# squidGuard



## mzauti (Jun 17, 2010)

Hi,

 I'm having some issue with squidGuard, where the application didnt block any website at all.

My squidGuard.conf

```
dbhome /var/db/squidGuard
logdir /var/log

dest warez {
        domainlist warez/domains
        urllist warez/urls
}

acl {
     default {

          pass          !warez all
          redirect [url]http://my_webserver/blocked.html[/url]
     }
}
```

My squid.conf

```
redirect_program /usr/local/bin/squidGuard -c /usr/local/etc/squid/squidGuard.conf
```

squidGuard -c squidGuard.conf -d 

```
2010-06-17 22:58:04 [1750] loading dbfile /var/db/squidGuard/mail/domains.db
2010-06-17 22:58:04 [1750] init domainlist /var/db/squidGuard/warez/domains
2010-06-17 22:58:04 [1750] loading dbfile /var/db/squidGuard/warez/domains.db
2010-06-17 22:58:04 [1750] init urllist /var/db/squidGuard/warez/urls
2010-06-17 22:58:04 [1750] loading dbfile /var/db/squidGuard/warez/urls.db
2010-06-17 22:58:04 [1750] init domainlist /var/db/squidGuard/gambling/domains
2010-06-17 22:58:04 [1750] loading dbfile /var/db/squidGuard/gambling/domains.db
```

after run `squid -k reconfigure` , i still can access website listed in /var/db/squidGuard/warez/domains

what wrong with my configure?

btw, /var/db/squidGuard folder all own by squid group.

really appreciate helps..


----------



## mzauti (Jun 27, 2010)

an update, but still didn't work

i got this info from 
http://www.kernel-panic.it/openbsd/proxy/proxy4.html

i have changed my squid.conf to 

```
url_rewrite_program /usr/local/bin/squidGuard -c /usr/local/etc/squid/squidGuard
url_rewrite_children    5
url_rewrite_access  allow localhost
```


`fw# echo "http://www.news.com 1.2.3.4/- user GET -" | squidGuard -c /usr/local/etc/squid/squidGuard.conf -d`




```
2010-06-27 22:32:32 [4547] init domainlist /var/db/squidGuard/trusted/domains
2010-06-27 22:32:32 [4547] squidGuard 1.4 started (1277649152.187)
2010-06-27 22:32:32 [4547] squidGuard ready for requests (1277649152.241)
2010-06-27 22:32:32 [4547] source not found
2010-06-27 22:32:32 [4547] no ACL matching source, using default
http://192.168.0.32/blocked.html 1.2.3.4/- user GET
2010-06-27 22:32:32 [4547] squidGuard stopped (1277649152.244)
```

i believe from here http://www.news.com was blocked. however,i still can access the website from web browser.

please note, for testing purposes, i have added http://www.news.com to warez category..


----------



## bluetick (Jun 29, 2010)

Did you run "squidGuard -C all" after adding the http://www.news.com site to be blocked??

Squid owns the rule file but does it have permission to read it?

Did you add a rule to the firewall to redirect all traffic to squid and squidguard??

My pf rule.

```
rdr on $int_if inet proto tcp from any to any port www -> 127.0.0.1 port 8080
```

Be sure to block whatever port squid is using on the external interface, or the world will use you as a springboard.


----------



## mzauti (Jun 30, 2010)

hi bluetick

now it works..
   i just deinstall squid and squidGuard. delete all configuration files and reinstall them back. 
reconfigure the squidGuard.conf as in previous post, and add


```
url_rewrite_program /usr/local/bin/squidGuard -c /usr/local/etc/squid/squidGuard.conf
```

on the squid.conf

can't really trace out where the problem as i retype the setting as in previous configurations.

btw, many thanks for the help.


----------



## gkontos (Jan 7, 2011)

Hi everyone,

I was running squidclamav without any issues and decided to add squidguard as well. My problem is that if I call squidguard from within squidclamav.conf like:

```
squidguard /usr/local/bin/squidGuard -c /usr/locat/etc/squid/squidGuard.conf
```
I get a lot of errors and squid crashes:

```
Jan  7 13:20:44 hp kernel: pid 16756 (squidclamav), uid 100: exited on signal 11 (core dumped)
Jan  7 13:20:44 hp kernel: pid 16759 (squidclamav), uid 100: exited on signal 11 (core dumped)
Jan  7 13:20:44 hp kernel: pid 16757 (squidclamav), uid 100: exited on signal 11 (core dumped)
Jan  7 13:20:44 hp kernel: pid 16758 (squidclamav), uid 100: exited on signal 11 (core dumped)
Jan  7 13:20:44 hp kernel: pid 16760 (squidclamav), uid 100: exited on signal 11 (core dumped)
Jan  7 13:20:44 hp squid[16753]: Squid Parent: child process 16755 exited with status 1
Jan  7 13:20:47 hp squid[16753]: Squid Parent: child process 16769 started
Jan  7 13:20:47 hp (squid): The redirector helpers are crashing too rapidly, need help!
Jan  7 13:20:47 hp kernel: pid 16773 (psqiudi dclamav),16 77u0i d( s1q0u0id: clexaimatev)d,  ounid  1s00ig:na l e1xi1te d( oconr e sdiugnmaple d11)
Jan  7 13:20:47 hp kernel: 
Jan  7 13:20:47 hp kernel: (core dumped)
```
However, if I squidguard is called from squid.conf it works fine but without the squidclamav. Any ideas ?


----------

