Can't find a topic covering this, but are there any free packages out there that can be used to set up the B2 BlueCoat wise? That is to filter internet traffic based on content, like drugs, war, smurf?
And even more super would be if I could assign different categories to different computers on the LAN! (Kids of different ages on the LAN who should be restricted, but not myself or the missus.)
Cheers,
Hammer
New user's registration have been closed due to high spamming and low trafic on this forum. Please contact forum admins directly if you need an account. Thanks !
Firewall content filtering
Hi
check out Squid en SquidGuard http://forum.excito.net//viewtopic.php?t=1315
you can create simple rules, but also complex like the one you want.
cheers
Eek
check out Squid en SquidGuard http://forum.excito.net//viewtopic.php?t=1315
you can create simple rules, but also complex like the one you want.
cheers
Eek
works too good
try this
vi /etc/squid/squidGuard.conf
Alternatively you can restore the firewall rules and everything should work as normal again.dbhome /var/lib/squidguard/db
logdir /var/log/squid
acl {
default {
pass all
redirect http://localhost/block.html
}
}
cheers
Eek
log's last lines says:
2009-03-05 18:50:48 [11661] squidGuard ready for requests (1236275471.792)
2009-03-05 18:50:48 [11662] destblock good missing active content, set inactive
2009-03-05 18:50:48 [11662] destblock local missing active content, set inactive
2009-03-05 18:50:48 [11662] squidGuard 1.2.0 started (1236275471.794)
2009-03-05 18:50:48 [11662] squidGuard ready for requests (1236275471.798)
2009-03-05 18:50:48 [11663] destblock good missing active content, set inactive
2009-03-05 18:50:48 [11663] destblock local missing active content, set inactive
2009-03-05 18:50:48 [11663] squidGuard 1.2.0 started (1236275471.824)
2009-03-05 18:50:48 [11663] squidGuard ready for requests (1236275471.827)
2009-03-05 18:50:48 [11664] destblock good missing active content, set inactive
2009-03-05 18:50:48 [11664] destblock local missing active content, set inactive
2009-03-05 18:50:48 [11664] squidGuard 1.2.0 started (1236275471.855)
2009-03-05 18:50:48 [11664] squidGuard ready for requests (1236275471.859)
EDIT: Replaced the squidguard.conf to contain ONLY your lines, and restarted. Same thing. Can surf wherever.
2009-03-05 18:50:48 [11661] squidGuard ready for requests (1236275471.792)
2009-03-05 18:50:48 [11662] destblock good missing active content, set inactive
2009-03-05 18:50:48 [11662] destblock local missing active content, set inactive
2009-03-05 18:50:48 [11662] squidGuard 1.2.0 started (1236275471.794)
2009-03-05 18:50:48 [11662] squidGuard ready for requests (1236275471.798)
2009-03-05 18:50:48 [11663] destblock good missing active content, set inactive
2009-03-05 18:50:48 [11663] destblock local missing active content, set inactive
2009-03-05 18:50:48 [11663] squidGuard 1.2.0 started (1236275471.824)
2009-03-05 18:50:48 [11663] squidGuard ready for requests (1236275471.827)
2009-03-05 18:50:48 [11664] destblock good missing active content, set inactive
2009-03-05 18:50:48 [11664] destblock local missing active content, set inactive
2009-03-05 18:50:48 [11664] squidGuard 1.2.0 started (1236275471.855)
2009-03-05 18:50:48 [11664] squidGuard ready for requests (1236275471.859)
EDIT: Replaced the squidguard.conf to contain ONLY your lines, and restarted. Same thing. Can surf wherever.
Great.
the simple concept is that in the config file squidGuard.conf you specify a dest and in the acl specify what to do.
if you go to /var/lib/squidguard/db/blacklists you see all the categories you can allow or block, for example gambling
and restart squid
Now try one of the urls in /var/lib/squidguard/db/blacklists/gambling/urls
also see http://www.squidguard.org/Doc/ for basic and extended examples.
cheers
Eek
the simple concept is that in the config file squidGuard.conf you specify a dest and in the acl specify what to do.
if you go to /var/lib/squidguard/db/blacklists you see all the categories you can allow or block, for example gambling
initialize or update the databasesdbhome /var/lib/squidguard/db
logdir /var/log/squid
dest gambling {
domainlist blacklists/gambling/domains
urllist blacklists/gambling/urls
log gamblingaccesses
}
acl {
default {
pass !gambling all
redirect http://bubba/block.html
}
}
Code: Select all
squidGuard -C all
chown -R proxy:proxy /var/lib/squidguard/db/* Code: Select all
/etc/init.d/squid restartalso see http://www.squidguard.org/Doc/ for basic and extended examples.
cheers
Eek
Re: Firewall content filtering
Please help me with some squid / squidguard problems.
I installed squid and squidguard as told on how to in this forum.
All went ok. Changed the proxy port to 8080 (which should be fine...)
Rerouted IP etc.
- But from that moment I cannot access my bubba from the outside via internet. (on my local network it does fine).
- Problem which i have is that it blocks everything or nothing. This is related to the squidguard.conf.
In the blacklists .db are made (for example gambling eg). So squidguard sees my blacklist!
When I remove the # for the domainlist or the urllist everything gets blocked. When placed nothing gets blocked which is understandable of course but I don't understand why everything gets blocked.
My squidguard listed:
dbhome /var/lib/squidguard/db
logdir /var/log/squid
#dest gambling {
# domainlist blacklists/gambling/domains
# urllist blacklists/gambling/urls
# log gamblingaccesses
#}
#dest adv {
#domainlist blacklists/adv/domains
#urllist blacklists/adv/urls
#redirect 302:http://bubba/block.html
#}
acl {
default {
pass !adv !gambling all
redirect http://bubba/blocked.html
My squidguard log.
2009-10-17 06:27:00 [6815] destblock good missing active content, set inactive
2009-10-17 06:27:00 [6815] destblock local missing active content, set inactive
2009-10-17 06:27:00 [6815] squidGuard 1.2.0 started (1255753620.056)
2009-10-17 06:27:00 [6815] squidGuard ready for requests (1255753620.099)
2009-10-17 06:27:00 [6817] destblock good missing active content, set inactive
2009-10-17 06:27:00 [6817] destblock local missing active content, set inactive
2009-10-17 06:27:00 [6817] squidGuard 1.2.0 started (1255753620.072)
2009-10-17 06:27:00 [6817] squidGuard ready for requests (1255753620.103)
2009-10-17 06:27:00 [6818] destblock good missing active content, set inactive
2009-10-17 06:27:00 [6818] destblock local missing active content, set inactive
2009-10-17 06:27:00 [6818] squidGuard 1.2.0 started (1255753620.105)
2009-10-17 06:27:00 [6818] squidGuard ready for requests (1255753620.109)
2009-10-17 06:27:00 [6819] destblock good missing active content, set inactive
2009-10-17 06:27:00 [6819] destblock local missing active content, set inactive
2009-10-17 06:27:00 [6819] squidGuard 1.2.0 started (1255753620.124)
2009-10-17 06:27:00 [6819] squidGuard ready for requests (1255753620.148)
2009-10-17 06:27:00 [6820] destblock good missing active content, set inactive
2009-10-17 06:27:00 [6820] destblock local missing active content, set inactive
2009-10-17 06:27:00 [6820] squidGuard 1.2.0 started (1255753620.153)
Puma
I installed squid and squidguard as told on how to in this forum.
All went ok. Changed the proxy port to 8080 (which should be fine...)
Rerouted IP etc.
- But from that moment I cannot access my bubba from the outside via internet. (on my local network it does fine).
- Problem which i have is that it blocks everything or nothing. This is related to the squidguard.conf.
In the blacklists .db are made (for example gambling eg). So squidguard sees my blacklist!
When I remove the # for the domainlist or the urllist everything gets blocked. When placed nothing gets blocked which is understandable of course but I don't understand why everything gets blocked.
My squidguard listed:
dbhome /var/lib/squidguard/db
logdir /var/log/squid
#dest gambling {
# domainlist blacklists/gambling/domains
# urllist blacklists/gambling/urls
# log gamblingaccesses
#}
#dest adv {
#domainlist blacklists/adv/domains
#urllist blacklists/adv/urls
#redirect 302:http://bubba/block.html
#}
acl {
default {
pass !adv !gambling all
redirect http://bubba/blocked.html
My squidguard log.
2009-10-17 06:27:00 [6815] destblock good missing active content, set inactive
2009-10-17 06:27:00 [6815] destblock local missing active content, set inactive
2009-10-17 06:27:00 [6815] squidGuard 1.2.0 started (1255753620.056)
2009-10-17 06:27:00 [6815] squidGuard ready for requests (1255753620.099)
2009-10-17 06:27:00 [6817] destblock good missing active content, set inactive
2009-10-17 06:27:00 [6817] destblock local missing active content, set inactive
2009-10-17 06:27:00 [6817] squidGuard 1.2.0 started (1255753620.072)
2009-10-17 06:27:00 [6817] squidGuard ready for requests (1255753620.103)
2009-10-17 06:27:00 [6818] destblock good missing active content, set inactive
2009-10-17 06:27:00 [6818] destblock local missing active content, set inactive
2009-10-17 06:27:00 [6818] squidGuard 1.2.0 started (1255753620.105)
2009-10-17 06:27:00 [6818] squidGuard ready for requests (1255753620.109)
2009-10-17 06:27:00 [6819] destblock good missing active content, set inactive
2009-10-17 06:27:00 [6819] destblock local missing active content, set inactive
2009-10-17 06:27:00 [6819] squidGuard 1.2.0 started (1255753620.124)
2009-10-17 06:27:00 [6819] squidGuard ready for requests (1255753620.148)
2009-10-17 06:27:00 [6820] destblock good missing active content, set inactive
2009-10-17 06:27:00 [6820] destblock local missing active content, set inactive
2009-10-17 06:27:00 [6820] squidGuard 1.2.0 started (1255753620.153)
Puma
Linux is like a wigwam - no windows, no gates, apache inside!
Re: Firewall content filtering
Hi
if you want to unblock sites from a category
you edit the pass statement, not uncomment the dest statementthe pass statement now let's everything through except the sites specified under dest gambling
to let everything pass, edit the pass statement to:
if you want to unblock sites from a category
you edit the pass statement, not uncomment the dest statement
Code: Select all
acl {
default {
pass !gambling all
redirect http://bubba/block.html
}
}to let everything pass, edit the pass statement to:
Code: Select all
acl {
default {
pass all
redirect http://bubba/block.html
}
}cheers
Eek
Eek
Re: Firewall content filtering
Eek,
The problem is that when I try this:
dbhome /var/lib/squidguard/db
logdir /var/log/squid
dest gambling {
# domainlist blacklists/gambling/domains
# urllist blacklists/gambling/urls
# log gamblingaccesses
}
dest adv {
#domainlist blacklists/adv/domains
#urllist blacklists/adv/urls
#redirect 302:http://bubba/block.html
}
acl {
default {
pass all
redirect http://bubba/blocked.html
Everything works.
but when I try this
dbhome /var/lib/squidguard/db
logdir /var/log/squid
dest gambling {
domainlist blacklists/gambling/domains
urllist blacklists/gambling/urls
log gamblingaccesses
}
dest adv {
domainlist blacklists/adv/domains
urllist blacklists/adv/urls
redirect 302:http://bubba/block.html
}
acl {
default {
pass all
redirect http://bubba/blocked.html
Everything is blocked which should not due to the "pass all"
My squidguard log says;
2009-10-18 06:27:08 [9105] destblock good missing active content, set inactive
2009-10-18 06:27:08 [9105] destblock local missing active content, set inactive
2009-10-18 06:27:08 [9105] squidGuard 1.2.0 started (1255840028.725)
2009-10-18 06:27:08 [9105] squidGuard ready for requests (1255840028.745)
2009-10-18 06:27:08 [9106] destblock good missing active content, set inactive
2009-10-18 06:27:08 [9106] destblock local missing active content, set inactive
2009-10-18 06:27:08 [9106] squidGuard 1.2.0 started (1255840028.733)
2009-10-18 06:27:08 [9106] squidGuard ready for requests (1255840028.783)
2009-10-18 06:27:08 [9107] destblock good missing active content, set inactive
2009-10-18 06:27:08 [9107] destblock local missing active content, set inactive
2009-10-18 06:27:08 [9107] squidGuard 1.2.0 started (1255840028.790)
2009-10-18 06:27:08 [9107] squidGuard ready for requests (1255840028.794)
2009-10-18 06:27:08 [9109] destblock good missing active content, set inactive
2009-10-18 06:27:08 [9109] destblock local missing active content, set inactive
2009-10-18 06:27:08 [9109] squidGuard 1.2.0 started (1255840028.798)
2009-10-18 06:27:08 [9109] squidGuard ready for requests (1255840028.802)
2009-10-18 06:27:08 [9108] destblock good missing active content, set inactive
2009-10-18 06:27:08 [9108] destblock local missing active content, set inactive
2009-10-18 06:27:08 [9108] squidGuard 1.2.0 started (1255840028.789)
Destblock local missing...set inactive is not good i think??
Can it be permissions??
Second problem is that i cannot access bubba from outside!
Puma
The problem is that when I try this:
dbhome /var/lib/squidguard/db
logdir /var/log/squid
dest gambling {
# domainlist blacklists/gambling/domains
# urllist blacklists/gambling/urls
# log gamblingaccesses
}
dest adv {
#domainlist blacklists/adv/domains
#urllist blacklists/adv/urls
#redirect 302:http://bubba/block.html
}
acl {
default {
pass all
redirect http://bubba/blocked.html
Everything works.
but when I try this
dbhome /var/lib/squidguard/db
logdir /var/log/squid
dest gambling {
domainlist blacklists/gambling/domains
urllist blacklists/gambling/urls
log gamblingaccesses
}
dest adv {
domainlist blacklists/adv/domains
urllist blacklists/adv/urls
redirect 302:http://bubba/block.html
}
acl {
default {
pass all
redirect http://bubba/blocked.html
Everything is blocked which should not due to the "pass all"
My squidguard log says;
2009-10-18 06:27:08 [9105] destblock good missing active content, set inactive
2009-10-18 06:27:08 [9105] destblock local missing active content, set inactive
2009-10-18 06:27:08 [9105] squidGuard 1.2.0 started (1255840028.725)
2009-10-18 06:27:08 [9105] squidGuard ready for requests (1255840028.745)
2009-10-18 06:27:08 [9106] destblock good missing active content, set inactive
2009-10-18 06:27:08 [9106] destblock local missing active content, set inactive
2009-10-18 06:27:08 [9106] squidGuard 1.2.0 started (1255840028.733)
2009-10-18 06:27:08 [9106] squidGuard ready for requests (1255840028.783)
2009-10-18 06:27:08 [9107] destblock good missing active content, set inactive
2009-10-18 06:27:08 [9107] destblock local missing active content, set inactive
2009-10-18 06:27:08 [9107] squidGuard 1.2.0 started (1255840028.790)
2009-10-18 06:27:08 [9107] squidGuard ready for requests (1255840028.794)
2009-10-18 06:27:08 [9109] destblock good missing active content, set inactive
2009-10-18 06:27:08 [9109] destblock local missing active content, set inactive
2009-10-18 06:27:08 [9109] squidGuard 1.2.0 started (1255840028.798)
2009-10-18 06:27:08 [9109] squidGuard ready for requests (1255840028.802)
2009-10-18 06:27:08 [9108] destblock good missing active content, set inactive
2009-10-18 06:27:08 [9108] destblock local missing active content, set inactive
2009-10-18 06:27:08 [9108] squidGuard 1.2.0 started (1255840028.789)
Destblock local missing...set inactive is not good i think??
Can it be permissions??
Second problem is that i cannot access bubba from outside!
Puma
Linux is like a wigwam - no windows, no gates, apache inside!
Re: Firewall content filtering
ah, strange
did you do?
could you do a
for accessing the bubba from the outside, you can allow port 22 or port forward any port to 22.
make sure you use a strong password
also see http://forum.excito.net/viewtopic.php?f ... .com#p4063
did you do?
Code: Select all
squidGuard -C all
chown -R proxy:proxy /var/lib/squidguard/db/* Code: Select all
find /var/lib/squidguard/db -lsmake sure you use a strong password
also see http://forum.excito.net/viewtopic.php?f ... .com#p4063
cheers
Eek
Eek
Re: Firewall content filtering
Eek,
Yes I did that: squidguard -C all and next command chown.
Yes I can do find /var/lib/squidguard/db -ls:
dguard/db/blacklists/games/usage
294531 64 -rw-r--r-- 1 proxy proxy 60547 Oct 7 20:15 /var/lib/squi dguard/db/blacklists/games/domains
294556 4 drwxr-xr-x 2 proxy proxy 4096 Oct 10 20:02 /var/lib/squi dguard/db/blacklists/mixed_solsken
294558 4 -rw-r--r-- 1 proxy proxy 38 Oct 7 20:16 /var/lib/squi dguard/db/blacklists/mixed_solsken/urls
294559 4 -rw-r--r-- 1 proxy proxy 6 Mar 13 2006 /var/lib/squi dguard/db/blacklists/mixed_solsken/usage
294557 4 -rw-r--r-- 1 proxy proxy 1499 Oct 7 20:15 /var/lib/squi dguard/db/blacklists/mixed_solsken/domains
262256 4 drwxr-xr-x 2 proxy proxy 4096 Oct 10 20:02 /var/lib/squi dguard/db/blacklists/chat
262258 4 -rw-r--r-- 1 proxy proxy 388 Oct 7 20:16 /var/lib/squi dguard/db/blacklists/chat/urls
262257 4 -rw-r--r-- 1 proxy proxy 2593 Oct 7 20:16 /var/lib/squi dguard/db/blacklists/chat/domains
262248 4 drwxr-xr-x 2 proxy proxy 4096 Oct 10 20:02 /var/lib/squi dguard/db/blacklists/blog
262250 4 -rw-r--r-- 1 proxy proxy 19 Oct 7 20:16 /var/lib/squi dguard/db/blacklists/blog/urls
262251 4 -rw-r--r-- 1 proxy proxy 42 May 27 2005 /var/lib/squi dguard/db/blacklists/blog/usage
262249 8 -rw-r--r-- 1 proxy proxy 7117 Oct 7 20:16 /var/lib/squi dguard/db/blacklists/blog/domains
246060 0 lrwxrwxrwx 1 proxy proxy 10 Oct 11 15:07 /var/lib/squi dguard/db/blacklists/proxy -> redirector
294548 4 drwxr-xr-x 2 proxy proxy 4096 Oct 10 20:02 /var/lib/squi dguard/db/blacklists/manga
294550 4 -rw-r--r-- 1 proxy proxy 1539 Oct 7 20:16 /var/lib/squi dguard/db/blacklists/manga/urls
294551 4 -rw-r--r-- 1 proxy proxy 12 Nov 24 2008 /var/lib/squi dguard/db/blacklists/manga/usage
294549 8 -rw-r--r-- 1 proxy proxy 5223 Oct 7 20:16 /var/lib/squi dguard/db/blacklists/manga/domains
294611 4 drwxr-xr-x 2 proxy proxy 4096 Oct 10 20:02 /var/lib/squi dguard/db/blacklists/strong_redirector
294613 4 -rw-r--r-- 1 proxy proxy 537 Jun 5 16:01 /var/lib/squi dguard/db/blacklists/strong_redirector/expressions
I can't access my bubba webmail and homepage.
Port 22 is only for ssh?
I can't access homepage etc after I installed squid.
Puma
Yes I did that: squidguard -C all and next command chown.
Yes I can do find /var/lib/squidguard/db -ls:
dguard/db/blacklists/games/usage
294531 64 -rw-r--r-- 1 proxy proxy 60547 Oct 7 20:15 /var/lib/squi dguard/db/blacklists/games/domains
294556 4 drwxr-xr-x 2 proxy proxy 4096 Oct 10 20:02 /var/lib/squi dguard/db/blacklists/mixed_solsken
294558 4 -rw-r--r-- 1 proxy proxy 38 Oct 7 20:16 /var/lib/squi dguard/db/blacklists/mixed_solsken/urls
294559 4 -rw-r--r-- 1 proxy proxy 6 Mar 13 2006 /var/lib/squi dguard/db/blacklists/mixed_solsken/usage
294557 4 -rw-r--r-- 1 proxy proxy 1499 Oct 7 20:15 /var/lib/squi dguard/db/blacklists/mixed_solsken/domains
262256 4 drwxr-xr-x 2 proxy proxy 4096 Oct 10 20:02 /var/lib/squi dguard/db/blacklists/chat
262258 4 -rw-r--r-- 1 proxy proxy 388 Oct 7 20:16 /var/lib/squi dguard/db/blacklists/chat/urls
262257 4 -rw-r--r-- 1 proxy proxy 2593 Oct 7 20:16 /var/lib/squi dguard/db/blacklists/chat/domains
262248 4 drwxr-xr-x 2 proxy proxy 4096 Oct 10 20:02 /var/lib/squi dguard/db/blacklists/blog
262250 4 -rw-r--r-- 1 proxy proxy 19 Oct 7 20:16 /var/lib/squi dguard/db/blacklists/blog/urls
262251 4 -rw-r--r-- 1 proxy proxy 42 May 27 2005 /var/lib/squi dguard/db/blacklists/blog/usage
262249 8 -rw-r--r-- 1 proxy proxy 7117 Oct 7 20:16 /var/lib/squi dguard/db/blacklists/blog/domains
246060 0 lrwxrwxrwx 1 proxy proxy 10 Oct 11 15:07 /var/lib/squi dguard/db/blacklists/proxy -> redirector
294548 4 drwxr-xr-x 2 proxy proxy 4096 Oct 10 20:02 /var/lib/squi dguard/db/blacklists/manga
294550 4 -rw-r--r-- 1 proxy proxy 1539 Oct 7 20:16 /var/lib/squi dguard/db/blacklists/manga/urls
294551 4 -rw-r--r-- 1 proxy proxy 12 Nov 24 2008 /var/lib/squi dguard/db/blacklists/manga/usage
294549 8 -rw-r--r-- 1 proxy proxy 5223 Oct 7 20:16 /var/lib/squi dguard/db/blacklists/manga/domains
294611 4 drwxr-xr-x 2 proxy proxy 4096 Oct 10 20:02 /var/lib/squi dguard/db/blacklists/strong_redirector
294613 4 -rw-r--r-- 1 proxy proxy 537 Jun 5 16:01 /var/lib/squi dguard/db/blacklists/strong_redirector/expressions
I can't access my bubba webmail and homepage.
Port 22 is only for ssh?
I can't access homepage etc after I installed squid.
Puma
Linux is like a wigwam - no windows, no gates, apache inside!