“UbuntuHelp:SquidGuard”的版本间的差异
来自Ubuntu中文
小 |
小 |
||
第1行: | 第1行: | ||
{{From|https://help.ubuntu.com/community/SquidGuard}} | {{From|https://help.ubuntu.com/community/SquidGuard}} | ||
{{Languages|UbuntuHelp:SquidGuard}} | {{Languages|UbuntuHelp:SquidGuard}} | ||
− | |||
− | |||
This howto describes the process of setting up Squid and SquidGuard for the purpose of internet content filtering. | This howto describes the process of setting up Squid and SquidGuard for the purpose of internet content filtering. | ||
− | |||
There are many different configuration options available. The settings used in this howto are very simplistic and may not suit your needs. In any case it will get you up and running. More complex settings can be added afterwards. | There are many different configuration options available. The settings used in this howto are very simplistic and may not suit your needs. In any case it will get you up and running. More complex settings can be added afterwards. | ||
− | |||
=== Introduction === | === Introduction === | ||
Squid is a proxy server, HTTP requests are sent to Squid instead of being sent directly to the internet. | Squid is a proxy server, HTTP requests are sent to Squid instead of being sent directly to the internet. | ||
− | |||
SquidGuard is a web filter plugin for Squid which is used to restrict access to domains/URLs based upon access control lists. When SquidGuard receives a request it is examined and will either allow the page to load or will redirect to a predetermined “block” page or script. SquidGuard makes its decisions based upon the use of access control lists and databases of domains, URLs, and expressions. | SquidGuard is a web filter plugin for Squid which is used to restrict access to domains/URLs based upon access control lists. When SquidGuard receives a request it is examined and will either allow the page to load or will redirect to a predetermined “block” page or script. SquidGuard makes its decisions based upon the use of access control lists and databases of domains, URLs, and expressions. | ||
− | |||
=== Installation === | === Installation === | ||
Make sure you have the Universe repository enabled | Make sure you have the Universe repository enabled | ||
− | |||
Install Squid and SquidGuard | Install Squid and SquidGuard | ||
<pre><nowiki> | <pre><nowiki> | ||
sudo apt-get install squid squidguard | sudo apt-get install squid squidguard | ||
</nowiki></pre> | </nowiki></pre> | ||
− | |||
If you don't have a web server installed | If you don't have a web server installed | ||
<pre><nowiki> | <pre><nowiki> | ||
sudo apt-get install apache2 | sudo apt-get install apache2 | ||
</nowiki></pre> | </nowiki></pre> | ||
− | |||
=== Key File Locations === | === Key File Locations === | ||
− | |||
− | |||
{|border="1" cellspacing="0" | {|border="1" cellspacing="0" | ||
|<rowstyle="background-color: #FFFFDD;"> '''File''' || '''Purpose''' | |<rowstyle="background-color: #FFFFDD;"> '''File''' || '''Purpose''' | ||
第41行: | 第30行: | ||
| /var/log/squid/squidGuard.log || SquidGuard log file | | /var/log/squid/squidGuard.log || SquidGuard log file | ||
|} | |} | ||
− | |||
=== Squid Configuration === | === Squid Configuration === | ||
The squid.conf file is huge, with hundreds of options. In this howto we will only be changing a few settings. | The squid.conf file is huge, with hundreds of options. In this howto we will only be changing a few settings. | ||
第48行: | 第36行: | ||
gksudo gedit /etc/squid/squid.conf | gksudo gedit /etc/squid/squid.conf | ||
</nowiki></pre> | </nowiki></pre> | ||
− | |||
Turn on line numbers in gedit (Edit > Preferences) | Turn on line numbers in gedit (Edit > Preferences) | ||
− | |||
Find the `http_port tag` (should be on or around line 53, its currently Line 89 in 7.10 release) By default it reads `# http_port 3128` This is the default port that Squid will listen on for requests. If you want to change it, uncomment the line and set the correct port. If you want Squid to listen only on one specific NIC, you can also change the IP address – for example `192.168.1.5:3128` | Find the `http_port tag` (should be on or around line 53, its currently Line 89 in 7.10 release) By default it reads `# http_port 3128` This is the default port that Squid will listen on for requests. If you want to change it, uncomment the line and set the correct port. If you want Squid to listen only on one specific NIC, you can also change the IP address – for example `192.168.1.5:3128` | ||
− | |||
Now we need to tell squid where squidguard is. Find the redirect_program tag (should be around line 1028) There is no default setting here, so we need to add our own line below the redirect_program description: | Now we need to tell squid where squidguard is. Find the redirect_program tag (should be around line 1028) There is no default setting here, so we need to add our own line below the redirect_program description: | ||
<pre><nowiki> | <pre><nowiki> | ||
redirect_program /usr/bin/squidGuard –c /etc/squid/squidGuard.conf | redirect_program /usr/bin/squidGuard –c /etc/squid/squidGuard.conf | ||
</nowiki></pre> | </nowiki></pre> | ||
− | |||
OK, now we'll setup who is allowed access to the proxy. Find the http_access section (should start around line 1860,line 2589 in 7.04 and line 2608 in 7.10 release) Uncomment these 2 lines: | OK, now we'll setup who is allowed access to the proxy. Find the http_access section (should start around line 1860,line 2589 in 7.04 and line 2608 in 7.10 release) Uncomment these 2 lines: | ||
<pre><nowiki> | <pre><nowiki> | ||
#http_access allow our_networks | #http_access allow our_networks | ||
</nowiki></pre> | </nowiki></pre> | ||
− | |||
You'll need to change 192.168.1.0/24 to match your network. Unless you have a second subnet you can delete 192.168.2.0/24 | You'll need to change 192.168.1.0/24 to match your network. Unless you have a second subnet you can delete 192.168.2.0/24 | ||
− | |||
if you get a startup error :- | if you get a startup error :- | ||
'FATAL: Could not determine fully qualified hostname. Please set visible_hostname' | 'FATAL: Could not determine fully qualified hostname. Please set visible_hostname' | ||
you will also need to modify the visible_hostname tag (around line 2909 in 7.10) to:- | you will also need to modify the visible_hostname tag (around line 2909 in 7.10) to:- | ||
− | |||
NOTE: this needs to be added as a new line in 7.10 (not sure about other releases) as there is no commented out line re-introduce. | NOTE: this needs to be added as a new line in 7.10 (not sure about other releases) as there is no commented out line re-introduce. | ||
− | |||
<pre><nowiki> | <pre><nowiki> | ||
visible_hostname localhost | visible_hostname localhost | ||
</nowiki></pre> | </nowiki></pre> | ||
− | |||
Save the file and close gedit | Save the file and close gedit | ||
− | |||
=== SquidGuard Configuration === | === SquidGuard Configuration === | ||
− | |||
For the purposes of this howto we will use a very simple configuration for SquidGuard, with only one category of sites that we want to block. More complex and useful configurations are explained on the official SquidGuard site. | For the purposes of this howto we will use a very simple configuration for SquidGuard, with only one category of sites that we want to block. More complex and useful configurations are explained on the official SquidGuard site. | ||
− | |||
First we will create a list of domains we want to block | First we will create a list of domains we want to block | ||
<pre><nowiki> | <pre><nowiki> | ||
第86行: | 第62行: | ||
gksudo gedit /var/lib/squidguard/db/weapons/domains | gksudo gedit /var/lib/squidguard/db/weapons/domains | ||
</nowiki></pre> | </nowiki></pre> | ||
− | |||
Insert the following, then save the file. | Insert the following, then save the file. | ||
<pre><nowiki> | <pre><nowiki> | ||
第93行: | 第68行: | ||
glock.com | glock.com | ||
</nowiki></pre> | </nowiki></pre> | ||
− | |||
proxy must own all the db files | proxy must own all the db files | ||
<pre><nowiki> | <pre><nowiki> | ||
sudo chown -R proxy:proxy /var/lib/squidguard/db | sudo chown -R proxy:proxy /var/lib/squidguard/db | ||
</nowiki></pre> | </nowiki></pre> | ||
− | |||
Now we edit our squidGuard.conf file. | Now we edit our squidGuard.conf file. | ||
<pre><nowiki> | <pre><nowiki> | ||
gksudo gedit /etc/squid/squidGuard.conf | gksudo gedit /etc/squid/squidGuard.conf | ||
</nowiki></pre> | </nowiki></pre> | ||
− | |||
Delete everything after the line: `logdir /var/log/squid` | Delete everything after the line: `logdir /var/log/squid` | ||
− | |||
Replace the deleted text with the following: | Replace the deleted text with the following: | ||
<pre><nowiki> | <pre><nowiki> | ||
第111行: | 第82行: | ||
domainlist weapons/domains | domainlist weapons/domains | ||
} | } | ||
− | |||
acl { | acl { | ||
default { | default { | ||
第119行: | 第89行: | ||
} | } | ||
</nowiki></pre> | </nowiki></pre> | ||
− | |||
Time to compile the domains list into a database | Time to compile the domains list into a database | ||
<pre><nowiki> | <pre><nowiki> | ||
sudo squidGuard –C all | sudo squidGuard –C all | ||
</nowiki></pre> | </nowiki></pre> | ||
− | |||
Create a page to redirect blocked requests to | Create a page to redirect blocked requests to | ||
<pre><nowiki> | <pre><nowiki> | ||
第131行: | 第99行: | ||
REMEMBER, this 'block.html' page points to the default web servers directories, probably Apache as installed above. You must have a web server running on the machine for this to work! or you get an error message with the redirect on the client's PC. You could also redirect it to another server running a web server and let it host the error pages. | REMEMBER, this 'block.html' page points to the default web servers directories, probably Apache as installed above. You must have a web server running on the machine for this to work! or you get an error message with the redirect on the client's PC. You could also redirect it to another server running a web server and let it host the error pages. | ||
Put whatever message you want in this page. | Put whatever message you want in this page. | ||
− | |||
Fire up squid and squidguard | Fire up squid and squidguard | ||
− | |||
If it is not running you can use :- | If it is not running you can use :- | ||
− | |||
sudo /etc/init.d/squid start|restart|stop | sudo /etc/init.d/squid start|restart|stop | ||
− | |||
then this will work | then this will work | ||
<pre><nowiki> | <pre><nowiki> | ||
squid -k reconfigure | squid -k reconfigure | ||
</nowiki></pre> | </nowiki></pre> | ||
− | |||
=== Testing === | === Testing === | ||
Change all your client browser settings to use your new proxy. | Change all your client browser settings to use your new proxy. | ||
− | |||
If you are using Firefox, this is done via Edit > Preferences > Connection Settings. Enter the IP address of your new Proxy server, and the port number you previously configure. | If you are using Firefox, this is done via Edit > Preferences > Connection Settings. Enter the IP address of your new Proxy server, and the port number you previously configure. | ||
− | |||
The 3 domains we added to our domains file should be blocked. | The 3 domains we added to our domains file should be blocked. | ||
− | |||
=== Troubleshooting === | === Troubleshooting === | ||
It is fairly common to run into problems. 99% of the time, it comes down to permissions or ownership of files. | It is fairly common to run into problems. 99% of the time, it comes down to permissions or ownership of files. | ||
− | |||
First of all, lets check what processes are running. | First of all, lets check what processes are running. | ||
<pre><nowiki> | <pre><nowiki> | ||
ps -e | grep squid | ps -e | grep squid | ||
</nowiki></pre> | </nowiki></pre> | ||
− | |||
You should see 1 or 2 squid processes, and 5 squidGuard processes. If not then lets restart Squid. | You should see 1 or 2 squid processes, and 5 squidGuard processes. If not then lets restart Squid. | ||
<pre><nowiki> | <pre><nowiki> | ||
squid -k reconfigure | squid -k reconfigure | ||
</nowiki></pre> | </nowiki></pre> | ||
− | |||
Again, check what processes are running. | Again, check what processes are running. | ||
− | |||
Still having problems? Check what's being written to the squidGuard.log file | Still having problems? Check what's being written to the squidGuard.log file | ||
<pre><nowiki> | <pre><nowiki> | ||
tail /var/log/squid/squidGuard.log | tail /var/log/squid/squidGuard.log | ||
</nowiki></pre> | </nowiki></pre> | ||
− | |||
You might see something here that mentions that SquidGuard has gone into emergency mode. If this is the case, the following may help. | You might see something here that mentions that SquidGuard has gone into emergency mode. If this is the case, the following may help. | ||
− | + | It is often useful to run squidGuard directly from the command line to see what it is doing. An example is: | |
+ | <pre><nowiki> | ||
+ | echo "http://www.somesite.com 10.0.0.1/ - - GET" | squidGuard -d -c /etc/squid/squidGuard.conf | ||
+ | </nowiki></pre> | ||
+ | This should be run as root. | ||
==== SquidGuard Emergency Mode ==== | ==== SquidGuard Emergency Mode ==== | ||
When squidguard starts up, it tries to do the following things: | When squidguard starts up, it tries to do the following things: | ||
− | + | # Read the configuration file | |
− | + | # Read the database or text files with the lists of sites to block | |
− | + | # Write to its log file | |
− | + | ||
If it fails to do any of these things, it goes into "emergency mode"; effectively this means that it doesn't do anything. | If it fails to do any of these things, it goes into "emergency mode"; effectively this means that it doesn't do anything. | ||
− | |||
The following problems will cause either 1, 2, or 3 to fail: | The following problems will cause either 1, 2, or 3 to fail: | ||
− | |||
* The configuration file is not in the place specified in squid.conf. Make sure squidguard is started with this line in squid.conf: | * The configuration file is not in the place specified in squid.conf. Make sure squidguard is started with this line in squid.conf: | ||
<pre><nowiki> | <pre><nowiki> | ||
redirect_program /usr/bin/squidGuard –c /etc/squid/squidGuard.conf | redirect_program /usr/bin/squidGuard –c /etc/squid/squidGuard.conf | ||
</nowiki></pre> | </nowiki></pre> | ||
− | |||
* The database files are not in the place defined in squidGuard.conf. Make sure the following is one of the first lines in squidGuard.conf: | * The database files are not in the place defined in squidGuard.conf. Make sure the following is one of the first lines in squidGuard.conf: | ||
<pre><nowiki> | <pre><nowiki> | ||
/var/lib/squidguard/db | /var/lib/squidguard/db | ||
</nowiki></pre> | </nowiki></pre> | ||
− | |||
* The ownership of the configuration file, logfiles, or blacklist files is not correct. These files should be owned by the user and group under which the squid program runs. In the case of Ubuntu, that user is `proxy` | * The ownership of the configuration file, logfiles, or blacklist files is not correct. These files should be owned by the user and group under which the squid program runs. In the case of Ubuntu, that user is `proxy` | ||
− | |||
* To make sure the ownership is correct, run the following commands: | * To make sure the ownership is correct, run the following commands: | ||
<pre><nowiki> | <pre><nowiki> | ||
chown proxy:proxy /etc/squid/squidGuard.conf | chown proxy:proxy /etc/squid/squidGuard.conf | ||
− | |||
chown -R proxy:proxy /var/lib/squidguard/db | chown -R proxy:proxy /var/lib/squidguard/db | ||
− | |||
chown -R proxy:proxy /var/log/squid/ | chown -R proxy:proxy /var/log/squid/ | ||
</nowiki></pre> | </nowiki></pre> | ||
− | |||
* The permissions of the configuration file, logfiles, or blacklist files is not correct. Set the permissions as follows: | * The permissions of the configuration file, logfiles, or blacklist files is not correct. Set the permissions as follows: | ||
<pre><nowiki> | <pre><nowiki> | ||
chmod 644 /etc/squid/squidGuard.conf | chmod 644 /etc/squid/squidGuard.conf | ||
− | |||
chmod -R 640 /var/lib/squidguard/db | chmod -R 640 /var/lib/squidguard/db | ||
− | |||
chmod -R 644 /var/log/squid/ | chmod -R 644 /var/log/squid/ | ||
− | |||
find /var/lib/squidguard/db -type d -exec chmod 755 \{\} \; -print | find /var/lib/squidguard/db -type d -exec chmod 755 \{\} \; -print | ||
− | |||
chmod 755 /var/log/squid | chmod 755 /var/log/squid | ||
</nowiki></pre> | </nowiki></pre> | ||
− | |||
* There is a line-end before the "{" character in source or dest lists: | * There is a line-end before the "{" character in source or dest lists: | ||
− | |||
Bad: | Bad: | ||
<pre><nowiki> | <pre><nowiki> | ||
第223行: | 第167行: | ||
{ | { | ||
</nowiki></pre> | </nowiki></pre> | ||
− | |||
Good: | Good: | ||
<pre><nowiki> | <pre><nowiki> | ||
dest weapons { | dest weapons { | ||
</nowiki></pre> | </nowiki></pre> | ||
− | |||
− | |||
After fixing these problems issue the command : `squid –k reconfigure` To restart Squid and SquidGuard with the new settings. | After fixing these problems issue the command : `squid –k reconfigure` To restart Squid and SquidGuard with the new settings. | ||
You also need to create Swap directories with 'squid -z' | You also need to create Swap directories with 'squid -z' | ||
If you still have errors you can start squid with 'squid -NCd1' which starts in debug/verbose mode which will show any errors. As above, the most likely will be permissions. | If you still have errors you can start squid with 'squid -NCd1' which starts in debug/verbose mode which will show any errors. As above, the most likely will be permissions. | ||
− | |||
=== External Links === | === External Links === | ||
*[http://www.squid-cache.org Official Squid site] | *[http://www.squid-cache.org Official Squid site] | ||
第239行: | 第179行: | ||
*[http://www.maynidea.com/squidguard/faq-plus.html SquidGuard FAQ] | *[http://www.maynidea.com/squidguard/faq-plus.html SquidGuard FAQ] | ||
*[http://www.squidguard.org/blacklist/ Downloadable blacklists] | *[http://www.squidguard.org/blacklist/ Downloadable blacklists] | ||
− | |||
=== In Need Of Further Documentation === | === In Need Of Further Documentation === | ||
− | |||
* More sophisticated configurations (source groups, time settings, more destination groups, urls, expressions) | * More sophisticated configurations (source groups, time settings, more destination groups, urls, expressions) | ||
* Using diff files | * Using diff files | ||
* Using Ident | * Using Ident | ||
− | |||
[[category:CategoryDocumentation]] [[category:CategoryCleanup]] [[category:CategoryNeedsExpansion]] | [[category:CategoryDocumentation]] [[category:CategoryCleanup]] [[category:CategoryNeedsExpansion]] | ||
[[category:UbuntuHelp]] | [[category:UbuntuHelp]] |
2007年11月30日 (五) 21:33的版本
点击翻译: |
English |
请不要直接编辑翻译本页,本页将定期与来源同步。 |
This howto describes the process of setting up Squid and SquidGuard for the purpose of internet content filtering. There are many different configuration options available. The settings used in this howto are very simplistic and may not suit your needs. In any case it will get you up and running. More complex settings can be added afterwards.
目录
Introduction
Squid is a proxy server, HTTP requests are sent to Squid instead of being sent directly to the internet. SquidGuard is a web filter plugin for Squid which is used to restrict access to domains/URLs based upon access control lists. When SquidGuard receives a request it is examined and will either allow the page to load or will redirect to a predetermined “block” page or script. SquidGuard makes its decisions based upon the use of access control lists and databases of domains, URLs, and expressions.
Installation
Make sure you have the Universe repository enabled Install Squid and SquidGuard
sudo apt-get install squid squidguard
If you don't have a web server installed
sudo apt-get install apache2
Key File Locations
<rowstyle="background-color: #FFFFDD;"> File | Purpose |
/etc/squid/squid.conf | Squid configuration file |
/var/log/squid/access.log | Squid access log file |
/etc/squid/squidGuard.conf | SquidGuard configuration file |
/var/lib/squidguard/db | SquidGuard database files |
/var/log/squid/squidGuard.log | SquidGuard log file |
Squid Configuration
The squid.conf file is huge, with hundreds of options. In this howto we will only be changing a few settings. Open the squid.conf file for editing
gksudo gedit /etc/squid/squid.conf
Turn on line numbers in gedit (Edit > Preferences) Find the `http_port tag` (should be on or around line 53, its currently Line 89 in 7.10 release) By default it reads `# http_port 3128` This is the default port that Squid will listen on for requests. If you want to change it, uncomment the line and set the correct port. If you want Squid to listen only on one specific NIC, you can also change the IP address – for example `192.168.1.5:3128` Now we need to tell squid where squidguard is. Find the redirect_program tag (should be around line 1028) There is no default setting here, so we need to add our own line below the redirect_program description:
redirect_program /usr/bin/squidGuard –c /etc/squid/squidGuard.conf
OK, now we'll setup who is allowed access to the proxy. Find the http_access section (should start around line 1860,line 2589 in 7.04 and line 2608 in 7.10 release) Uncomment these 2 lines:
#http_access allow our_networks
You'll need to change 192.168.1.0/24 to match your network. Unless you have a second subnet you can delete 192.168.2.0/24 if you get a startup error :- 'FATAL: Could not determine fully qualified hostname. Please set visible_hostname' you will also need to modify the visible_hostname tag (around line 2909 in 7.10) to:- NOTE: this needs to be added as a new line in 7.10 (not sure about other releases) as there is no commented out line re-introduce.
visible_hostname localhost
Save the file and close gedit
SquidGuard Configuration
For the purposes of this howto we will use a very simple configuration for SquidGuard, with only one category of sites that we want to block. More complex and useful configurations are explained on the official SquidGuard site. First we will create a list of domains we want to block
sudo mkdir /var/lib/squidguard/db/weapons/ gksudo gedit /var/lib/squidguard/db/weapons/domains
Insert the following, then save the file.
israeli-weapons.com uws.com glock.com
proxy must own all the db files
sudo chown -R proxy:proxy /var/lib/squidguard/db
Now we edit our squidGuard.conf file.
gksudo gedit /etc/squid/squidGuard.conf
Delete everything after the line: `logdir /var/log/squid` Replace the deleted text with the following:
dest weapons { domainlist weapons/domains } acl { default { pass !weapons redirect http://yourip/block.html } }
Time to compile the domains list into a database
sudo squidGuard –C all
Create a page to redirect blocked requests to
sudo nano /var/www/block.html
REMEMBER, this 'block.html' page points to the default web servers directories, probably Apache as installed above. You must have a web server running on the machine for this to work! or you get an error message with the redirect on the client's PC. You could also redirect it to another server running a web server and let it host the error pages. Put whatever message you want in this page. Fire up squid and squidguard If it is not running you can use :- sudo /etc/init.d/squid start|restart|stop then this will work
squid -k reconfigure
Testing
Change all your client browser settings to use your new proxy. If you are using Firefox, this is done via Edit > Preferences > Connection Settings. Enter the IP address of your new Proxy server, and the port number you previously configure. The 3 domains we added to our domains file should be blocked.
Troubleshooting
It is fairly common to run into problems. 99% of the time, it comes down to permissions or ownership of files. First of all, lets check what processes are running.
ps -e | grep squid
You should see 1 or 2 squid processes, and 5 squidGuard processes. If not then lets restart Squid.
squid -k reconfigure
Again, check what processes are running. Still having problems? Check what's being written to the squidGuard.log file
tail /var/log/squid/squidGuard.log
You might see something here that mentions that SquidGuard has gone into emergency mode. If this is the case, the following may help. It is often useful to run squidGuard directly from the command line to see what it is doing. An example is:
echo "http://www.somesite.com 10.0.0.1/ - - GET" | squidGuard -d -c /etc/squid/squidGuard.conf
This should be run as root.
SquidGuard Emergency Mode
When squidguard starts up, it tries to do the following things:
- Read the configuration file
- Read the database or text files with the lists of sites to block
- Write to its log file
If it fails to do any of these things, it goes into "emergency mode"; effectively this means that it doesn't do anything. The following problems will cause either 1, 2, or 3 to fail:
- The configuration file is not in the place specified in squid.conf. Make sure squidguard is started with this line in squid.conf:
redirect_program /usr/bin/squidGuard –c /etc/squid/squidGuard.conf
- The database files are not in the place defined in squidGuard.conf. Make sure the following is one of the first lines in squidGuard.conf:
/var/lib/squidguard/db
- The ownership of the configuration file, logfiles, or blacklist files is not correct. These files should be owned by the user and group under which the squid program runs. In the case of Ubuntu, that user is `proxy`
- To make sure the ownership is correct, run the following commands:
chown proxy:proxy /etc/squid/squidGuard.conf chown -R proxy:proxy /var/lib/squidguard/db chown -R proxy:proxy /var/log/squid/
- The permissions of the configuration file, logfiles, or blacklist files is not correct. Set the permissions as follows:
chmod 644 /etc/squid/squidGuard.conf chmod -R 640 /var/lib/squidguard/db chmod -R 644 /var/log/squid/ find /var/lib/squidguard/db -type d -exec chmod 755 \{\} \; -print chmod 755 /var/log/squid
- There is a line-end before the "{" character in source or dest lists:
Bad:
dest weapons {
Good:
dest weapons {
After fixing these problems issue the command : `squid –k reconfigure` To restart Squid and SquidGuard with the new settings. You also need to create Swap directories with 'squid -z' If you still have errors you can start squid with 'squid -NCd1' which starts in debug/verbose mode which will show any errors. As above, the most likely will be permissions.
External Links
In Need Of Further Documentation
- More sophisticated configurations (source groups, time settings, more destination groups, urls, expressions)
- Using diff files
- Using Ident