Problème avec SquidGuard (pas de filtrage)

Support Debian
#1

Bonjour à tous,

je me tourne vers vous après de longues heures de recherches sur le net.

J’ai installé sur une debian 6.0.1 squid3 et squidGuard (le tout en apt-get install)
j’ai configuré le fichier /etc/squid3/squid.conf comme suit:

[code]http_port 8080
icp_port 0
htcp_port 0
visible_hostname squid

Pour que le proxy soit serveur DNS :

dns_nameservers dns_fai ou/et dns_passerelle

dns_nameservers 10.176.155.206 10.176.155.202
dns_defnames on

acl manager proto cache_object
#acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/32
acl our_networks src 127.0.0.1/32 10.176.155.0/24
acl our_servers src 10.176.155.199-10.176.155.206
#acl our_destip dst 207.46.225.221 209.85.227.104
#acl our_destdom dstdomain .eset.com .avast.com
#acl our_bandst dstdomain .youtube.com .deezer.com .facebook.com .myspace.com .msn.com .msn.fr
acl to_localhost dst 127.0.0.0/8

acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

le protocole cache_object (acl manager) ne pourra acc�der que depuis l’adresse 127.0.0.1 (acl localhost) et pas depuis une autre

http_access allow manager localhost
http_access deny manager

Interdit l’acc�s aux ports autres que 80, 21, 443 et de 1025 � 65535 (n�gation (!) de acl Safe_ports)

http_access deny !Safe_ports

Interdit l’acc�s vers 127.0.0.0/8 (acl to_localhost)

http_access deny to_localhost

Interdit l’acc�s vers les domaines d�finies dans acl our_bandst

#http_access deny our_bandst

Autorise l’acc�s depuis les serveurs d�finis dans acl our_servers

http_access allow our_servers

#http_access allow our_destip

Autorise l’acc�s vers les domaines d�finis dans acl our_destdomain

#http_access allow our_destdom

Autorise l’acc�s depuis mon r�seau (acl our_networks)

http_access allow our_networks

Interdit tout le reste (mot r�serv� all)

http_access deny all

http_reply_access allow all

hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin ?
cache deny QUERY
coredump_dir /var/spool/squid3
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|?) 0 0% 0
refresh_pattern . 0 20% 4320

Attention si vous modifiez les valeurs de la ligne suivante : lancez squid3 -f /etc/squid3/squid.conf -z pour reconstruire le cache !

cache_dir ufs /var/spool/squid3 1024 256 256

Les journaux

cache_effective_user proxy
cache_effective_group proxy
cache_access_log /var/log/squid3/access.log common
cache_log /var/log/squid3/cache.log
cache_store_log /var/log/squid3/store.log
cache_swap_log /var/log/squid3/cache_swap.log
cache_mgr informatique@moa.fr
#LogFormat
logformat squid %tl %6tr %>a %Ss/%03>Hs %<Hs %<st %rm %ru %un %Sh/%<A %mt
#SquidGuard
#redirect_program /usr/bin/squidGuard
#redirect_children 10
url_rewrite_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf

positive_dns_ttl 1 day
negative_dns_ttl 1 hour

[/code]

Le fichier /etc/squid/squidGuard.conf comme suit:

[code]#

CONFIG FILE FOR SQUIDGUARD

dbhome /var/lib/squidguard/db
logdir /var/log/squid

TIME RULES:

abbrev for weekdays:

s = sun, m = mon, t =tue, w = wed, h = thu, f = fri, a = sat

time workhours {
weekly mtwhf 08:00 - 18:30
date --01 08:00 - 18:30
}

REWRITE RULES:

#rew dmz {

s@://admin/@://admin.foo.bar.de/@i

s@://foo.bar.de/@://www.foo.bar.de/@i

#}

SOURCE ADDRESSES:

#src admin {

ip 1.2.3.4 1.2.3.5

user root foo bar

within workhours

#}

src clients {
ip 10.176.155.1-10.176.155.199
}

#src bar-clients {

ip 172.16.4.0/26

#}

DESTINATION CLASSES:

#dest good {
#}
#dest local {
#}

#dest adult {

domainlist adult/domains

urllist adult/urls

expressionlist adult/expressions

redirect http://admin.foo.bar.de/cgi-bin/squidGuard.cgi?clientaddr=%a+clientname=%n+clientident=%i+srcclass=%s+targetclass=%t+url=%u

#}

dest adult {
domainlist adult/domains
urllist adult/urls
expressionlist adult/expressions
redirect http://glpi.moa.dom/
log adult.log
}
dest ads {
domainlist ads/domains
urllist ads/urls
log ads.log
}
dest porn {
domainlist porn/domains
urllist porn/urls
log porn.log
}
dest warez {
domainlist warez/domains
urllist warez/urls
log warez.log
}

dest social_networks {
domainlist social_networks/domains
urllist social_networks/urls
log social.log
}
acl {

admin {

pass any

}

    clients {
            pass !adult !social_networks !porn !warez !ads all
    }

bar-clients {

pass local none

}

    default {
            pass !in-addr all

rewrite dmz

redirect http://localhost/cgi-bin/squidGuard.cgi?clientaddr=%a+clientname=%n+clientident=%i+srcclass=%s+targetclass=%t+url=%u 

            redirect http://glpi.local.dom/
    }

}

[/code]

j’ai ensuite utiliser les commandes squidGuard -c all puis squidguard -u et /etc/init.d/squid3 restart
ensuite j’ai testé avec la commande echo "http://www.fr.pornhub.com/ 10.176.155.59/- - GET" | /usr/bin/squidGuard -c /etc/squid/squidGuard.conf -d

le resultat est le suivant:

2012-11-07 15:16:25 [6312] New setting: dbhome: /var/lib/squidguard/db 2012-11-07 15:16:25 [6312] New setting: logdir: /var/log/squid 2012-11-07 15:16:25 [6312] init domainlist /var/lib/squidguard/db/adult/domains 2012-11-07 15:16:25 [6312] loading dbfile /var/lib/squidguard/db/adult/domains.db 2012-11-07 15:16:25 [6312] init urllist /var/lib/squidguard/db/adult/urls 2012-11-07 15:16:25 [6312] loading dbfile /var/lib/squidguard/db/adult/urls.db 2012-11-07 15:16:25 [6312] init expressionlist /var/lib/squidguard/db/adult/expressions 2012-11-07 15:16:25 [6312] init domainlist /var/lib/squidguard/db/ads/domains 2012-11-07 15:16:25 [6312] loading dbfile /var/lib/squidguard/db/ads/domains.db 2012-11-07 15:16:25 [6312] init urllist /var/lib/squidguard/db/ads/urls 2012-11-07 15:16:25 [6312] loading dbfile /var/lib/squidguard/db/ads/urls.db 2012-11-07 15:16:25 [6312] init domainlist /var/lib/squidguard/db/porn/domains 2012-11-07 15:16:25 [6312] loading dbfile /var/lib/squidguard/db/porn/domains.db 2012-11-07 15:16:25 [6312] init urllist /var/lib/squidguard/db/porn/urls 2012-11-07 15:16:25 [6312] loading dbfile /var/lib/squidguard/db/porn/urls.db 2012-11-07 15:16:25 [6312] init domainlist /var/lib/squidguard/db/warez/domains 2012-11-07 15:16:25 [6312] loading dbfile /var/lib/squidguard/db/warez/domains.db 2012-11-07 15:16:25 [6312] init urllist /var/lib/squidguard/db/warez/urls 2012-11-07 15:16:25 [6312] loading dbfile /var/lib/squidguard/db/warez/urls.db 2012-11-07 15:16:25 [6312] init domainlist /var/lib/squidguard/db/social_networks/domains 2012-11-07 15:16:25 [6312] loading dbfile /var/lib/squidguard/db/social_networks/domains.db 2012-11-07 15:16:25 [6312] init urllist /var/lib/squidguard/db/social_networks/urls 2012-11-07 15:16:25 [6312] loading dbfile /var/lib/squidguard/db/social_networks/urls.db 2012-11-07 15:16:25 [6312] squidGuard 1.4 started (1352297785.646) 2012-11-07 15:16:25 [6312] Info: recalculating alarm in 11615 seconds 2012-11-07 15:16:25 [6312] squidGuard ready for requests (1352297785.663) 2012-11-07 15:16:25 [6312] Request(clients/adult/-) http://www.fr.pornhub.com/ 10.176.155.100/- - GET REDIRECT http://glpi.local.dom/ 10.176.155.100/- - GET 2012-11-07 15:16:25 [6312] squidGuard stopped (1352297785.664)

par contre dans mon navigateur (firefox) aucun filtrage. le site passe.

pouvez vous m’aider svp ?

Merci

#2

Es-tu certain que ton navigateur passe bien via le proxy ?

#3

oui car mes test de filtrage par squid.conf fonctionnent
et j’ai un message d’erreur squid quand j’essai d’accéder à glpi.local.dom fonctionne)

#4

Dans tes processus, tu peux voir les procs squidguard ?

Essaye de regarder dans les logs ?
Redémarre entièrement ton service Squid ? (voir des éventuelles erreurs dans les logs)
Le dossier /var/lib/squidguard/db contient bien toutes les DBs ?

Edit :

Je me souviens lorsque j’avais configuré SquidGuard (il y a assez longtps donc c’est peut être obsolète…) j’avais des soucis pour faire fonctionner certaines DBs/Listes du coup essaye de les bloquer une par une pour essayer ?

[quote]clients {
pass !adult !social_networks !porn !warez !ads all
}[/quote]

Essaye avec :

clients { pass !adult !social_networks !porn !warez !ads any }

Ce n’est peut être pas un soucis de proxy, ta page est peut-être pas accessible à cette adresse la ?

#5

Le squidguard -c all se déroule bien, dans les logs les db se font bien
le restart de squid3 est nickel, aucun warning ou fail

j’ai testé avec “any” et toujours pareil
j’ai essayé avec facebook, pornhub, topwarez, deviantart …

sans le proxy j’ai accès a glpi (serveur web sur mon réseau)
avec le proxy je dois rajouter .local.dom

#6

log /var/log/squid3/access.log

10.176.155.59 - - [07/Nov/2012:17:17:05 +0100] "CONNECT fbcdn-profile-a.akamaihd.net:443 HTTP/1.1" 200 2278 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:17:05 +0100] "CONNECT fbcdn-creative-a.akamaihd.net:443 HTTP/1.1" 200 19246 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:17:05 +0100] "CONNECT fbcdn-profile-a.akamaihd.net:443 HTTP/1.1" 200 6318 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:17:05 +0100] "CONNECT www.facebook.com:443 HTTP/1.1" 200 27713 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:17:52 +0100] "GET http://cream-and-sugar.tumblr.com/ HTTP/1.1" 503 2077 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:17:53 +0100] "GET http://assets.tumblr.com/stylesheets/compressed/status_blue.css HTTP/1.1" 200 1140 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:17:53 +0100] "GET http://assets.tumblr.com/languages/errors.js? HTTP/1.1" 200 7924 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:17:53 +0100] "GET http://assets.tumblr.com/images/favicon.gif? HTTP/1.1" 200 1046 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:17:53 +0100] "GET http://assets.tumblr.com/images/status_bg.png? HTTP/1.1" 200 74413 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:17:53 +0100] "GET http://www.google-analytics.com/__utm.gif? HTTP/1.1" 200 499 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:17:57 +0100] "GET http://pixel.quantserve.com/pixel;r=508236511;a=p-915Y6SMHQQJHI;labels=Front%2CUserStatus.LoggedOut;f$ 10.176.155.59 - - [07/Nov/2012:17:17:57 +0100] "GET http://www.google-analytics.com/__utm.gif? HTTP/1.1" 200 499 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:17:57 +0100] "GET http://b.scorecardresearch.com/b? HTTP/1.1" 200 409 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:17:57 +0100] "GET http://pubads.g.doubleclick.net/gampad/ads? HTTP/1.1" 200 2815 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:17:57 +0100] "GET http://pubads.g.doubleclick.net/gampad/ads? HTTP/1.1" 200 1258 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:17:57 +0100] "GET http://pagead2.googlesyndication.com/simgad/12986737725118347865 HTTP/1.1" 200 34612 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:18:53 +0100] "GET http://adicate.com/ HTTP/1.1" 302 339 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:18:53 +0100] "GET http://89.185.240.3/ HTTP/1.1" 200 744 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:18:53 +0100] "GET http://89.185.240.3/js/detekce.js HTTP/1.1" 200 1175 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:18:53 +0100] "GET http://89.185.240.3/favicon.ico HTTP/1.1" 404 549 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:18:54 +0100] "GET http://adblock.wips.com/ HTTP/1.1" 200 1613 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:18:54 +0100] "GET http://89.185.240.3/favicon.ico HTTP/1.1" 404 549 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:18:54 +0100] "GET http://adblock.wips.com/js/detekce.js HTTP/1.1" 200 1180 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:18:54 +0100] "GET http://adblock.wips.com/js/scripts.js HTTP/1.1" 200 506 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:18:54 +0100] "GET http://adblock.wips.com/img/favicon.ico HTTP/1.1" 200 1515 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:18:54 +0100] "GET http://adblock.wips.com/css/layout.css HTTP/1.1" 200 1072 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:18:54 +0100] "GET http://adblock.wips.com/js/jquery.js HTTP/1.1" 200 32350 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:18:54 +0100] "GET http://adblock.wips.com/img/before_after.jpg HTTP/1.1" 200 63838 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:18:55 +0100] "GET http://www.google-analytics.com/__utm.gif? HTTP/1.1" 200 499 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:18:55 +0100] "GET http://adblock.wips.com/img/download_bg.gif HTTP/1.1" 200 10094 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:18:55 +0100] "GET http://adblock.wips.com/img/download_butt.png HTTP/1.1" 200 52362 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:18:58 +0100] "GET http://pixel.quantserve.com/pixel;r=1879183950;a=p-915Y6SMHQQJHI;labels=Front%2CUserStatus.LoggedOut;$ 10.176.155.59 - - [07/Nov/2012:17:18:58 +0100] "GET http://www.google-analytics.com/__utm.gif? HTTP/1.1" 200 499 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:18:58 +0100] "GET http://b.scorecardresearch.com/b? HTTP/1.1" 204 348 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:18:59 +0100] "GET http://pubads.g.doubleclick.net/gampad/ads? HTTP/1.1" 200 2767 TCP_MISS:DIRECT 10.176.155.59 - - [07/Nov/2012:17:18:59 +0100] "GET http://pubads.g.doubleclick.net/gampad/ads? HTTP/1.1" 200 1258 TCP_MISS:DIRECT

squidGuard.log

2012-11-07 17:14:05 [1884] New setting: dbhome: /var/lib/squidguard/db
2012-11-07 17:14:05 [1884] New setting: logdir: /var/log/squid
2012-11-07 17:14:05 [1884] init domainlist /var/lib/squidguard/db/adult/domains
2012-11-07 17:14:05 [1884] loading dbfile /var/lib/squidguard/db/adult/domains.db
2012-11-07 17:14:05 [1884] update dbfile /var/lib/squidguard/db/adult/domains.db
2012-11-07 17:14:05 [1884] update: added 1 entries, deleted 0 entries
2012-11-07 17:14:05 [1884] init urllist /var/lib/squidguard/db/adult/urls
2012-11-07 17:14:05 [1884] loading dbfile /var/lib/squidguard/db/adult/urls.db
2012-11-07 17:14:05 [1884] init expressionlist /var/lib/squidguard/db/adult/expressions
2012-11-07 17:14:05 [1884] init domainlist /var/lib/squidguard/db/ads/domains
2012-11-07 17:14:05 [1884] loading dbfile /var/lib/squidguard/db/ads/domains.db
2012-11-07 17:14:05 [1884] init urllist /var/lib/squidguard/db/ads/urls
2012-11-07 17:14:05 [1884] loading dbfile /var/lib/squidguard/db/ads/urls.db
2012-11-07 17:14:05 [1884] init domainlist /var/lib/squidguard/db/porn/domains
2012-11-07 17:14:05 [1884] loading dbfile /var/lib/squidguard/db/porn/domains.db
2012-11-07 17:14:05 [1884] update dbfile /var/lib/squidguard/db/porn/domains.db
2012-11-07 17:14:05 [1884] update: added 1 entries, deleted 0 entries
2012-11-07 17:14:05 [1884] init urllist /var/lib/squidguard/db/porn/urls
2012-11-07 17:14:05 [1884] loading dbfile /var/lib/squidguard/db/porn/urls.db
2012-11-07 17:14:05 [1884] init domainlist /var/lib/squidguard/db/warez/domains
2012-11-07 17:14:05 [1884] loading dbfile /var/lib/squidguard/db/warez/domains.db
2012-11-07 17:14:05 [1884] init urllist /var/lib/squidguard/db/warez/urls
2012-11-07 17:14:05 [1884] loading dbfile /var/lib/squidguard/db/warez/urls.db
2012-11-07 17:14:05 [1884] init domainlist /var/lib/squidguard/db/social_networks/domains
2012-11-07 17:14:05 [1884] loading dbfile /var/lib/squidguard/db/social_networks/domains.db
2012-11-07 17:14:05 [1884] init urllist /var/lib/squidguard/db/social_networks/urls
2012-11-07 17:14:05 [1884] loading dbfile /var/lib/squidguard/db/social_networks/urls.db
2012-11-07 17:14:05 [1884] squidGuard 1.4 started (1352304845.142)
2012-11-07 17:14:05 [1884] db update done
2012-11-07 17:14:05 [1884] squidGuard stopped (1352304845.173)
#7

Tu peux me donner les resultats des commandes suivantes stp ? :

  • ps -axfu
  • ls -l /var/lib/squidguard.db
#8

la liste est longue, cela devrait suffire:

root 1909 0.0 0.1 9316 1612 ? Ss 17:14 0:00 /usr/sbin/squid3 -YC -f /etc/squid3/squid.conf proxy 1913 0.1 1.4 43428 18900 ? S 17:14 0:01 \_ (squid) -YC -f /etc/squid3/squid.conf proxy 1917 0.0 0.0 3424 1068 ? S 17:14 0:00 \_ (squidGuard) -c /etc/squid/squidGuard.conf proxy 1918 0.0 0.0 3424 1068 ? S 17:14 0:00 \_ (squidGuard) -c /etc/squid/squidGuard.conf proxy 1919 0.0 0.0 3424 1068 ? S 17:14 0:00 \_ (squidGuard) -c /etc/squid/squidGuard.conf proxy 1920 0.0 0.0 3428 1068 ? S 17:14 0:00 \_ (squidGuard) -c /etc/squid/squidGuard.conf proxy 1921 0.0 0.0 3428 1072 ? S 17:14 0:00 \_ (squidGuard) -c /etc/squid/squidGuard.conf proxy 1922 0.0 0.0 2940 908 ? S 17:14 0:00 \_ (unlinkd)

pour la deuxieme commande; pas de résultat, le repertoire ou fichier n’existe pas
mes db sont dans /var/lib/squidguard/db/ mais il n’y a pas de squidguard.db

#9

Faute de frappe dsl :

/var/lib/squidguard/db

#10

ah mince. en effet jai pas mal de db dans ce repertoire. jai quitté le boulot la. je sors la commande plus tard dans 1h environs.

#11 
lrwxrwxrwx 1 squid proxy     9  6 nov.  16:14 ads -> publicite
drwxr-xr-x 2 squid proxy  4096  7 nov.  13:59 adult
lrwxrwxrwx 1 squid proxy     8  6 nov.  16:14 aggressive -> agressif
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 agressif
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 arjel
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 astrology
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 audio-video
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 bank
drwxr-sr-x 2 squid proxy  4096  6 nov.  16:14 blacklists
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 blog
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 celebrity
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 chat
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 child
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 cleaning
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 cooking
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 dangerous_material
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 dating
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 drogue
lrwxrwxrwx 1 squid proxy     6  6 nov.  16:14 drugs -> drogue
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 filehosting
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 financial
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 forums
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 gambling
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 games
-rw-r--r-- 1 squid proxy 14181  6 févr.  2012 global_usage
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 hacking
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 jobsearch
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 lingerie
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 liste_bu
lrwxrwxrwx 1 squid proxy     6  6 nov.  16:14 mail -> forums
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 malware
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 manga
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 marketingware
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 mixed_adult
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 mobile-phone
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 phishing
lrwxrwxrwx 1 squid proxy     5  6 nov.  16:14 porn -> adult
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 press
lrwxrwxrwx 1 squid proxy    10  6 nov.  16:14 proxy -> redirector
drwxr-xr-x 2 squid proxy  4096  7 nov.  11:35 publicite
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 radio
-rw-r--r-- 1 squid proxy  3899  5 nov.  21:21 README
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 reaffected
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 redirector
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 remote-control
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 sect
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 sexual_education
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 shopping
drwxr-xr-x 2 squid proxy  4096  7 nov.  14:07 social_networks
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 sports
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 strict_redirector
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 strong_redirector
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 tricheur
lrwxrwxrwx 1 squid proxy     8  6 nov.  16:14 violence -> agressif
drwxr-xr-x 2 squid proxy  4096  7 nov.  11:37 warez
drwxr-xr-x 2 squid proxy  4096  5 nov.  21:21 webmail
#12

Je ne vois pas d’où peut provenir l’erreur, le fichier squidguard.conf est assez chiant avec la syntaxe de celui-ci.
Peut-être qu’il y a une erreur dans le fichier qui empêche squidguard de bien fonctionner. Essaye de configurer squidguard au minimum et voir si il fonctionne ? Si oui ajouter des options au fur et à mesure ?

Je suis en parallèle en train de tester chez moi, donc ce soir je pourrais te dire si j’arrive à le faire fonctionner.

#13

ah merci tu déchires :wink: luffy tux

#14

Juste pour info, comment as tu configurer ton client ? Quel Navigateur ? IP ?
L’IP de ton proxy est : 10.176.155.59 ?

#15

firefox. adresse proxy 10.176.155.100
le client 10.176.155.59

#16

La suite ce soir dans se cas ! xD

#17

oui sauf que mon port cest le 8080

#18

aaaaaaaaaaaaaaaaaaaaaaaah je crois avoir reussi !!!
je continue mes tests et je post mes fichiers de conf :wink:

#19

bon alors, après avoir suivit le tuto suivant: irp.nain-t.net/doku.php/220squid:start
j’ai fais quelques modif sur mon squid.conf et squidguard.conf

squid.conf:

[code]http_port 8080
icp_port 0
htcp_port 0
visible_hostname squid

Pour que le proxy soit serveur DNS :

dns_nameservers dns_fai ou/et dns_passerelle

dns_nameservers 10.176.155.206 10.176.155.202
dns_defnames on

acl manager proto cache_object
#acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/32
acl our_networks src 127.0.0.1/32 10.176.155.0/24
acl our_servers src 10.176.155.199-10.176.155.206
acl to_localhost dst 127.0.0.0/8

acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

le protocole cache_object (acl manager) ne pourra acc�der que depuis l’adress$tp_access allow manager localhost

http_access deny manager

Interdit l’acc�s aux ports autres que 80, 21, 443 et de 1025 � 65535 (n�http_access deny !Safe_ports

Interdit l’acc�s vers 127.0.0.0/8 (acl to_localhost)

http_access deny to_localhost

Autorise l’acc�s depuis les serveurs d�finis dans acl our_servers

http_access allow our_servers

Autorise l’acc�s depuis mon r�seau (acl our_networks)

http_access allow our_networks

Interdit tout le reste (mot r�serv� all)

http_access deny all

http_reply_access allow all

hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin ?
cache deny QUERY
coredump_dir /var/spool/squid3
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|?) 0 0% 0
refresh_pattern . 0 20% 4320

Attention si vous modifiez les valeurs de la ligne suivante : lancez squid3 -$

cache_dir ufs /var/spool/squid3 1024 256 256

Les journaux

cache_effective_user proxy
cache_effective_group proxy
cache_access_log /var/log/squid3/access.log common
cache_log /var/log/squid3/cache.log
cache_store_log /var/log/squid3/store.log
cache_swap_log /var/log/squid3/cache_swap.log
cache_mgr informatique@moa.fr
#LogFormat
logformat squid %tl %6tr %>a %Ss/%03>Hs %<Hs %<st %rm %ru %un %Sh/%<A %mt
#SquidGuard
url_rewrite_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf
url_rewrite_children 5
positive_dns_ttl 1 day
negative_dns_ttl 1 hour
[/code]

squidguard.conf:

[code]#

CONFIG FILE FOR SQUIDGUARD

dbhome /var/lib/squidguard/db
logdir /var/log/squid

TIME RULES:

abbrev for weekdays:

s = sun, m = mon, t =tue, w = wed, h = thu, f = fri, a = sat

#time workhours {

weekly mtwhf 08:00 - 18:30

date --01 08:00 - 18:30

#}

REWRITE RULES:

#rew dmz {

s@://admin/@://admin.foo.bar.de/@i

s@://foo.bar.de/@://www.foo.bar.de/@i

#}

SOURCE ADDRESSES:

src admin {
ip 10.176.155.82

user root foo bar

within workhours

}

src clients {
ip 10.176.155.0/24
}

DESTINATION CLASSES:

#dest good {
#}

#dest local {
#}

#dest adult {

domainlist adult/domains

urllist adult/urls

expressionlist adult/expressions

redirect http://admin.foo.bar.de/cgi-bin/squidGuard.cgi?clientad$

#}

dest adult {
domainlist adult/domains
urllist adult/urls
expressionlist adult/expressions
redirect http://google.fr
log adult.log
}
dest social_networks {
domainlist social_networks/domains
urllist social_networks/urls

log social.log

    }

acl {
admin {
pass any
}

    clients {
            pass !social_networks any
            redirect http://google.com
    }

    default {
            pass none

rewrite dmz

            redirect http://127.0.0.1/cgi-bin/squidGuard.cgi?clientaddr=%a+clientname=%n+clientident=%i+srcclass=%s+targetclass=%t+url=%u
    }

}
[/code]

en prenant bien soin de faire un su proxy puis squidGuard -C all squiGuard -u /etc/init.d.squid3 restart a chaque modif du fichier squidGuard.conf

maintenant je me prend la tête avec calamaris qui me sort une erreur de “emulate_httpd_log” à mettre sur off :confused:

#20

Et donc ? Ca fonctionne ?
Je n’ai pas eu le temps de regarder hier soir en fin de compte :frowning: