[squid-users] Squidguard and LDAP question

From: Rob Hutton <[email protected]>
Date: Thu, 10 Jan 2008 09:14:59 -0500

I have posted to the squidGuard list, but haven't received a reply yet, so I
am hoping someone here can help.

I am trying to get squidGuard working with LDAP search for group membership.
I am trying to get 1.3 running on OpenSUSE 10.3. �I have also tried 1.2.1
with the same results. �When I run:

/usr/bin/squidGuard -c /etc/squid/squidGuard.conf -d

I get:

2008-01-09 20:55:31 [9296] New setting: logdir: /var/log/squidGuard
2008-01-09 20:55:31 [9296] New setting: dbhome: /var/lib/squidGuard/db
2008-01-09 20:55:31 [9296] New setting: ldapbinddn: cn=ldapbind, dc=domain,
dc=com
2008-01-09 20:55:31 [9296] New setting: ldapbindpass: myultrasecretpassword1
2008-01-09 20:55:31 [9296] New setting: ldapcachetime: 300
2008-01-09 20:55:31 [9296] New setting: ldapprotover: 2
2008-01-09 20:55:31 [9296] syntax error in
configfile /etc/squid/squidGuard.conf line 11
2008-01-09 20:55:31 [9296] going into emergency mode

Here is my config:

logdir /var/log/squidGuard
dbhome /var/lib/squidGuard/db
ldapbinddn � � �cn=ldapbind, dc=hiddenlakeacademy, dc=com
ldapbindpass � �myultrasecretpassword1

# ldap cache time in seconds
ldapcachetime �300
ldapprotover 2

src proxyadmins {
� ldapusersearch
ldap://10.20.8.32/cn=ProxyAdmin,ou=Proxy,ou=Groups,dc=hiddenlakeacademy,dc=com?sAMAccountName?sub?
(&(objectClass=Person)(sAMAccountName=%s))
}

src proxymanagers {
� ldapusersearch
ldap://10.20.8.32/cn=ProxyManage,ou=Proxy,ou=Groups,dc=hiddenlakeacademy,dc=com?sAMAccountName?sub?
(&(objectClass=Person)(sAMAccountName=%s))
}

src proxystaff {
� ldapusersearch
ldap://10.20.8.32/cn=ProxyStaff,ou=Proxy,ou=Proxydc=hiddenlakeacademy,dc=com?sAMAccountName?sub?
(&(objectClass=Person)(sAMAccountName=%s))
}

src proxystudents {
� ldapusersearch
ldap://10.20.8.32/cn=ProxyStudents,ou=Proxy,ou=Proxy,dc=hiddenlakeacademy,dc=com?sAMAccountName?sub?
(&(objectClass=Person)(sAMAccountName=%s))
}

dest bl_searchengines {
}

dest bl_weather {
}

dest bl_cleaning {
}

dest bl_ecommerce {
}

dest bl_beerliquorsale {
}

dest bl_culinary {
}

dest bl_banking {
}

dest bl_whitelist-stud {
}

dest bl_childcare {
}

dest bl_gardening {
}

dest bl_naturism {
}

dest bl_cellphones {
}

dest bl_onlineauctions {
}

dest bl_sports {
}

dest bl_sportnews {
}

dest bl_desktopsillies {
}

dest bl_whitelist-admin {
}

dest bl_updatesites {
}

dest bl_socialnetworking {
}

dest bl_antispyware {
}

dest bl_jobsearch {
}

dest bl_redirector {
}

dest bl_entertainment {
}

dest bl_pets {
}

dest bl_news {
}

dest bl_government {
}

dest bl_financial {
}

dest bl_clothing {
}

dest bl_audio-video {
}

dest bl_sect {
}

dest bl_whitelist-staff {
}

dest bl_religion {
}

dest bl_homerepair {
}

dest bl_filehosting {
}

dest bl_beerliquorinfo {
}

dest bl_spyware {
}

dest bl_hacking {
}

dest bl_reaffected {
}

dest bl_radio {
}

dest bl_astrology {
}

dest bl_verisign {
}

dest bl_ringtones {
}

dest bl_jewelry {
}

dest bl_vacation {
}

dest bl_hygiene {
}

dest bl_shopping {
}

dest bl_onlinepayment {
}

dest bl_medical {
}

dest bl_mobile-phone {
}

dest bl_personalfinance {
}

dest bl_marketingware {
}

dest bl_frencheducation {
}

dest bl_mixed_adult {
}

dest bl_suspect {
}

dest bl_whitelist {
}

dest bl_whitelist-manage {
}

dest bl_aggressive {
}

dest bl_gambling {
}

dest bl_virusinfected {
}

dest bl_dating {
}

dest bl_mail {
}

dest bl_kidstimewasting {
}

dest bl_games {
}

dest bl_violence {
}

dest bl_webmail {
}

dest bl_porn {
}

dest bl_blog {
}

dest bl_instantmessaging {
}

dest bl_warez {
}

dest bl_onlinegames {
}

dest bl_phishing {
}

dest bl_artnudes {
}

dest bl_guns {
}

dest bl_weapons {
}

dest bl_ads {
}

dest bl_drugs {
}

dest bl_chat {
}

dest bl_proxy {
}

dest bl_dialers {
}

dest bl_sexuality {
}

dest bl_adult {
}

dest blacklist {
� � domainlist blacklist/domains
� � urllist � �blacklist/urls
}

acl {
� blall {
� �
pass !bl_searchengines !bl_weather !bl_cleaning !bl_ecommerce !bl_beerliquorsale !bl_culinary !bl_banking !bl_whitelist-stud !bl_childcare !bl_gardening !bl_naturism !bl_cellphones !bl_onlineauctions !bl_sports !bl_sportnews !bl_desktopsillies !bl_whitelist-admin !bl_updatesites !bl_socialnetworking !bl_antispyware !bl_jobsearch !bl_redirector !bl_entertainment !bl_pets !bl_news !bl_government !bl_financial !bl_clothing !bl_audio-video !bl_sect !bl_whitelist-staff !bl_religion !bl_homerepair !bl_filehosting !bl_beerliquorinfo !bl_spyware !bl_hacking !bl_reaffected !bl_radio !bl_astrology !bl_verisign !bl_ringtones !bl_jewelry !bl_vacation !bl_hygiene !bl_shopping !bl_onlinepayment !bl_medical !bl_mobile-phone !bl_personalfinance !bl_marketingware !bl_frencheducation !bl_mixed_adult !bl_suspect !bl_whitelist !bl_whitelist-manage !bl_aggressive !bl_gambling !bl_virusinfected !bl_dating !bl_mail !bl_kidstimewasting !bl_games !bl_violence !bl_webmail !bl_porn !bl_blog !bl_instantmessaging !bl_warez !bl_onlinegames !bl_phishing !bl_artnudes !bl_guns !bl_weapons !bl_ads !bl_drugs !bl_chat !bl_proxy !bl_dialers !bl_sexuality !bl_adult
any
� }

� proxyadmins {
� � pass bl_whitelist_students bl_whitelist_staff bl_whitelist_manage
bl_whitelist_admin !bl_naturism !bl_redirector !bl_spyware !bl_hacking !bl_reaffected !bl_shopping !bl_marketingware !bl_mixed_adult !bl_suspect !bl_gambling !bl_virusinfected !bl_dating !bl_mail !bl_kidstimewasting !bl_games !bl_webmail !bl_blog !bl_instantmessaging !bl_warez !bl_onlinegames !bl_phishing !bl_artnudes !bl_guns !bl_weapons !bl_ads !bl_drugs !bl_chat !bl_proxy !bl_dialers !bl_sexuality !bl_adult
all
� � redirect
http://proxy.hiddenlakeacademy.com/blocked.php?clientaddr=%a&clientname=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u
� }

� proxymanagers {
� � pass bl_whitelist_students bl_whitelist_staff
bl_whitelist_manage !bl_naturism !bl_redirector !bl_spyware !bl_hacking !bl_reaffected !bl_shopping !bl_marketingware !bl_mixed_adult !bl_suspect !bl_gambling !bl_virusinfected !bl_dating !bl_mail !bl_kidstimewasting !bl_games !bl_webmail !bl_blog !bl_instantmessaging !bl_warez !bl_onlinegames !bl_phishing !bl_artnudes !bl_guns !bl_weapons !bl_ads !bl_drugs !bl_chat !bl_proxy !bl_dialers !bl_sexuality !bl_adult
all
� � redirect
http://proxy.hiddenlakeacademy.com/blocked.php?clientaddr=%a&clientname=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u
� }

� proxystaff {
� � pass bl_whitelist_students
bl_whitelist_staff !bl_naturism !bl_redirector !bl_spyware !bl_hacking !bl_reaffected !bl_shopping !bl_marketingware !bl_mixed_adult !bl_suspect !bl_gambling !bl_virusinfected !bl_dating !bl_mail !bl_kidstimewasting !bl_games !bl_webmail !bl_blog !bl_instantmessaging !bl_warez !bl_onlinegames !bl_phishing !bl_artnudes !bl_guns !bl_weapons !bl_ads !bl_drugs !bl_chat !bl_proxy !bl_dialers !bl_sexuality !bl_adult
all
� � � redirect
http://proxy.hiddenlakeacademy.com/blocked.php?clientaddr=%a&clientname=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u
� }

� proxystudents {
� � pass bl_whitelist_students none
� � � redirect
http://proxy.hiddenlakeacademy.com/blocked.php?clientaddr=%a&clientname=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u
� }

� default {
� � pass none
� � redirect
http://proxy.hiddenlakeacademy.com/blocked.php?clientaddr=%a&clientname=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u
� }
}

Rob Hutton
Service Manager
GetUWired
www.getuwired.us
(877) 236-9094
Received on Thu Jan 10 2008 - 07:14:57 MST

This archive was generated by hypermail pre-2.1.9 : Fri Feb 01 2008 - 12:00:04 MST