[Fwd: Squid / SquidGuard Issue]
chrisl at xp.etowns.net
chrisl at xp.etowns.net
Tue Sep 12 14:08:10 UTC 2006
I found that in switching from one blacklist to the other, One of the
former blacklists had a "expressions" db for one of the categories that
was not in the new blacklist. So when the squidguard processes were
spawned they would error off and a new process would start and error
off, and so on and so forth. Once I removed the non-existent db from the
config file, everything was ok.
-------- Original Message --------
Subject: Squid / SquidGuard Issue
Date: Mon, 11 Sep 2006 12:16:41 -0500
From: chrisl at xp.etowns.net <chrisl at xp.etowns.net>
Reply-To: Ubuntu user technical support, not for general discussions
<ubuntu-users at lists.ubuntu.com>
To: ubuntu-users at lists.ubuntu.com
We have implemented Squid with Squidguard and had it successfully
running with the black lists from
http://ftp.teledanmark.no/pub/www/proxy/squidGuard/contrib/blacklists.tar.gz
We had run across a blacklist at:
http://ftp.teledanmark.no/pub/www/proxy/squidGuard/contrib/blacklists.tar.gz
This list blocks quite a few more sites and was more of what we wanted
to use, so we implemented it.
When starting squid with the new blacklists, the squidguard processes go
nuts and start creating numerous BDB***** files in the /var/tmp
directory. It will keep creating these files until the disk is full. I
even attached a 8gb drive to /var/tmp in case it was a space issue and
it too was filled up with these files. This behavior does not occur with
the initial blacklists we used.
There were 300+ plus BDB* files in the directory when it ran out of space.
-rw------- 1 proxy proxy 27328512 2006-09-11 06:25 BDB01117
-rw------- 1 proxy proxy 27328512 2006-09-11 06:25 BDB01118
-rw------- 1 proxy proxy 27328512 2006-09-11 06:25 BDB01119
-rw------- 1 proxy proxy 27328512 2006-09-11 06:25 BDB01120
-rw------- 1 proxy proxy 27328512 2006-09-11 06:27 BDB01180
-rw------- 1 proxy proxy 27328512 2006-09-11 06:28 BDB01181
-rw------- 1 proxy proxy 27328512 2006-09-11 06:28 BDB01182
-rw------- 1 proxy proxy 27328512 2006-09-11 06:28 BDB01183
-rw------- 1 proxy proxy 27328512 2006-09-11 06:28 BDB01184
-rw------- 1 proxy proxy 27328512 2006-09-11 06:30 BDB01208
-rw------- 1 proxy proxy 27328512 2006-09-11 06:30 BDB01209
-rw------- 1 proxy proxy 27328512 2006-09-11 06:30 BDB01210
-rw------- 1 proxy proxy 27328512 2006-09-11 06:30 BDB01211
-rw------- 1 proxy proxy 27328512 2006-09-11 06:30 BDB01212
The contents of the files are urls and address of items in the blacklists.
My squidguard.conf files is as follows
#
# CONFIG FILE FOR SQUIDGUARD
#
dbhome /var/lib/squidguard/db
logdir /var/log/squid
#
# TIME RULES:
# abbrev for weekdays:
# s = sun, m = mon, t =tue, w = wed, h = thu, f = fri, a = sat
time workhours {
weekly mtwhf 08:00 - 16:30
date *-*-01 08:00 - 16:30
}
#
# REWRITE RULES:
#
#rew dmz {
# s@://admin/@://admin.foo.bar.no/@i
# s@://foo.bar.no/@://www.foo.bar.no/@i
#}
#
# SOURCE ADDRESSES:
#
#src admin {
# ip 1.2.3.4 1.2.3.5
# user root foo bar
# within workhours
#}
#src foo-clients {
# ip 172.16.2.32-172.16.2.100 172.16.2.100 172.16.2.200
#}
#src bar-clients {
# ip 172.16.4.0/26
#}
#
# DESTINATION CLASSES:
#
source mynetwork.net {
ip 192.168.50.0/24
ip 192.168.32.0/24
ip 192.168.18.0/24
ip 192.168.12.0/24
ip 192.168.16.0/24
ip 192.168.8.0/24
ip 192.168.20.0/24
}
destination bl_ads {
domainlist blacklists/ads/domains
urllist blacklists/ads/urls
}
destination bl_aggressive {
domainlist blacklists/aggressive/domains
urllist blacklists/aggressive/urls
}
destination bl_audio-video {
domainlist blacklists/audio-video/domains
urllist blacklists/audio-video/urls
}
destination bl_drugs {
domainlist blacklists/drugs/domains
urllist blacklists/drugs/urls
}
destination bl_gambling {
domainlist blacklists/gambling/domains
urllist blacklists/gambling/urls
}
destination bl_hacking {
domainlist blacklists/hacking/domains
urllist blacklists/hacking/urls
}
destination bl_mail {
domainlist blacklists/mail/domains
}
destination bl_porn {
domainlist blacklists/porn/domains
urllist blacklists/porn/urls
}
destination bl_proxy {
domainlist blacklists/proxy/domains
urllist blacklists/proxy/urls
}
destination bl_redirector {
domainlist blacklists/redirector/domains
urllist blacklists/redirector/urls
}
destination bl_spyware {
domainlist blacklists/spyware/domains
urllist blacklists/spyware/urls
}
destination bl_violence {
domainlist blacklists/violence/domains
urllist blacklists/violence/urls
expressionlist blacklists/violence/expressions
}
destination bl_warez {
domainlist blacklists/warez/domains
urllist blacklists/warez/urls
}
#destination adult {
# domainlist adult.destdomainlist
#}
dest good {
}
dest local {
}
#dest adult {
# domainlist adult/domains
# urllist adult/urls
# expressionlist adult/expressions
# redirect
http://admin.foo.bar.no/cgi-bin/squidGuard.cgi?clientaddr=%a+clientname=%n+clientident=%i+srcclass=%s+targetclass=%t+url=%u
#}
acl {
goxroads.net {
pass !bl_porn !bl_warez !bl_violence !bl_proxy !bl_hacking
!bl_gambling !bl_drugs !bl_audio-video !bl_aggressive !bl_ads !adult
redirect http://prx2.goxroads.net:8080
}
# admin {
# pass any
# }
# foo-clients within workhours {
# pass good !in-addr !adult any
# } else {
# pass any
# }
# bar-clients {
# pass local none
# }
default {
pass local none
# rewrite dmz
# redirect
http://admin.foo.bar.no/cgi-bin/squidGuard.cgi?clientaddr=%a+clientname=%n+clientident=%i+srcclass=%s+targetclass=%t+url=%u
}
}
--
ubuntu-users mailing list
ubuntu-users at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
More information about the ubuntu-users
mailing list