# [solved]problem with squid filtering

## PoYpOy

Hello,

I've been using squid 3.0.6 really well since the update I've made yesterday. Now, I'm on version 3.0.13 and it doesn't work anymore. I mean by "not working anymore" that the access.log file is empty, and the cache.log file doesn't seems to report anything wrong.

Nothing has been change in the squid.conf file so I don't know what could be the behaviour... I'm using with squid, SquidGuard and the logs of squidguard.log reports that it started sucessfully but I can access the not authorized website...

So, something really wierd it's happening. here bellow are my config files... Any idea?

Kindly Regards,

squid.conf file :

```

http_port 8080

cache_mgr it@mydomain.com

cache_effective_user squid

cache_effective_group squid

ftp_user anonymous@mydomain.com

#visible_hostname myproxy.mydomain.local

logfile_rotate 1

cache_mem 256 MB

cache_access_log /var/log/squid/access.log

cache_dir ufs /var/cache/squid/ncache 1024 16 256

#cache_dir null /dev/null

log_ip_on_direct off

access_log /var/log/squid/access.log squid

error_directory /var/www/localhost/htdocs/error/English

refresh_pattern ^ftp:           1440    20%     10080

refresh_pattern ^gopher:        1440    0%      1440

refresh_pattern cgi-bin         0       0%      0

refresh_pattern \?              0       0%      0

refresh_pattern .               0       20%     4320

debug_options ALL,1

#debug_options ALL,1 33

hosts_file /etc/hosts

dns_nameservers 192.168.1.251

redirect_program /usr/bin/squidGuard -c /etc/squidGuard/squidGuard.conf

redirect_children 16

auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --require-membership-of=MYDOMAIN+ggs_internet

auth_param ntlm children 16

auth_param ntlm keep_alive on

auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic --require-membership-of=MYDOMAIN+ggs_internet

auth_param basic children 16

auth_param basic realm Squid proxy-caching web server

auth_param basic credentialsttl 8 hours

auth_param basic casesensitive off

acl nocache_sites dstdomain .google.com mydomain.local

no_cache deny nocache_sites

acl bad url_regex "/etc/squid/bad_url"

#acl all src 0.0.0.0/0.0.0.0

acl mydomain_gva src 192.168.1.0/24

acl manager proto cache_object

acl localhost src 127.0.0.1/255.255.255.255

acl to_localhost dst 127.0.0.0/8

acl GLOBAL proxy_auth REQUIRED

acl SSL_ports port 443 563 8443 8500 10000

acl purge method PURGE

acl CONNECT method CONNECT

snmp_port 3401

acl snmppublic snmp_community public

acl manage_snmp src 192.168.1.0/255.255.255.0

snmp_access allow snmppublic mydomain_gva

acl Safe_ports port 21 70 80 210 280 443 488 554 563 591 777 1755 8080 8443 8500 10000 1024-65535

http_access deny !Safe_ports

http_access deny CONNECT !SSL_ports

icp_access allow all

http_access deny bad

http_access allow manager localhost GLOBAL

http_access deny manager

http_access allow purge localhost

http_access deny purge

http_access allow GLOBAL

http_access allow localhost

http_access deny all

http_reply_access allow all

```

/var/log/squid/cache.log

```

2009/03/18 12:20:31| Starting Squid Cache version 3.0.STABLE13 for i686-pc-linux-gnu...

2009/03/18 12:20:31| Process ID 4240

2009/03/18 12:20:31| With 1024 file descriptors available

2009/03/18 12:20:31| DNS Socket created at 0.0.0.0, port 33105, FD 6

2009/03/18 12:20:31| Adding nameserver 192.168.1.251 from squid.conf

2009/03/18 12:20:31| helperOpenServers: Starting 16 'squidGuard' processes

2009/03/18 12:20:31| helperStatefulOpenServers: Starting 16 'ntlm_auth' processes

2009/03/18 12:20:32| helperOpenServers: Starting 16 'ntlm_auth' processes

2009/03/18 12:20:33| User-Agent logging is disabled.

2009/03/18 12:20:33| Referer logging is disabled.

2009/03/18 12:20:33| Unlinkd pipe opened on FD 60

2009/03/18 12:20:33| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec

2009/03/18 12:20:33| Swap maxSize 1048576 KB, estimated 80659 objects

2009/03/18 12:20:33| Target number of buckets: 4032

2009/03/18 12:20:33| Using 8192 Store buckets

2009/03/18 12:20:33| Max Mem  size: 262144 KB

2009/03/18 12:20:33| Max Swap size: 1048576 KB

2009/03/18 12:20:33| Version 1 of swap file with LFS support detected...

2009/03/18 12:20:33| Rebuilding storage in /var/cache/squid/ncache (CLEAN)

2009/03/18 12:20:33| Using Least Load store dir selection

2009/03/18 12:20:33| Current Directory is /

2009/03/18 12:20:33| Loaded Icons.

2009/03/18 12:20:33| Accepting  HTTP connections at 0.0.0.0, port 8080, FD 62.

2009/03/18 12:20:33| HTCP Disabled.

2009/03/18 12:20:33| Accepting SNMP messages on port 3401, FD 63.

2009/03/18 12:20:33| Ready to serve requests.

2009/03/18 12:20:33| Done reading /var/cache/squid/ncache swaplog (0 entries)

2009/03/18 12:20:33| Finished rebuilding storage from disk.

2009/03/18 12:20:33|         0 Entries scanned

2009/03/18 12:20:33|         0 Invalid entries.

2009/03/18 12:20:33|         0 With invalid flags.

2009/03/18 12:20:33|         0 Objects loaded.

2009/03/18 12:20:33|         0 Objects expired.

2009/03/18 12:20:33|         0 Objects cancelled.

2009/03/18 12:20:33|         0 Duplicate URLs purged.

2009/03/18 12:20:33|         0 Swapfile clashes avoided.

2009/03/18 12:20:33|   Took 0.02 seconds (  0.00 objects/sec).

2009/03/18 12:20:33| Beginning Validation Procedure

2009/03/18 12:20:33|   Completed Validation Procedure

2009/03/18 12:20:33|   Validated 25 Entries

2009/03/18 12:20:33|   store_swap_size = 0

2009/03/18 12:20:34| storeLateRelease: released 0 objects

```

/var/log/squidGuard/squidGuard.log

```

2009-03-18 12:20:31 [4242] New setting: dbhome: /etc/squidGuard/db

2009-03-18 12:20:31 [4242] New setting: logdir: /var/log/squidGuard

2009-03-18 12:20:31 [4242] Added User: userad1

2009-03-18 12:20:31 [4242] Added User: userad2

2009-03-18 12:20:31 [4242] init domainlist /etc/squidGuard/db/blacklists/mydomain/domains

2009-03-18 12:20:31 [4242] loading dbfile /etc/squidGuard/db/blacklists/mydomain/domains.db

2009-03-18 12:20:31 [4242] init domainlist /etc/squidGuard/db/blacklists/mydomain/authorised

2009-03-18 12:20:31 [4242] loading dbfile /etc/squidGuard/db/blacklists/mydomain/authorised.db

2009-03-18 12:20:31 [4242] squidGuard 1.4 started (1237375231.610)

2009-03-18 12:20:31 [4242] Info: recalculating alarm in 23969 seconds

2009-03-18 12:20:31 [4242] squidGuard ready for requests (1237375231.622)

```

Last edited by PoYpOy on Thu Mar 19, 2009 9:43 am; edited 1 time in total

----------

## PoYpOy

Hello again,

little update. I've tried to go back to working version 3.0.10 or 3.0.6 but seems to be masked due to corrupted version (I dont know why). Well, I've done a emerge -av --deep squid   and now the access.log is populate, the websites are blocked but I can't go anywhere as I get a window asking me for a login and a password.

I'm using ntlm_auth to anthenticate my users over the AD. Doesn't seems to have the link in squid. But if I do a wbinfo -g or wbinfo -u in the shell, it returns correctly the users / groups.

So, I'm a bit lost.

Anybody has an idea of what could be this problem? How could I test the ntlm_auth in the shell please?

Kindly Regards,

Poy

----------

## nativemad

you lucky man you...   :Wink: 

https://bugs.gentoo.org/show_bug.cgi?id=260255

hope that helps!

greetings to geneva!

----------

## PoYpOy

Omggggg,

lucky me for sure. You pointed on the problem  :Smile:  I was getting really mad as the ntlm_auth command in the shell returns a successfull value....

I've added the permissions as explained your bug link, I've restarted the services and it works now...

```
chown root:squid /var/cache/samba/winbindd_privileged
```

Many thanks nativemad  :Wink: 

----------

