Topic: SquidGuard 3.2

[byte]

Does any know if squidguard3.2 is running on a 7.0 box?

http://mirror.contribs.org/smeserver/contribs/cbharda/contrib/squidGuard/squidguard3.2.tar.gz

If not I might see if I can get this working with 7.0 as this package is brillaint...

[mrjhb3]

Does any know if squidguard3.2 is running on a 7.0 box?

http://mirror.contribs.org/smeserver/contribs/cbharda/contrib/squidGuard/squidguard3.2.tar.gz

If not I might see if I can get this working with 7.0 as this package is brillaint...

The package is good, but there doesn't seem to be any recent updates to the blacklists.  My 6.5 server is running it and the downloaded blacklist file is the same size everyday.  Have you noticed this, or maybe you are using a different site for your blacklists.  

Also, I have SARG as well, but the reports only show the IP address of the pc that accessed a particular site, not the actual userid.  I did have proxy authentication turned on, but that didn't make a difference.  I think I may need to get the ident program working in order to make the userid appear.  I'll have to go back through my notes to verify.  So, what I'm getting at, is do you have this working where SARG will show the userid that accessed the particular site?

John Bennett

[byte]

My 6.5 server is running it and the downloaded blacklist file is the same size everyday.  Have you noticed this, or maybe you are using a different site for your blacklists.  

Yes I noticed this too. Must look for a up2date blacklist if I'm to use this package/update.

So, what I'm getting at, is do you have this working where SARG will show the userid that accessed the particular site?

I believe some people use the hostname & address to resolve that, but if your using DHCP then your IP is likely change, Although my ip stays the same even on DHCP it's only if I changed a NIC then my ip changes.

[byte]

Think I'm going to have a look at Dag Wieers squidguard found here...

http://dag.wieers.com/packages/squidguard/squidguard-1.2.0-2.2.el4.rf.i386.rpm

[mrjhb3]

Think I'm going to have a look at Dag Wieers squidguard found here...

http://dag.wieers.com/packages/squidguard/squidguard-1.2.0-2.2.el4.rf.i386.rpm

I'd be interested in how that goes.  My IP's at home stay the same as well, but my boys hop from PC to PC so I can't always tell who was browsing to what site, which is why I'd like it if it would show the userid.  I'll work on that end and see if I can get any success.

John

[byte]

Think I'm going to have a look at Dag Wieers squidguard found here...

http://dag.wieers.com/packages/squidguard/squidguard-1.2.0-2.2.el4.rf.i386.rpm

After starting 2 weeks holiday last week thought I'd come back to this  

I have it working and created a howto (very draft) and some custom templates that are needed (would be good if someone could roll them as a rpm as I still haven't found time to learn to do that).

If anyone is interested I'll try tidying up how to and try to find somewhere to place the custom templates, now I have only tried on a test server and have yet to place into production so it would be at your own risk.

It doesn't have the user interface the old version had but it is fairly easy to configure from command line once you have read up on it    

[mrjhb3]

Yeah, post that howto please.  I managed to get the userid stuff working on my 6.5 server using identd with some help from an old techgeeks.org article I still had.  Now my SARG reports show the userid that accessed the site and not the IP address.  Haven't had a chance to test this on 7.0 yet.

John

[byte]

John, here it is still in draft but it's the basis to gettting started...

AT YOUR OWN RISK

Download latest RHEL rpm’s from DAG…

DAG – SquidGuard Home page…
http://dag.wieers.com/home-made/squidguard/

Download - squidguard-1.2.0-2.2.el4.rf.i386.rpm
http://dag.wieers.com/packages/squidguard/squidguard-1.2.0-2.2.el4.rf.i386.rpm

Download – squidguard-blacklists-20050528-1.2.el4.rf.noarch.rpm
http://dag.wieers.com/packages/squidguard-blacklists/squidguard-blacklists-20050528-1.2.el4.rf.noarch.rpm

The SquidGuard-blacklists maybe out of date but it’s a good base to start from. This site currently has some blacklists updates which you can apply…
http://cri.univ-tlse1.fr/documentations/cache/squidguard_en.html

Now for the installation…

Code: [Select]

[root@example home]# rpm -Uvh squidguard-1.2.0-2.2.el4.rf.i386.rpm
Preparing...                ########################################### [100%]
   1:squidguard             ########################################### [100%]
[root@example home]#


Install the SquidGuard-blacklists…

Code: [Select]

[root@example home]# rpm -Uvh squidguard-blacklists-20050528-1.2.el4.rf.noarch.rpm
Preparing...                ########################################### [100%]
   1:squidguard-blacklists  ########################################### [100%]
[root@example home]#

We are now going to create our /etc/squid/squidGuard.conf – Follow these steps…

Code: [Select]

mkdir -p /etc/e-smith/templates-custom/etc/squid/squidguard.conf
 
Inside that directory I  files to put the relevant code…

10dbhome

Code: [Select]

#
# Config file for squidguard
#
dbhome /var/lib/squidguard


 10logdir

Code: [Select]

logdir /var/log/squidguard


13destsetup

Code: [Select]

#
# Destination setup i.e where our blacklists are.
#



15dest-adult

Code: [Select]

dest adult \{
    domainlist     adult/domains
    urllist        adult/urls
    expressionlist adult/expressions
\}


**Note**
Above we have 15dest-adult but as you've installed the DAG blacklist rpm you can enable more databases just create another template called 15dest-warez and use the code

Code: [Select]

dest warez \{
    domainlist     warez/domains
    urllist        warez/urls
    expressionlist warez/expressions
\}


You can see what other databases you have by looking in /var/lib/squidguard/

20aclsetup

Code: [Select]

#
# ACL setup control ie you can control time and dest db's
#



25acldefault

Code: [Select]

acl \{
     default \{
                pass     !adult !warez
                redirect http://192.168.1.20/cgi-bin/squidGuard.cgi?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetclass=%t&url=%u
\}
\}



As we might have entered the warez database you would need to add in the line to template 25acldefault  "!warez"

Once your happy with the templates run…

Code: [Select]

expand-template /etc/squid/squidguard.conf

Next create a template squid.conf and a file called 45SquidGuard

Code: [Select]

mkdir -p /etc/e-smith/templates-custom/etc/squid/squid.conf

and enter…

Code: [Select]

redirect_program /usr/bin/SquidGuard –c /etc/squid/squidguard.conf
redirect_children 5

Code: [Select]

expand-template /etc/squid/squid.conf

Now restart squid…

Code: [Select]

[root@example squidguard.conf]# svc -t /service/squid
[root@example squidguard.conf]# service squid restart
Restarting squid                                           [  OK  ]
[root@example squidguard.conf]#

Check the /var/log/squidguard/squidguard.log for any errors and that it starts up ok.

To check from server that squidguard is filtering type on command line…

Code: [Select]

echo "http://www.google.co.uk 10.0.0.1/- - GET" | /usr/bin/squidGuard -c /etc/squid/squidguard.conf –d

That will pass, now do the same with a blocked site for example www.playboy.com and that should show your redirected blocked url

If you need to create your own custom databases you can, search google as it has a wealth of info.

[cactus]

Code: [Select]

[root@example home]# rpm -Uvh squidguard-1.2.0-2.2.el4.rf.i386.rpm
Preparing...                ########################################### [100%]
   1:squidguard             ########################################### [100%]
[root@example home]#


use yum localinstall instead of rpm -Uvh as this is the preffered way of installing for SME 7.x. Advantage is that all necessarry dependencies will be downloaded from the enabled repositories incase the dependencies are found there.

[byte]

use yum localinstall instead of rpm -Uvh as this is the preffered way of installing for SME 7.x. Advantage is that all necessarry dependencies will be downloaded from the enabled repositories incase the dependencies are found there.

Yep true but this doesn't have any deps

[byte]

I have requested a contribs space which has now been created should sync in hour or two so you can download the custom templates, there is also a custom template for which allows the same setup but allows you to set a specific user(s) to have unrestricted internet access while rest have restricted, use at your own risk.

 http://mirror.contribs.org/smeserver/contribs/byte

[cactus]

Yep true but this doesn't have any deps

That does not matter I think, using yum makes it also show up in the log files, which makes troubleshooting a lot easier. To the eye it might seem that there are no dependencies, but most of the time they are not shown as they are already installed on your system.

[mrjhb3]

byte,

Thanks for putting the howto together.  I don't think you need to use templates-custom.  I couldn't find anything that conflicted.  Anyway, I plan on packaging the templates portion into a smeserver-squidguard rpm.  I need squidguard so that I can further monitor/track/guard/look where my boys are surfing.  When I am complete, I'll repost back to this thread and get some feedback.  May take a little while as my boys' activites are not kicking back up.

JB

[byte]

John,

Only reason I templated them is because if for example I wanted to setup my own "whitelist" I would create a template-custom as the squidguard.conf is not in the templates directory it would ease the /etc/squid/squidguard.conf when you expand, thinking about it more you could probably edit the /etc/squid/squidguard.conf  directly but I was trying to keep in tune with the way SME works.

Would be great if you could build it in to an rpm  

[Jean-Philippe Pialasse]

Hey guys a great work is on its way.


May i give you one more suggestion: a pannel to configure the squidguard, and to select a way to update blacklist via download manually or cronly .

There's some location in the web where you can find updated blacklist : i know one in a french University : Toulouse:

here an example of an ipcop contrib (with an excellent pannel):
http://franck78.ath.cx/index-en.html ( download the package to have an idea of the work.

here is the link of the university and the black list:

ftp://ftp.univ-tlse1.fr/pub/reseau/cache/squidguard_contrib/blacklists.tar.gz