Topic: SquidGuard failed

[Paulc]

Hi I looked and didn't find so now I am asking.

I had a stable install of SquidGuard been in place about 12 months. Yesterday it began misbehaving. Behaviour was that it stopped passing content - sites including the internal site just timed out. Killing the squidguard processes had the immediate effect of causing the pages to display until SME restarted the squidGuard processes. I am currently running with SquidGuard disabled - simply by renaming the config file - with no problems browsing. Although squidGuard processes are running they are not filtering content for some unknown reason.

One thing I tried was downloading and installing the latest sme update with no effect. I tried to uninstall squidGuard with the message that it wasn't installed. Tried to do a replacepkgs which worked with the proxy error messages discussed elsewhere.

SME is 5.5 with the latest update now. Squidguard is according to the readme Interface 3.0 copyright Trevor Ouellette.

I am also running Dungogs ISP control rpms, and the cute link up/down monitor. I have done some Samba customisation and have a few other bits and pieces such as sqladmin.

I haven't touched anything for months now. Last change was to alter the ftp address to download the blacklists currently from http://squidguard.mesd.k12.or.us/blacklists.tgz.

While I am an IT professional I wouldn't say that I was expert in either SME or Linux - mostly because you guys make it so easy.

Any advice is greatly appreciated.

Cheers Paul

[dave]

I have at times experinced similar issues, usually restarting the suidguard service fixes it.  One time, I had to remove all cache files, and that took care of it.

Dave

[Paulc]

Hi,
     I fixed it. I think what happened was that the last time the server downloaded the blacklists, my supplier added a new category called "redirectors". Now that I have better experience reading the squidGuard logs I can see that it told me all about the problem.

To fix it I added a template fragment with that set of bad things (called a destination in squidguard speak), rebuilt the templates and restarted squid.

Two things I haven't figured out - 1) are redirectors bad and 2) if they are how to get the ! not sign in front on the ACL section of the config file.

Thanks for your help Dave.

Cheers Paul

[Paulc]

right, I think I have done this to death. The problem was that squidGuard all of a sudden ceased to pass pages - the browser just sat there until it timed out. Deleting the squidGuard.conf file caused squidGuard to work again but it passed everything including supposedly blocked sites.

SquidGuard logs now complained about  "dest "xxxx" doesn't exist and going into emergency mode" Emergency mode according to squidGuard.org is where the proxy passes everything.

I believe that the blacklist maintainer that I used - don't know whether there is one or many blacklists - added a new category. When I deleted squidGuard.conf e-smith happily recreated it. Creation is a dynamic process that looks at the actual directories to set the ACL section. It half got it right in that the new category was included in the ACL section but not the destination section. I added a template fragment to add the new destination, expanded the template and set the ACLs using the setacl script provided.

That left the question of how it determined whether a category should be blocked or included. Seems there is a hidden file .blocked in each category directory that flags it is to be blocked. Dredging back to my Banyan system programming days - the last time I actively worked in a Unix dialect - I used the ls -a commandline option to list it after figuring out the setacls script.

I hope all this helps some other sucker with the same problem - Suckers unite:-{)=

Cheers Paul