SquidGuard i nove crne liste

SquidGuard o čijoj sam instalaciji pisala u ovom postu jeste već prilično star, ali mu je produžen životni vek zahvaljujući novim crnim listama koje se mogu naći na ovoj lokaciji.
Pošto sam ja već postavila SG sa starim listama, ovo je uputstvo kako mu dodati te nove liste.

1. Skinuti nove i proširene liste
Mogu se skinuti sve liste (kako je dole urađeno), ili samo pojedinačne klase.
# wget http://dsi.ut-capitole.fr/blacklists/download/blacklists.tar.gz
2. Razviti ih u nekom lokalnom folderu na serveru
# tar xvfz blacklists.tar.gz
Dobija se folder blacklists, pod kojim je gomila podfoldera, po kategorijama (paziti, umesto ranije kategorije “porn” sada postoji kategorija “adult”).
3. Kopirati novorazvijene liste na lokaciju : /usr/local/squidGuard/db/blacklists (po mom mišljenju stari spiskovi se mogu mirno prepisati novim sadržajem). Paziti na prava i vlasništva nad folderima i njihovim sadržajem, ona treba da budu :
drwxrwx— 2 squid squid 4096 Aug 26 15:08 ads
drwxrwx— 2 squid squid 4096 Aug 26 15:08 aggressive
…..
# chown -R squid.squid /usr/local/squidGuard/db/blacklists/
# chmod -R 770 /usr/local/squidGuard/db/*
4. Srediti liste da budu upotrebljive :
# pwd
/usr/local/squidGuard/db
# squidGuard -u -C all
Paralelno u drugom prozoru :
# tail -f /usr/local/squidGuard/log/squidGuard.log
…..
2013-11-26 14:39:55 [7126] squidGuard 1.4 started (1385473195.539)
2013-11-26 14:39:55 [7126] db update done
2013-11-26 14:39:55 [7126] squidGuard stopped (1385473195.905)
Time se u svakom od podfoldera /usr/local/squidGuard/db/blacklists/ pravi nove fajlove urls.db i domains.db.
PAZITI!!! Ovime će biti obrađene samo liste koje su navedene u /usr/local/squidGuard/squidGuard.conf fajlu.
4a. Važno!!! Vlasništva i prava nad novim BL :
# chmod -R 770 /usr/local/squidGuard/db/*
# chown -R squid.squid /usr/local/squidGuard/db/blacklists/
5. Restartovati squid
# service squid reload ovo je dovoljno, da pokupi novu konfiguraciju
6. Testirati rad
# echo “http://www.pussy.com 10.10.10.143/ – – GET” | squidGuard -c /usr/local/squidGuard/squidGuard.conf -d
2013-08-28 08:57:27 [6710] New setting: dbhome: /usr/local/squidGuard/db
2013-08-28 08:57:27 [6710] New setting: logdir: /usr/local/squidGuard/log
2013-08-28 08:57:27 [6710] Added User: root
2013-08-28 08:57:27 [6710] destblock good missing active content, set inactive
2013-08-28 08:57:27 [6710] destblock local missing active content, set inactive
2013-08-28 08:57:27 [6710] init domainlist /usr/local/squidGuard/db/blacklists/porn/domains
2013-08-28 08:57:27 [6710] loading dbfile /usr/local/squidGuard/db/blacklists/porn/domains.db
2013-08-28 08:57:27 [6710] init urllist /usr/local/squidGuard/db/blacklists/porn/urls
2013-08-28 08:57:27 [6710] loading dbfile /usr/local/squidGuard/db/blacklists/porn/urls.db
2013-08-28 08:57:27 [6710] init expressionlist /usr/local/squidGuard/db/blacklists/porn/expressions
2013-08-28 08:57:27 [6710] init domainlist /usr/local/squidGuard/db/blacklists/adult/domains
2013-08-28 08:57:27 [6710] loading dbfile /usr/local/squidGuard/db/blacklists/adult/domains.db
2013-08-28 08:57:27 [6710] init urllist /usr/local/squidGuard/db/blacklists/adult/urls
2013-08-28 08:57:27 [6710] loading dbfile /usr/local/squidGuard/db/blacklists/adult/urls.db
2013-08-28 08:57:27 [6710] init expressionlist /usr/local/squidGuard/db/blacklists/adult/expressions
2013-08-28 08:57:27 [6710] squidGuard 1.4 started (1377673047.850)
2013-08-28 08:57:27 [6710] Info: recalculating alarm in 27153 seconds
2013-08-28 08:57:27 [6710] squidGuard ready for requests (1377673047.854)
2013-08-28 08:57:27 [6710] source not found
2013-08-28 08:57:27 [6710] no ACL matching source, using default
2013-08-28 08:57:27 [6710] Request(default/porn/-) http://www.pussy.com 10.32.34.140/- – – REDIRECT
http://10.10.10.94 10.10.10.143/- – –
2013-08-28 08:57:27 [6710] squidGuard stopped (1377673047.854)
7. Konfiguracioni fajl squidGuard.conf
dbhome /usr/local/squidGuard/db
logdir /usr/local/squidGuard/log
# TIME RULES:
# abbrev for weekdays:
# s = sun, m = mon, t =tue, w = wed, h = thu, f = fri, a = sat
time workhours {
weekly mtwhf 08:00 – 16:30
date *-*-01 08:00 – 16:30
}
# SOURCE ADDRESSES: Ovo je obavezno definisati, radi administracije
src admin {
ip 10.10.10.140
user root
within workhours
}
# DESTINATION CLASSES: Ovde se definišu koje su liste aktivne
dest porn {
domainlist blacklists/porn/domains
urllist blacklists/porn/urls
redirect http://10.10.10.94
log porn.log
}
dest adult {
domainlist blacklists/adult/domains
urllist blacklists/adult/urls
redirect http://10.10.10.94
log adult.log
}
dest audio-video {
domainlist blacklists/audio-video/domains
urllist blacklists/audio-video/urls
redirect http://10.10.10.94
log audio-video.log
}
dest social_networks {
domainlist blacklists/social_networks/domains
urllist blacklists/social_networks/urls
redirect http://10.10.10.94
log audio-video.log
}
##########################
src pojedinacno {
#Definicija po pojedinačnim IP adresama i/ili po celim opsezima
ip 10.10.10.10 10.10.10.11
}
src opseg {
ip 10.1.2.0/24
}
##########################
acl {
#Ovde se definiše access lista(e), i šta za koga važi
admin {
#Administrator može svuda
pass all
}
pojedinacno {
#Pojedinačno definisane IP mogu svuda sem na sex sajtove
pass !porn !adult all
redirect http://10.10.10.94
}
opseg {
pass !porn !adult all
redirect http://10.10.10.94
}
default {
#Svi ostali ne smeju ni na jednu od zabranjenih skupina sajtova
pass !porn !adult !audio-video !social_networks all
redirect http://10.10.10.94
}
}
************************************
Ne zaboraviti, kada se definiše ova SCL, da se njen sadržaj uskladi sa ACL-ovima koji su definisani pod samim Squid-om!
************************************
8. Testiranje konfiguracije
Sa samog proxy servera pustiti sledeću komandu :
# echo “http://www.example.com IP-adresa-klijenta/ – – GET” | squidGuard -c /usr/local/squidGuard/squidGuard.conf -d
2013-11-27 11:46:56 [11332] New setting: dbhome: /usr/local/squidGuard/db
2013-11-27 11:46:56 [11332] New setting: logdir: /usr/local/squidGuard/log
2013-11-27 11:46:56 [11332] Added User: root
2013-11-27 11:46:56 [11332] init domainlist /usr/local/squidGuard/db/blacklists/porn/domains
2013-11-27 11:46:56 [11332] loading dbfile /usr/local/squidGuard/db/blacklists/porn/domains.db
2013-11-27 11:46:56 [11332] init urllist /usr/local/squidGuard/db/blacklists/porn/urls
2013-11-27 11:46:56 [11332] loading dbfile /usr/local/squidGuard/db/blacklists/porn/urls.db
2013-11-27 11:46:56 [11332] init domainlist /usr/local/squidGuard/db/blacklists/adult/domains
2013-11-27 11:46:56 [11332] loading dbfile /usr/local/squidGuard/db/blacklists/adult/domains.db
2013-11-27 11:46:56 [11332] init urllist /usr/local/squidGuard/db/blacklists/adult/urls
2013-11-27 11:46:56 [11332] loading dbfile /usr/local/squidGuard/db/blacklists/adult/urls.db
2013-11-27 11:46:56 [11332] init domainlist /usr/local/squidGuard/db/blacklists/audio-video/domains
2013-11-27 11:46:56 [11332] loading dbfile /usr/local/squidGuard/db/blacklists/audio-video/domains.db
2013-11-27 11:46:56 [11332] init urllist /usr/local/squidGuard/db/blacklists/audio-video/urls
2013-11-27 11:46:56 [11332] loading dbfile /usr/local/squidGuard/db/blacklists/audio-video/urls.db
2013-11-27 11:46:56 [11332] init domainlist /usr/local/squidGuard/db/blacklists/social_networks/domains
2013-11-27 11:46:56 [11332] loading dbfile /usr/local/squidGuard/db/blacklists/social_networks/domains.db
2013-11-27 11:46:56 [11332] init urllist /usr/local/squidGuard/db/blacklists/social_networks/urls
2013-11-27 11:46:56 [11332] loading dbfile /usr/local/squidGuard/db/blacklists/social_networks/urls.db
2013-11-27 11:46:56 [11332] init domainlist /usr/local/squidGuard/db/whitelists/custom/domains
2013-11-27 11:46:56 [11332] loading dbfile /usr/local/squidGuard/db/whitelists/custom/domains.db
2013-11-27 11:46:56 [11332] init urllist /usr/local/squidGuard/db/whitelists/custom/urls
2013-11-27 11:46:56 [11332] loading dbfile /usr/local/squidGuard/db/whitelists/custom/urls.db
2013-11-27 11:46:56 [11332] squidGuard 1.4 started (1385549216.180)
2013-11-27 11:46:56 [11332] Info: recalculating alarm in 16984 seconds
2013-11-27 11:46:56 [11332] squidGuard ready for requests (1385549216.187)
2013-11-27 11:46:56 [11332] source not found
2013-11-27 11:46:56 [11332] no ACL matching source, using default
2013-11-27 11:46:56 [11332] squidGuard stopped (1385549216.187)

No matching ACL list, jer IP adresa samog servera i NIJE ni u jednoj od lista koje smo napravili. Na ovaj način, izmenom te IP adrese mogu se proveriti ACL liste.

This entry was posted in Linux and tagged , . Bookmark the permalink.

Comments are closed.