next line to log blocked urls
# log porn-block.log
}
dest good {
domainlist custom/good/domains
}
dest bad {
domainlist custom/bad/domains
# enable next line to log blocked urls
# log bad.log
}
acl {
default {
pass good !bad !ads !aggressive !drugs !gambling !hacking !porn !proxy !sexuality !sexualityeducation !shopping !sportnews !spyware !tobacco !translation !updatesites !vacation !weapons !warez !in-addr all
# redirect 302:http://localhost/verboten.html
# redirect 302:http://localhost/cgi-bin/squidGuard-simple.cgi/?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetclass=%t&url=%u
redirect 302:http://localhost/cgi-bin/squidGuard-simple.cgi/?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetclass=%t
# redirect 302:http://localhost/cgi-bin/squidGuard.cgi/?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetclass=%t&url=%u
}
}
Besten Dank im vorraus