thr3ads.net - CentOS - [CentOS] Squid + SquidGuard : static block page not working [Mar 2018]

If this information is useful, please help other people find it:
Share via:

Nicolas Kovacs

2018-Mar-14 12:07 UTC

[CentOS] Squid + SquidGuard : static block page not working

Hi,

I've been working with Squid + SquidGuard for a few years, though only
on Slackware. I'm currently transferring my proxy expertise to CentOS 7,
and right now I'm having a little problem with that.

Squid works perfectly so far as a transparent HTTP + HTTPS cache proxy.

The next step is to add SquidGuard, so I installed it and edited the
most basic /etc/squid/squidGuard.conf file possible.

In this setup, my workstation (192.168.2.2) is allowed to access
anything on the Web, and all other client machines on the networks are
blocked and should be redirected to the avertissement.html block page
for every request.

--8<------------------------------------------------------------------
# /etc/squid/squidGuard.conf
dbhome /var/squidGuard
logdir /var/log/squidGuard

src admin {
  ip 192.168.2.2
}

acl {
  admin {
    pass any
  }
  default {
    pass none
    redirect http://nestor.microlinux.lan/avertissement.html
  }
}
--8<------------------------------------------------------------------

I appended the following lines to /etc/squid/squid.conf:

--8<------------------------------------------------------------------
# SquidGuard
url_rewrite_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf
url_rewrite_children 5
--8<------------------------------------------------------------------

Now this setup sort of works. My workstation can access anything, other
clients are blocked. Unfortunately, the block page avertissement.html is
not displayed. Instead, I get a Squid error page:

  The following error was encountered while trying to retrieve the URL:
  https://http/*

  Unable to determine IP address from host name "http".

Any idea why my static block page avertissement.html is not displayed?

Cheers,

Niki
-- 
Microlinux - Solutions informatiques durables
7, place de l'?glise - 30730 Montpezat
Site : https://www.microlinux.fr
Blog : https://blog.microlinux.fr
Mail : info at microlinux.fr
T?l. : 04 66 63 10 32

m.roth at 5-cent.us

2018-Mar-14 13:40 UTC

head link

[CentOS] Squid + SquidGuard : static block page not working

Nicolas Kovacs wrote:> Hi,
>
> I've been working with Squid + SquidGuard for a few years, though only
> on Slackware. I'm currently transferring my proxy expertise to CentOS
7,
> and right now I'm having a little problem with that.
>
> Squid works perfectly so far as a transparent HTTP + HTTPS cache proxy.
>
> The next step is to add SquidGuard, so I installed it and edited the
> most basic /etc/squid/squidGuard.conf file possible.
>
> In this setup, my workstation (192.168.2.2) is allowed to access
> anything on the Web, and all other client machines on the networks are
> blocked and should be redirected to the avertissement.html block page
> for every request.<SNIP>

Stupid questions:
   0. Does http://nestor.microlinux.lan/avertissement.html exist?
   1. What are its ownership and group?
   2. Can Apache access that directory and file?

    mark

Nicolas Kovacs

2018-Mar-14 13:50 UTC

head link

[CentOS] Squid + SquidGuard : static block page not working

Le 14/03/2018 ? 14:40, m.roth at 5-cent.us a ?crit?:> Stupid questions:
>    0. Does http://nestor.microlinux.lan/avertissement.html exist?
>    1. What are its ownership and group?
>    2. Can Apache access that directory and file?
> 
>     mark
Yes, the page exists, and it can be opened from any browser in the network.

Niki

-- 
Microlinux - Solutions informatiques durables
7, place de l'?glise - 30730 Montpezat
Site : https://www.microlinux.fr
Blog : https://blog.microlinux.fr
Mail : info at microlinux.fr
T?l. : 04 66 63 10 32

Nicolas Kovacs

2018-Mar-14 15:37 UTC

head link

[CentOS] Squid + SquidGuard : static block page not working

Le 14/03/2018 ? 14:40, m.roth at 5-cent.us a ?crit?:> Stupid questions:
>    0. Does http://nestor.microlinux.lan/avertissement.html exist?
>    1. What are its ownership and group?
>    2. Can Apache access that directory and file?
> 
>     mark
OK, I found the solution. Apparently I have to use a different syntax.

acl {
  admin {
    pass any
  }
  default {
    pass none
    redirect 302:http://nestor.microlinux.lan/avertissement.html
  }
}

Prefixing the block page URL with 302: did the trick.

Cheers,

Niki

-- 
Microlinux - Solutions informatiques durables
7, place de l'?glise - 30730 Montpezat
Site : https://www.microlinux.fr
Blog : https://blog.microlinux.fr
Mail : info at microlinux.fr
T?l. : 04 66 63 10 32

Nicolas Kovacs

2018-Mar-15 12:57 UTC

head link

[CentOS] Squid + SquidGuard : static block page not working

Le 14/03/2018 ? 14:40, m.roth at 5-cent.us a ?crit?:> Stupid questions:
>    0. Does http://nestor.microlinux.lan/avertissement.html exist?
>    1. What are its ownership and group?
>    2. Can Apache access that directory and file?
> 
>     mark
Problem solved.

https://blog.microlinux.fr/squidguard-centos/

Cheers,

Niki

-- 
Microlinux - Solutions informatiques durables
7, place de l'?glise - 30730 Montpezat
Site : https://www.microlinux.fr
Blog : https://blog.microlinux.fr
Mail : info at microlinux.fr
T?l. : 04 66 63 10 32

Possibly Parallel Threads

Search for more reasonably related threads

CentOS - Mar 2018 - Squid + SquidGuard : static block page not working

[CentOS] Squid + SquidGuard : static block page not working

[CentOS] Squid + SquidGuard : static block page not working

[CentOS] Squid + SquidGuard : static block page not working

[CentOS] Squid + SquidGuard : static block page not working

[CentOS] Squid + SquidGuard : static block page not working

Possibly Parallel Threads