# Need help with squidGuard [SOLVED by not using squidguard]

## mocsokmike

I have a working squid + squidGuard installation, I plan to use it as an URL filtering proxy and gateway.

I also want to use proxy authentication because I need to be able to fine-tune URL filtering by users.

My squidGuard segfaults when I enable the "src" block in its config file, where I would like to enter some usernames who should be able to visit certain sites.

In fact, when I enable that block squidGuard constantly crashes and restarts resulting in huge CPU and memory usage and a non-working proxy.

"USER" and "IP" were replaced with real data when I tested this.

My squidGuard.conf is:

```
logdir /var/log/squidGuard

dbhome /etc/squidGuard/db

#src privileged {

#       user            USER

#}

dest timewaster {

        domainlist      timewaster

}

dest porn {

        domainlist      porn

}

dest warez {

        domainlist      warez

}

acl {

#       privileged {

#               pass !porn !warez all

#       }

        default {

                pass !timewaster !porn !warez all

                redirect http://our-webserver/proxy/index.php?ip=%a&user=%i&url=%u&dest=%t&src=%s&domain=%n&path=%p

        }

}
```

When the config file is as I pasted above, it works properly:

```
gw1 squid # echo "http://www.bittorrent.com IP/- USER GET" | squidGuard -d

2015-02-27 17:27:17 [23695] New setting: logdir: /var/log/squidGuard

2015-02-27 17:27:17 [23695] New setting: dbhome: /etc/squidGuard/db

2015-02-27 17:27:17 [23695] init domainlist /etc/squidGuard/db/timewaster

2015-02-27 17:27:17 [23695] loading dbfile /etc/squidGuard/db/timewaster.db

2015-02-27 17:27:17 [23695] init domainlist /etc/squidGuard/db/porn

2015-02-27 17:27:17 [23695] loading dbfile /etc/squidGuard/db/porn.db

2015-02-27 17:27:17 [23695] init domainlist /etc/squidGuard/db/warez

2015-02-27 17:27:17 [23695] loading dbfile /etc/squidGuard/db/warez.db

2015-02-27 17:27:17 [23695] squidGuard 1.4 started (1425054437.437)

2015-02-27 17:27:17 [23695] squidGuard ready for requests (1425054437.437)

2015-02-27 17:27:17 [23695] source not found

2015-02-27 17:27:17 [23695] no ACL matching source, using default

http://10.0.0.24/proxy/index.php?ip=IP&user=USER&url=http://www.bittorrent.com&dest=warez&src=default&domain=&path= IP/- USER GET

2015-02-27 17:27:17 [23695] squidGuard stopped (1425054437.438)
```

But when I uncomment the commented lines, this happens:

```
gw1 squid # echo "http://www.bittorrent.com IP/- USER GET" | squidGuard -d

2015-02-27 17:28:26 [23740] New setting: logdir: /var/log/squidGuard

2015-02-27 17:28:26 [23740] New setting: dbhome: /etc/squidGuard/db

Segmentation fault
```

Again, I need to use the "src" section, but it is clearly the cause of the segfault. Anyone knows why?

My versions are:

```
net-proxy/squidguard-1.4-r4  USE="-ldap"

net-proxy/squid-3.5.1  USE="htcp pam ssl wccp wccpv2 -caps -ecap -esi (-ipf-transparent) -ipv6 -kerberos (-kqueue) -ldap -logrotate -mysql -nis (-pf-transparent) -postgres -qos -radius -samba -sasl (-selinux) -snmp -sqlite -ssl-crtd {-test} -tproxy"
```

----------

## Hu

No configuration file input, no matter how ill-formed, can cause a non-buggy program to crash.  If you are getting a crash, then you have found a bug.  Please report it to the developers.

----------

## mocsokmike

I sent a bug report to their e-mail address I found on their website, and will post the results here.

EDIT: http://openbsd.7691.n7.nabble.com/Fix-www-squidguard-segfault-on-64-bit-td232627.html

Think I will move away from SG and try to find something similar instead.

EDIT 2: five days after sending the bug report I received this:

```
<sg-bugs@squidguard.org>: connect to mail.squidguard.org[85.214.21.246]:25:

    Connection refused
```

I think squidguard is dead. I could do what I wanted using Squid alone, so from my point of view this problem does not exist anymore.

----------

