Nethserver Firewall and Squid Guard

Harold_Maponde_Shama · August 1, 2017, 9:19am

I don’t have that location, could it be in a different location.
This is what i have:
[root@AMANOSRV03 squid]# ls
access.log access.log-20170731.gz cache.log-20170723.gz ufdbgclient.log-20170716.gz
access.log-20170703.gz cache.log cache.log-20170731.gz ufdbgclient.log-20170723.gz
access.log-20170709.gz cache.log-20170703.gz ufdbgclient.log ufdbgclient.log-20170731.gz
access.log-20170716.gz cache.log-20170709.gz ufdbgclient.log-20170703.gz
access.log-20170723.gz cache.log-20170716.gz ufdbgclient.log-20170709.gz

[root@AMANOSRV03 squid]# /var/log/squid/

m.traeumner · August 1, 2017, 10:00am

try

cd /
find -name squidGuard.log

The G of Guard has to be upper case.

Harold_Maponde_Shama · August 1, 2017, 10:08am

No results

m.traeumner · August 1, 2017, 10:34am

Sorry, it is at your config:

/var/log/ufdbguard

Harold_Maponde_Shama · August 1, 2017, 11:41am

2017-08-01 13:42:46 [2099] BLOCK acs-t16$ 2017-08-01 13:42:46 [2099] BLOCK acs-t16$ 2017-08-01 13:42:46 [2099] BLOCK acs-t16$ 2017-08-01 13:42:46 [2099] BLOCK mthunzid 2017-08-01 13:42:47 [2099] BLOCK acs-s18$ 2017-08-01 13:42:48 [2099] BLOCK mthunzid 2017-08-01 13:42:49 [2099] BLOCK acs-s18$ 2017-08-01 13:42:49 [2099] BLOCK acs-s18$ 2017-08-01 13:42:49 [2099] BLOCK acs-s18$ 2017-08-01 13:42:49 [2099] BLOCK acs-s18$ 2017-08-01 13:42:49 [2099] BLOCK acs-s18$ 2017-08-01 13:42:49 [2099] BLOCK acs-s18$ 2017-08-01 13:42:49 [2099] BLOCK acs-s18$ 2017-08-01 13:42:49 [2099] BLOCK acs-s18$ 2017-08-01 13:42:49 [2099] BLOCK acs-s18$ 2017-08-01 13:42:49 [2099] BLOCK acs-s18$ 2017-08-01 13:42:50 [2099] BLOCK mthunzid 2017-08-01 13:42:50 [2099] BLOCK mthunzid 2017-08-01 13:42:50 [2099] BLOCK yarelc 2017-08-01 13:42:51 [2099] BLOCK acs-s18$ 2017-08-01 13:42:52 [2099] BLOCK acs-t17$ 2017-08-01 13:42:52 [2099] BLOCK acs-t17$ 2017-08-01 13:42:52 [2099] BLOCK acs-t17$ 2017-08-01 13:42:52 [2099] BLOCK acs-t17$ 2017-08-01 13:42:52 [2099] BLOCK acs-t17$ 2017-08-01 13:42:52 [2099] BLOCK acs-t17$ 2017-08-01 13:42:52 [2099] BLOCK acs-t17$ 2017-08-01 13:42:52 [2099] BLOCK acs-t17$ 2017-08-01 13:42:52 [2099] BLOCK acs-t17$ 2017-08-01 13:42:52 [2099] BLOCK acs-t17$ 2017-08-01 13:42:52 [2099] BLOCK mthunzid 2017-08-01 13:42:53 [2099] BLOCK acs-t17$ 2017-08-01 13:42:53 [2099] BLOCK acs-t17$ 2017-08-01 13:42:53 [2099] BLOCK acs-t17$ 2017-08-01 13:42:53 [2099] BLOCK acs-t17$ 2017-08-01 13:42:53 [2099] BLOCK acs-t17$ 2017-08-01 13:42:53 [2099] BLOCK acs-t17$ 2017-08-01 13:42:53 [2099] BLOCK acs-t17$ 2017-08-01 13:42:53 [2099] BLOCK acs-t17$ 2017-08-01 13:42:53 [2099] BLOCK acs-t17$ 2017-08-01 13:42:53 [2099] BLOCK acs-t17$ 2017-08-01 13:42:53 [2099] BLOCK mthunzid 2017-08-01 13:42:53 [2099] BLOCK simont 2017-08-01 13:42:53 [2099] BLOCK acs-t17$ 2017-08-01 13:42:53 [2099] BLOCK acs-t17$ 2017-08-01 13:42:53 [2099] BLOCK acs-t17$ 2017-08-01 13:42:53 [2099] BLOCK acs-t17$ 2017-08-01 13:42:53 [2099] BLOCK acs-t17$ 2017-08-01 13:42:53 [2099] BLOCK acs-t17$ 2017-08-01 13:42:53 [2099] BLOCK acs-t17$ 2017-08-01 13:42:53 [2099] BLOCK acs-t17$ 2017-08-01 13:42:53 [2099] BLOCK acs-t17$ 2017-08-01 13:42:53 [2099] BLOCK acs-t17$ 2017-08-01 13:42:54 [2099] BLOCK acs-t17$ 2017-08-01 13:42:54 [2099] BLOCK acs-t17$ 2017-08-01 13:42:54 [2099] BLOCK acs-t17$ 2017-08-01 13:42:54 [2099] BLOCK acs-t17$ 2017-08-01 13:42:54 [2099] BLOCK acs-t17$ 2017-08-01 13:42:54 [2099] BLOCK acs-t17$ 2017-08-01 13:42:54 [2099] BLOCK acs-t17$ 2017-08-01 13:42:54 [2099] BLOCK acs-t17$ 2017-08-01 13:42:54 [2099] BLOCK acs-t17$ 2017-08-01 13:42:54 [2099] BLOCK acs-t17$ 2017-08-01 13:42:54 [2099] BLOCK mthunzid 2017-08-01 13:42:54 [2099] BLOCK acs-t17$ 2017-08-01 13:42:54 [2099] BLOCK acs-t17$ 2017-08-01 13:42:54 [2099] BLOCK acs-t17$ 2017-08-01 13:42:54 [2099] BLOCK acs-t17$ 2017-08-01 13:42:54 [2099] BLOCK acs-t17$ 2017-08-01 13:42:54 [2099] BLOCK acs-t17$ 2017-08-01 13:42:54 [2099] BLOCK acs-t17$ 2017-08-01 13:42:54 [2099] BLOCK acs-t17$ 2017-08-01 13:42:54 [2099] BLOCK acs-t17$ 2017-08-01 13:42:54 [2099] BLOCK acs-t17$ 2017-08-01 13:42:55 [2099] BLOCK mthunzid 2017-08-01 13:42:55 [2099] BLOCK acs-t17$ 2017-08-01 13:42:55 [2099] BLOCK acs-t17$ 2017-08-01 13:42:55 [2099] BLOCK acs-t17$ 2017-08-01 13:42:55 [2099] BLOCK acs-t17$ 2017-08-01 13:42:55 [2099] BLOCK acs-t17$ 2017-08-01 13:42:55 [2099] BLOCK acs-t17$ 2017-08-01 13:42:55 [2099] BLOCK acs-t17$ 2017-08-01 13:42:55 [2099] BLOCK acs-t17$ 2017-08-01 13:42:55 [2099] BLOCK acs-t17$ 2017-08-01 13:42:55 [2099] BLOCK acs-t17$ 2017-08-01 13:42:55 [2099] BLOCK acs-t17$ 2017-08-01 13:42:55 [2099] BLOCK acs-t17$ 2017-08-01 13:42:55 [2099] BLOCK acs-t17$ 2017-08-01 13:42:55 [2099] BLOCK acs-t17$ 2017-08-01 13:42:55 [2099] BLOCK acs-t17$ 2017-08-01 13:42:55 [2099] BLOCK acs-t17$ 2017-08-01 13:42:55 [2099] BLOCK acs-t17$ 2017-08-01 13:42:55 [2099] BLOCK acs-t17$ 2017-08-01 13:42:55 [2099] BLOCK acs-t17$ 2017-08-01 13:42:55 [2099] BLOCK acs-t17$ 2017-08-01 13:42:55 [2099] BLOCK mthunzid 2017-08-01 13:42:56 [2099] BLOCK acs-t17$ 2017-08-01 13:42:56 [2099] BLOCK acs-t17$ 2017-08-01 13:42:56 [2099] BLOCK acs-t17$ 2017-08-01 13:42:56 [2099] BLOCK acs-t17$ 2017-08-01 13:42:56 [2099] BLOCK acs-t17$ 2017-08-01 13:42:56 [2099] BLOCK acs-t17$ 2017-08-01 13:42:56 [2099] BLOCK acs-t17$ 2017-08-01 13:42:56 [2099] BLOCK acs-t17$ 2017-08-01 13:42:56 [2099] BLOCK acs-t17$ 2017-08-01 13:42:56 [2099] BLOCK acs-t17$ 2017-08-01 13:42:56 [2099] BLOCK acs-s15$ 2017-08-01 13:42:56 [2099] BLOCK acs-s15$ 2017-08-01 13:42:56 [2099] BLOCK acs-s15$ 2017-08-01 13:42:56 [2099] BLOCK acs-s15$ 2017-08-01 13:42:56 [2099] BLOCK acs-s15$ 2017-08-01 13:42:56 [2099] BLOCK acs-s15$ 2017-08-01 13:42:56 [2099] BLOCK acs-s15$ 2017-08-01 13:42:56 [2099] BLOCK acs-s15$ 2017-08-01 13:42:56 [2099] BLOCK acs-s15$ 2017-08-01 13:42:56 [2099] BLOCK acs-s15$ 2017-08-01 13:42:56 [2099] BLOCK mthunzid 2017-08-01 13:42:58 [2099] BLOCK mthunzid 2017-08-01 13:42:59 [2099] BLOCK mthunzid 2017-08-01 13:42:59 [2099] BLOCK mthunzid 2017-08-01 13:42:59 [2099] BLOCK mthunzid 2017-08-01 13:42:59 [2099] BLOCK mthunzid 2017-08-01 13:43:00 [2099] BLOCK mthunzid 2017-08-01 13:43:00 [2099] BLOCK mthunzid 2017-08-01 13:43:00 [2099] BLOCK mthunzid 2017-08-01 13:43:00 [2099] BLOCK mthunzid 2017-08-01 13:43:00 [2099] BLOCK mthunzid 2017-08-01 13:43:00 [2099] BLOCK mthunzid 2017-08-01 13:43:00 [2099] BLOCK mthunzid 2017-08-01 13:43:00 [2099] BLOCK mthunzid 2017-08-01 13:43:00 [2099] BLOCK mthunzid 192.168.2.116 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.116 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.116 default tracker settings-win.data.microsoft.com:443 CONNECT
192.168.2.23 default adv securepubads.g.doubleclick.net:443 CONNECT
192.168.2.28 default tracker settings-win.data.microsoft.com:443 CONNECT
192.168.2.23 default tracker http://edge.quantserve.com/quant.js GET
192.168.2.28 default updatesites http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab… GET
192.168.2.28 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.28 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.28 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.28 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.28 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.28 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.28 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.28 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.28 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.23 default adv http://secure-us.imrworldwide.com/cgi-bin/m… GET
192.168.2.23 default adv http://wms.assoc-amazon.com/20070822/US/js/auto-tagger.js… GET
192.168.2.20 default updatesites aus5.mozilla.org:443 CONNECT
192.168.2.28 default tracker settings-win.data.microsoft.com:443 CONNECT
192.168.2.117 default updatesites http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.23 default socialnet connect.facebook.net:443 CONNECT
192.168.2.117 default updatesites http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.23 default tracker http://cdn.optimizely.com/js/574841135.js GET
192.168.2.97 default webphone registrar-rr.prod.registrar.skype.com:443 CONNECT
192.168.2.117 default updatesites http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default updatesites http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.23 default adv http://native.sharethrough.com/assets/sfp.js GET
192.168.2.117 default updatesites http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.23 default tracker http://script.crazyegg.com/pages/scripts/0013/8759.js GET
192.168.2.117 default updatesites http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default updatesites http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.23 default adv http://cdn-gl.imrworldwide.com/novms/js/2/nlsDcrLite510.min.js GET
192.168.2.117 default updatesites http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.117 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.25 default updatesites http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab… GET
192.168.2.25 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.25 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.25 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.25 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.25 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.25 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.25 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.25 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.25 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.23 default tracker http://b.scorecardresearch.com/beacon.js GET
192.168.2.23 default adv z.moatads.com:443 CONNECT
192.168.2.23 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.23 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.23 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.23 default socialnet connect.facebook.net:443 CONNECT
192.168.2.23 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.23 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.23 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.23 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.23 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.23 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.23 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.23 default in-addr http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
192.168.2.23 default tracker www.google-analytics.com:443 CONNECT

m.traeumner · August 1, 2017, 11:58am

Didn’t you see something about your groups at the log? I don’t have groups, but I get info about categories at the log file for example.

2017-07-30 03:46:28 [15373] loading URL table from “/var/squidGuard/blacklists/aggressive/domains”
2017-07-30 03:46:28 [15373] loading URL category defaulttable with creation date 20170730.0146

filippo_carletti · August 1, 2017, 12:10pm

Not directly related to your problem, but you may reduce logging by unselecting Block access to web sites using ip address in the filter profile (it’s the topmost option).

Harold_Maponde_Shama · August 1, 2017, 1:09pm

I don’t see any of that unfortunately

Harold_Maponde_Shama · August 1, 2017, 1:10pm

Thanks Filipo,
but won’t users be able to bypass proxy using IP?

Harold_Maponde_Shama · August 1, 2017, 1:32pm

"
2017-08-01 15:16:21 [7980] }
2017-08-01 15:16:21 [7980] category “fortunetelling” {
2017-08-01 15:16:21 [7980] domainlist "/var/squidGuard/blacklists/fortunetelling/domains"
2017-08-01 15:16:21 [7980] }
2017-08-01 15:16:21 [7980] category “chat” {
2017-08-01 15:16:21 [7980] domainlist "/var/squidGuard/blacklists/chat/domains"
2017-08-01 15:16:21 [7980] }
2017-08-01 15:16:21 [7980] category “restaurants” {
2017-08-01 15:16:21 [7980] domainlist "/var/squidGuard/blacklists/recreation/restaurants/domains"
2017-08-01 15:16:21 [7980] }
2017-08-01 15:16:21 [7980] category “nh_whitelist” {
2017-08-01 15:16:21 [7980] domainlist "/var/squidGuard/blacklists/custom/whitelist/domains"
2017-08-01 15:16:21 [7980] }
2017-08-01 15:16:21 [7980] category “banking” {
2017-08-01 15:16:21 [7980] domainlist "/var/squidGuard/blacklists/finance/banking/domains"
2017-08-01 15:16:21 [7980] }
2017-08-01 15:16:21 [7980] category “boats” {
2017-08-01 15:16:21 [7980] domainlist "/var/squidGuard/blacklists/automobile/boats/domains"
2017-08-01 15:16:21 [7980] }
2017-08-01 15:16:21 [7980] category “news” {
2017-08-01 15:16:21 [7980] domainlist "/var/squidGuard/blacklists/news/domains"
2017-08-01 15:16:21 [7980] }
2017-08-01 15:16:21 [7980] category “isp” {
2017-08-01 15:16:21 [7980] domainlist "/var/squidGuard/blacklists/isp/domains"
2017-08-01 15:16:21 [7980] }
2017-08-01 15:16:21 [7980] category “security” {
2017-08-01 15:16:21 [7980] cacerts "/var/ufdbguard/blacklists/security/cacerts"
2017-08-01 15:16:21 [7980] option enforce-https-with-hostname off
2017-08-01 15:16:21 [7980] option enforce-https-official-certificate off
2017-08-01 15:16:21 [7980] option allow-skype-over-https on
2017-08-01 15:16:21 [7980] option allow-gtalk-over-https on
2017-08-01 15:16:21 [7980] option allow-yahoomsg-over-https on
2017-08-01 15:16:21 [7980] option allow-aim-over-https on
2017-08-01 15:16:21 [7980] option allow-fb-chat-over-https on
2017-08-01 15:16:21 [7980] option allow-citrixonline-over-https on
2017-08-01 15:16:
2017-08-01 15:16:21 [7980] }
2017-08-01 15:16:21 [7980] source “src_itprofile” {
2017-08-01 15:16:21 [7980] execuserlist "/usr/libexec/nethserver/ufdbguard-list-group-members it"
2017-08-01 15:16:21 [7980] }
2017-08-01 15:16:21 [7980] source “src_management” {
2017-08-01 15:16:21 [7980] execuserlist "/usr/libexec/nethserver/ufdbguard-list-group-members management"
2017-08-01 15:16:21 [7980] }
2017-08-01 15:16:21 [7980] source “src_newitgroup” {
2017-08-01 15:16:21 [7980] execuserlist "/usr/libexec/nethserver/ufdbguard-list-group-members it"
2017-08-01 15:16:21 [7980] }
2017-08-01 15:16:21 [7980] source “src_office” {
2017-08-01 15:16:21 [7980] execuserlist "/usr/libexec/nethserver/ufdbguard-list-group-members office management"
2017-08-01 15:16:21 [7980] }
2017-08-01 15:16:21 [7980] source “src_primary_teacher” {
2017-08-01 15:16:21 [7980] execuserlist "/usr/libexec/nethserver/ufdbguard-list-group-members primary teacher"
2017-08-01 15:16:21 [7980] }
2017-08-01 15:16:21 [7980] source “src_secondary_teacher” {
2017-08-01 15:16:21 [7980] execuserlist "/usr/libexec/nethserver/ufdbguard-list-group-members secondary teacher"
2017-08-01 15:16:21 [7980] }
2017-08-01 15:16:21 [7980] source “src_teacher_admin” {
2017-08-01 15:16:21 [7980] execuserlist "/usr/libexec/nethserver/ufdbguard-list-group-members teacher administration"
2017-08-01 15:16:21 [7980] }
2017-08-01 15:16:21 [7980]
2017-08-01 15:16:21 [7980] acl {
2017-08-01 15:16:21 [7980] “src_all_students” within “weekdays_students” {
2017-08-01 15:16:21 [7980] pass !security !nh_blacklist !files !builtin !adv !aggressive !alcohol !anonvpn !audio-video !cars !chat !costtraps !dating !downloads !downloads-1 !fortunetelling !gamble !games-misc !games-online !hacking !lingerie !models !movies !music !pets !porn !remotecontrol !ringtones !socialnet !socialnetworks !tracker !updatesites !violence !warez !webphone !webradio !webtv any
2017-08-01 15:16:21 [7980] }
2017-08-01 15:16:21 [7980] “src_dorm” {
2017-08-01 15:16:21 [7980] pass !security !nh_blacklist !files !builtin !adv !audio-video !chat !costtraps !dating !downloads !downloads-1 !gamble !games-misc !games-online !hacking !lingerie !movies !music !porn !ringtones !socialnet !socialnetworks !spyware !tracker !violence !warez !webphone !webradio !webtv any
2017-08-01 15:16:21 [7980] }
2017-08-01 15:16:21 [7980] “src_finance” {
2017-08-01 15:16:21 [7980] pass !security !nh_blacklist !files !builtin !adv !audio-video !chat !costtraps !dating !downloads !downloads-1 !gamble !games-misc !games-online !hacking !lingerie !movies !music !porn !ringtones !socialnet !socialnetworks !spyware !tracker !violence !warez !webphone !webradio !webtv any
2017-08-01 15:16:21 [7980] }
2017-08-01 15:16:21 [7980] “src_heads” {
2017-08-01 15:16:21 [7980] pass !security nh_whitelist !nh_blacklist !builtin !downloads-1 !hacking any
2017-08-01 15:16:21 [7980] }
2017-08-01 15:16:21 [7980] “src_itprofile” {
2017-08-01 15:16:21 [7980] pass !security nh_whitelist !builtin any
2017-08-01 15:16:21 [7980] }
2017-08-01 15:16:21 [7980] “src_management” {
2017-08-01 15:16:21 [7980] pass !security nh_whitelist !nh_blacklist !builtin !downloads-1 !hacking any
2017-08-01 15:16:21 [7980] }
2017-08-01 15:16:21 [7980] “src_newitgroup” {
2017-08-01 15:16:21 [7980] pass !security nh_whitelist !builtin any
2017-08-01 15:16:21 [7980] }
2017-08-01 15:16:21 [7980] “src_office” {
2017-08-01 15:16:21 [7980] pass !security !nh_blacklist !files !builtin !adv !audio-video !chat !costtraps !dating !downloads !downloads-1 !gamble !games-misc !games-online !hacking !lingerie !movies !music !porn !ringtones !socialnet !socialnetworks !spyware !tracker !violence !warez !webphone !webradio !webtv any
2017-08-01 15:16:21 [7980] }
2017-08-01 15:16:21 [7980] “src_primary_teacher” {
2017-08-01 15:16:21 [7980] pass !security !nh_blacklist !files !builtin !adv !audio-video !chat !costtraps !dating !downloads !downloads-1 !gamble !games-misc !games-online !hacking !lingerie !movies !music !porn !ringtones !socialnet !socialnetworks !spyware !tracker !violence !warez !webphone !webradio !webtv any
2017-08-01 15:16:21 [7980] }
2017-08-01 15:16:21 [7980] “src_secondary_teacher” {
2017-08-01 15:16:21 [7980] pass !security !nh_blacklist !files !builtin !adv !audio-video !chat !costtraps !dating !downloads !downloads-1 !gamble !games-misc !games-online !hacking !lingerie !movies !music !porn !ringtones !socialnet !socialnetworks !spyware !tracker !violence !warez !webphone !webradio !webtv any
2017-08-01 15:16:21 [7980] }
2017-08-01 15:16:21 [7980] “src_teacher_admin” {
2017-08-01 15:16:21 [7980] pass !security nh_whitelist !nh_blacklist !builtin !downloads-1 !hacking any
2017-08-01 15:16:21 [7980] }
2017-08-01 15:16:21 [7980] “default” {
2017-08-01 15:16:21 [7980] pass !security !nh_blacklist !files !builtin !adv !aggressive !alcohol !anonvpn !audio-video !cars !chat !costtraps !dating !downloads !downloads-1 !fortunetelling !gamble !games-misc !games-online !hacking !lingerie !models !movies !music !pets !porn !remotecontrol !ringtones !socialnet !socialnetworks !tracker !updatesites !violence !warez !webphone !webradio !webtv any
2017-08-01 15:16:21 [7980] redirect "http://192.168.2.202/cgi-bin/nethserver-block.cgi?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetgroup=%t&url=%u"
2017-08-01 15:16:21 [7980] }
2017-08-01 15:16:21 [7980] }
2017-08-01 15:16:21 [7980]
2017-08-01 15:16:21 [7980] database status: up to date
2017-08-01 15:16:21 [7980] license status: unknown
2017-08-01 15:16:21 [7980] configuration status: ok
2017-08-01 15:16:21 [7980]
2017-08-01 15:16:21 [7980] using OpenSSL library 1.0.1e R (OpenSSL 1.0.1e-fips 11 Feb 2013)
2017-08-01 15:16:21 [7980] HTTPS/SSL verification with trusted certificates from file “/var/ufdbguard/blacklists/security/cacerts” and directory "none"
2017-08-01 15:16:21 [7980] LC_CTYPE is not set
2017-08-01 15:16:21 [7980] LANG is 'C’
2017-08-01 15:16:21 [7980] 32 HTTPS verification threads created.
2017-08-01 15:16:21 [7980] time definitions are used; evaluating current ACLs
2017-08-01 15:16:21 [7980] next alarm is in 18789 seconds
2017-08-01 15:16:21 [7980] Changing daemon status to "started"
2017-08-01 15:16:21 [7980] UNIX socket “/tmp/ufdbguardd-03977” successfully created
2017-08-01 15:16:21 [7980] listening on UNIX socket "/tmp/ufdbguardd-03977"
2017-08-01 15:16:21 [7980] using rwlock for database locking with preference for "writer"
2017-08-01 15:16:21 [7980] processor yielding is enabled
2017-08-01 15:16:21 [7980] system: x86_64 Linux 3.10.0-514.26.2.el7.x86_64 AMANOSRV03.amanocs.local on 6 CPUs
2017-08-01 15:16:21 [7980] ufdbguardd 1.32.4 started with 68 URL verification threads and 32 SSL verification threads

Harold_Maponde_Shama · August 1, 2017, 1:41pm

2017-08-01 15:27:34 [7980] BLOCK prudencem 192.168.2.115 default adv ir2.beap.gemini.yahoo.com:443 CONNECT
2017-08-01 15:27:35 [7980] BLOCK samuelk 192.168.2.19 default files http://play.pokemonshowdown.com/audio/xy-rival.mp3 GET
2017-08-01 15:27:35 [7980] BLOCK prudencem 192.168.2.115 default adv na.ads.yahoo.com:443 CONNECT
2017-08-01 15:27:35 [7980] BLOCK prudencem 192.168.2.115 default adv na.ads.yahoo.com:443 CONNECT
2017-08-01 15:27:35 [7980] BLOCK prudencem 192.168.2.115 default adv na.ads.yahoo.com:443 CONNECT
2017-08-01 15:27:35 [7980] BLOCK samuelk 192.168.2.19 default files http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
2017-08-01 15:27:43 [7980] BLOCK samuelk 192.168.2.19 default files http://play.pokemonshowdown.com/audio/cries/muk.mp3 GET
2017-08-01 15:27:43 [7980] BLOCK samuelk 192.168.2.19 default files http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
2017-08-01 15:27:44 [7980] BLOCK natashach 192.168.2.22 default updatesites http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab… GET
2017-08-01 15:27:44 [7980] BLOCK samuelk 192.168.2.19 default files http://play.pokemonshowdown.com/audio/cries/ninjask.mp3 GET
2017-08-01 15:27:45 [7980] BLOCK samuelk 192.168.2.19 default files http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
2017-08-01 15:27:48 [7980] BLOCK prudencem 192.168.2.115 default adv ir2.beap.gemini.yahoo.com:443 CONNECT
2017-08-01 15:27:49 [7980] BLOCK prudencem 192.168.2.115 default adv na.ads.yahoo.com:443 CONNECT
2017-08-01 15:27:49 [7980] BLOCK prudencem 192.168.2.115 default adv na.ads.yahoo.com:443 CONNECT
2017-08-01 15:27:49 [7980] BLOCK prudencem 192.168.2.115 default adv na.ads.yahoo.com:443 CONNECT
2017-08-01 15:27:54 [7980] BLOCK acs-s19$ 192.168.2.29 default updatesites http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab… GET
2017-08-01 15:28:12 [7980] BLOCK andrewm 192.168.2.26 default tracker id.google.com:443 CONNECT
2017-08-01 15:28:20 [7980] BLOCK samuelk 192.168.2.19 default files http://play.pokemonshowdown.com/audio/cries/mewtwo.mp3 GET
2017-08-01 15:28:21 [7980] BLOCK samuelk 192.168.2.19 default files http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
2017-08-01 15:28:28 [7116] finished retrieving userlist (0 lines in 1 seconds) generated by "/usr/libexec/nethserver/ufdbguard-list-group-members all student"
2017-08-01 15:28:28 [7116] finished retrieving userlist (8 lines in 0 seconds) generated by "/usr/libexec/nethserver/ufdbguard-list-group-members dorm"
2017-08-01 15:28:29 [7116] finished retrieving userlist (0 lines in 1 seconds) generated by "/usr/libexec/nethserver/ufdbguard-list-group-members finance"
2017-08-01 15:28:30 [7116] finished retrieving userlist (5 lines in 1 seconds) generated by "/usr/libexec/nethserver/ufdbguard-list-group-members heads"
2017-08-01 15:28:30 [7116] finished retrieving userlist (4 lines in 0 seconds) generated by "/usr/libexec/nethserver/ufdbguard-list-group-members it"
2017-08-01 15:28:30 [7980] BLOCK samuelk 192.168.2.19 default files http://play.pokemonshowdown.com/audio/cries/mewtwo-megax.mp3 GET
2017-08-01 15:28:30 [7980] BLOCK samuelk 192.168.2.19 default files http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
2017-08-01 15:28:31 [7980] BLOCK acs-s08$ 192.168.2.18 default tracker settings-win.data.microsoft.com:443 CONNECT
2017-08-01 15:28:31 [7116] finished retrieving userlist (7 lines in 1 seconds) generated by "/usr/libexec/nethserver/ufdbguard-list-group-members management"
2017-08-01 15:28:32 [7116] finished retrieving userlist (4 lines in 1 seconds) generated by "/usr/libexec/nethserver/ufdbguard-list-group-members it"
2017-08-01 15:28:32 [7980] BLOCK acs-s08$ 192.168.2.18 default updatesites http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab… GET
2017-08-01 15:28:32 [7980] BLOCK acs-s08$ 192.168.2.18 default tracker settings-win.data.microsoft.com:443 CONNECT
2017-08-01 15:28:32 [7116] finished retrieving userlist (0 lines in 0 seconds) generated by "/usr/libexec/nethserver/ufdbguard-list-group-members office management"
2017-08-01 15:28:33 [7116] finished retrieving userlist (0 lines in 1 seconds) generated by "/usr/libexec/nethserver/ufdbguard-list-group-members primary teacher"
2017-08-01 15:28:33 [7116] finished retrieving userlist (0 lines in 0 seconds) generated by "/usr/libexec/nethserver/ufdbguard-list-group-members secondary teacher"
2017-08-01 15:28:34 [7116] finished retrieving userlist (0 lines in 1 seconds) generated by "/usr/libexec/nethserver/ufdbguard-list-group-members teacher administration"
2017-08-01 15:28:43 [7980] BLOCK acs-t01$ 192.168.2.101 default tracker settings-win.data.microsoft.com:443 CONNECT
2017-08-01 15:28:45 [7980] BLOCK samuelk 192.168.2.19 default files http://play.pokemonshowdown.com/audio/cries/rattata.mp3 GET
2017-08-01 15:28:45 [7980] BLOCK samuelk 192.168.2.19 default files http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
2017-08-01 15:28:45 [7980] BLOCK acs-t01$ 192.168.2.101 default tracker settings-win.data.microsoft.com:443 CONNECT
2017-08-01 15:28:55 [7980] BLOCK acs-s19$ 192.168.2.29 default updatesites http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab… GET
2017-08-01 15:29:01 [7980] BLOCK samuelk 192.168.2.19 default files http://play.pokemonshowdown.com/audio/cries/arcanine.mp3 GET
2017-08-01 15:29:02 [7980] BLOCK samuelk 192.168.2.19 default files http://192.168.2.202/cgi-bin/nethserver-block.cgi… GET
2017-08-01 15:29:02 [7980] BLOCK acs-s08$ 192.168.2.18 default updatesites http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab… GET
2017-08-01 15:29:14 [7980] BLOCK mthunzid 192.168.2.23 default adv p2.keywee.co:443 CONNECT
2017-08-01 15:29:14 [7980] BLOCK samuelk 192.168.2.19 default files http://play.pokemonshowdown.com/audio/cries/primarina.mp3 GET
2017-08-01 15:29:14 [7980] BLOCK samuelk 192.168.2.19 default files http://192.168.2.202/cgi-bin/nethserver-
2017-08-01 15:34:44 [7980] BLOCK ceciliam 192.168.2.77 default socialnet http://yourdictionaryltk.disqus.com/embed.js GET
2017-08-01 15:34:44 [7980] BLOCK ceciliam 192.168.2.77 default socialnet assets.pinterest.com:443 CONNECT
2017-08-01 15:34:45 [7980] BLOCK ceciliam 192.168.2.77 default tracker www.google-analytics.com:443 CONNECT
2017-08-01 15:34:45 [7980] BLOCK acs-s03$ 192.168.2.13 default tracker settings-win.data.microsoft.com:443 CONNECT
2017-08-01 15:34:46 [7980] BLOCK ceciliam 192.168.2.77 default socialnet platform.twitter.com:443 CONNECT
2017-08-01 15:34:49 [7980] BLOCK acs-s03$ 192.168.2.13 default tracker settings-win.data.microsoft.com:443 CONNECT
2017-08-01 15:34:51 [7980] BLOCK ceciliam 192.168.2.77 default socialnet www.facebook.com:443 CONNECT
2017-08-01 15:34:54 [7980] BLOCK ceciliam 192.168.2.77 default tracker http://b.scorecardresearch.com/b… GET
2017-08-01 15:34:56 [7980] BLOCK ceciliam 192.168.2.77 default socialnet www.facebook.com:443 CONNECT
2017-08-01 15:34:56 [7980] BLOCK ceciliam 192.168.2.77 default socialnet www.facebook.com:443 CONNECT
2017-08-01 15:34:56 [7980] BLOCK ceciliam 192.168.2.77 default socialnet www.facebook.com:443 CONNECT
2017-08-01 15:34:56 [7980] BLOCK asherk 192.168.2.117 default updatesites http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab… GET
2017-08-01 15:35:02 [7980] BLOCK acs-s08$ 192.168.2.18 default updatesites http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab… GET
2017-08-01 15:35:14 [7980] BLOCK simont 192.168.2.97 default tracker settings-win.data.microsoft.com:443 CONNECT
2017-08-01 15:35:17 [7980] BLOCK simont 192.168.2.97 default webphone b.config.skype.com:443 CONNECT
2017-08-01 15:35:17 [7980] BLOCK simont 192.168.2.97 default webphone apps.skype.com:443 CONNECT
2017-08-01 15:35:20 [7980] BLOCK simont 192.168.2.97 default webphone api.mcr.skype.com:443 CONNECT
2017-08-01 15:35:20 [7980] BLOCK simont 192.168.2.97 default webphone registrar-rr.prod.registrar.skype.com:443 CONNECT
2017-08-01 15:35:34 [7980] BLOCK simont 192.168.2.97 default webphone a.config.skype.com:443 CONNECT
2017-08-01 15:35:52 [7980] BLOCK acs-s01$ 192.168.2.11 default tracker settings-win.data.microsoft.com:443 CONNECT
2017-08-01 15:35:53 [7980] BLOCK acs-s01$ 192.168.2.11 default tracker settings-win.data.microsoft.com:443 CONNECT
2017-08-01 15:36:11 [7980] BLOCK prudencem 192.168.2.115 default tracker settings-win.data.microsoft.com:443 CONNECT
2017-08-01 15:36:12 [7980] BLOCK prudencem 192.168.2.115 default updatesites http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab… GET
2017-08-01 15:36:12 [7980] BLOCK prudencem 192.168.2.115 default tracker settings-win.data.microsoft.com:443 CONNECT
2017-08-01 15:36:39 [7980] BLOCK simont 192.168.2.97 default webphone b.config.skype.com:443 CONNECT
2017-08-01 15:36:42 [7980] BLOCK prudencem 192.168.2.115 default updatesites http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab… GET
2017-08-01 15:37:21 [7980] BLOCK simont 192.168.2.97 default webphone registrar-rr.prod.registrar.skype.com:443 CONNECT
2017-08-01 15:37:42 [7980] BLOCK prudencem 192.168.2.115 default updatesites http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab… GET
2017-08-01 15:37:58 [7980] BLOCK simont 192.168.2.97 default webphone api.mcr.skype.com:443 CONNECT
2017-08-01 15:38:19 [7980] BLOCK office 192.168.2.108 default tracker settings-win.data.microsoft.com:443 CONNECT
2017-08-01 15:38:20 [7980] BLOCK office 192.168.2.108 default tracker settings-win.data.microsoft.com:443 CONNECT
2017-08-01 15:38:38 [7980] BLOCK ceciliam 192.168.2.77 default tracker www.google-analytics.com:443 CONNECT
2017-08-01 15:39:16 [7980] BLOCK natashach 192.168.2.22 default updatesites http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab… GET
2017-08-01 15:39:22 [7980] BLOCK simont 192.168.2.97 default webphone registrar-rr.prod.registrar.skype.com:443 CONNECT
[root@AMANOSRV03 ufdbguard]#

Harold_Maponde_Shama · August 1, 2017, 1:42pm

The bottom threads with user Prudence and Cecilia are part of Finance and Teacher Groups and yet it’s retrieving the info from the default filter group instead of staff…

m.traeumner · August 2, 2017, 7:37am

What is about your squid.log? Do you see the usernames in it?

Can you post your squid.conf too please.

Harold_Maponde_Shama · August 2, 2017, 7:57am

I see usernames ok… and all my users just access the default profile…

[root@AMANOSRV03 ~]# cd /
[root@AMANOSRV03 /]# find -name squid.conf
./etc/e-smith/events/interface-update/templates2expand/etc/squid/squid.conf
./etc/e-smith/events/proxy-modify/templates2expand/etc/squid/squid.conf
./etc/e-smith/events/trusted-networks-modify/templates2expand/etc/squid/squid.conf
./etc/e-smith/events/nethserver-samba-adsjoin/templates2expand/etc/squid/squid.conf
./etc/e-smith/events/nethserver-samba-save/templates2expand/etc/squid/squid.conf
./etc/e-smith/events/nethserver-samba-update/templates2expand/etc/squid/squid.conf
./etc/e-smith/events/nethserver-squid-save/templates2expand/etc/squid/squid.conf
./etc/e-smith/events/nethserver-squid-update/templates2expand/etc/squid/squid.conf
./etc/e-smith/events/nethserver-squidguard-save/templates2expand/etc/squid/squid.conf
./etc/e-smith/events/nethserver-squidguard-update/templates2expand/etc/squid/squid.conf
./etc/e-smith/events/nethserver-squidclamav-update/templates2expand/etc/squid/squid.conf
./etc/e-smith/templates/etc/squid/squid.conf
./etc/e-smith/templates.metadata/etc/squid/squid.conf
./etc/httpd/conf.d/squid.conf
./etc/squid/squid.conf
./usr/lib/tmpfiles.d/squid.conf
[root@AMANOSRV03 /]# cat etc/squid/squid.conf

# ================= DO NOT MODIFY THIS FILE =================
# 
# Manual changes will be lost when this file is regenerated.
#
# Please read the developer's guide, which is available
# at https://dev.nethesis.it/projects/nethserver/wiki/NethServer
# original work from http://www.contribs.org/development/
#
# Copyright (C) 2013 Nethesis S.r.l. 
# http://www.nethesis.it - support@nethesis.it
# 

# Uncomment this to enable debug
#debug_options ALL,1 33,2 28,9

# Sites not cached
acl no_cache dstdomain "/etc/squid/acls/no_cache.acl"
no_cache deny no_cache

# Allow access from green and trusted networks.
acl localnet src 192.168.2.0/24
acl localnet_dst src 192.168.2.0/24
# Allow access from blue: ens34
acl blue src 192.168.8.0/24

# Safe ports
acl SSL_ports port 443
acl SSL_ports port 980          # httpd-admin (server-manager)
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl Safe_ports port 980         # httpd-admin (server-manager)
acl CONNECT method CONNECT

#
# 20acl_00_portscustom
#
acl Safe_ports port 2083
acl SSL_ports port 2083
acl Safe_ports port 2096
acl SSL_ports port 2096
acl Safe_ports port 8443
acl SSL_ports port 8443
acl Safe_ports port 5000
acl SSL_ports port 5000

# Authentication required


# GSSAPI auth in ADS mode
auth_param negotiate program /usr/lib64/squid/negotiate_kerberos_auth -i
auth_param negotiate children 10
auth_param negotiate keep_alive on

# BASIC PAM auth (fallback) 
auth_param basic program  /usr/lib64/squid/basic_pam_auth
auth_param basic children 5
auth_param basic realm amanocs.local
auth_param basic credentialsttl 1 hours
auth_param basic casesensitive on
acl authenticated proxy_auth REQUIRED

# Allow access from localhost
http_access allow localhost

# Deny requests to certain unsafe ports
http_access deny !Safe_ports

# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports

# Only allow cachemgr access from localhost
http_access allow localhost manager
http_access deny manager

#
# Skip URL rewriter for local addresses
#
acl self dst 192.168.2.202
acl self dst 192.168.8.202
acl self_port port 80
acl self_port port 443
url_rewrite_access deny self localnet  blue  self_port

# Block access to green from other networks
http_access deny self blue localnet_dst

# Authentication required on green and trusted networks
http_access allow localnet authenticated
# Authentication required on blue
http_access allow blue authenticated


# And finally deny all other access to this proxy
http_access deny all

cache_mem 256 MB

# Enable disk cache
minimum_object_size 0 KB
maximum_object_size 4096 KB
cache_dir aufs /var/spool/squid 2048 16 256


# Leave coredumps in the first cache dir
coredump_dir /var/spool/squid

#
# Add any of your own refresh_pattern entries above these.
#
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern .               0       20%     4320
refresh_pattern ([^.]+.|)(download|(windows|)update|).(microsoft.|)com/.*\.(cab|exe|msi|msp) 4320 100% 43200 reload-into-ims

# Always enable manual proxy
http_port 3128


acl https_proto proto https
always_direct allow https_proto
ssl_bump none localhost
sslproxy_options NO_SSLv2,NO_SSLv3,No_Compression
sslproxy_cipher ALL:!SSLv2:!ADH:!DSS:!MD5:!EXP:!DES:!PSK:!SRP:!RC4:!IDEA:!SEED:!aNULL:!eNULL
# TLS/SSL bumping definitions
acl tls_s1_connect at_step SslBump1
acl tls_s2_client_hello at_step SslBump2
acl tls_s3_server_hello at_step SslBump3
# TLS/SSL bumping steps
ssl_bump peek tls_s1_connect all
ssl_bump splice all
# peek at TLS/SSL connect data
# splice: no active bumping

#
# 45marks
#



# Enable squidGuard 
url_rewrite_program /usr/sbin/ufdbgclient -l /var/log/squid
url_rewrite_children 20 startup=5 idle=5 concurrency=0
url_rewrite_extras "%>a/%>A %un %>rm bump_mode=%ssl::bump_mode sni=\"%ssl::>sni\" referer=\"%{Referer}>h\""
#
# 90options
#
forward_max_tries 25
shutdown_lifetime 1 seconds
buffered_logs on
max_filedesc 16384
logfile_rotate 0
#
# 90squidclamav
#
ecap_enable on

# Bypass scan mime-types
acl bypass_scan_types_req req_mime_type -i ^text/
acl bypass_scan_types_req req_mime_type -i ^application/x-javascript
acl bypass_scan_types_req req_mime_type -i ^application/x-shockwave-flash
acl bypass_scan_types_req req_mime_type -i ^image/
acl bypass_scan_types_req req_mime_type -i ^video
acl bypass_scan_types_req req_mime_type -i ^audio
acl bypass_scan_types_req req_mime_type -i ^application/x-mms-framed.*$

acl bypass_scan_types_rep rep_mime_type -i ^text/
acl bypass_scan_types_rep rep_mime_type -i ^application/x-javascript
acl bypass_scan_types_rep rep_mime_type -i ^application/x-shockwave-flash
acl bypass_scan_types_rep rep_mime_type -i ^image/
acl bypass_scan_types_rep rep_mime_type -i ^video
acl bypass_scan_types_rep rep_mime_type -i ^audio
acl bypass_scan_types_rep rep_mime_type -i ^application/x-mms-framed.*$

loadable_modules /usr/lib64/ecap_clamav_adapter.so
ecap_service clamav_service_req reqmod_precache uri=ecap://e-cap.org/ecap/services/clamav?mode=REQMOD bypass=off message_size_max=5000000
ecap_service clamav_service_resp respmod_precache uri=ecap://e-cap.org/ecap/services/clamav?mode=RESPMOD bypass=on message_size_max=5000000
adaptation_access clamav_service_req allow !bypass_scan_types_req all
adaptation_access clamav_service_resp allow !bypass_scan_types_rep all

m.traeumner · August 2, 2017, 8:40am

Please have a look at your ufdbguard.conf. The “all” at the pass acl is missing by some groups. Is it a copy paste error too?

PS: For posting a conf I use

[code]

[/code]

in square brackets.

Harold_Maponde_Shama · August 2, 2017, 8:48am

[root@AMANOSRV03 ~]# cd /
[root@AMANOSRV03 /]# find -name ufdbguard.conf
[root@AMANOSRV03 /]# find -name ufdbguard.co
[root@AMANOSRV03 /]# find -name ufdbguard
./run/ufdbguard
./etc/sysconfig/ufdbguard
./etc/e-smith/events/interface-update/templates2expand/etc/ufdbguard
./etc/e-smith/events/group-modify/templates2expand/etc/ufdbguard
./etc/e-smith/events/firewall-objects-modify/templates2expand/etc/ufdbguard
./etc/e-smith/events/nethserver-squidguard-downloadlists/templates2expand/etc/ufdbguard
./etc/e-smith/events/nethserver-squidguard-save/templates2expand/etc/ufdbguard
./etc/e-smith/events/nethserver-squidguard-update/templates2expand/etc/ufdbguard
./etc/e-smith/templates/etc/ufdbguard
./etc/ufdbguard
./var/log/ufdbguard
./var/ufdbguard
[root@AMANOSRV03 /]# cd etc/ufdbguard/
[root@AMANOSRV03 ufdbguard]# ls
ufdbGuard.conf
[root@AMANOSRV03 ufdbguard]# cat ufdbGuard.conf

# ================= DO NOT MODIFY THIS FILE =================
# 
# Manual changes will be lost when this file is regenerated.
#
# Please read the developer's guide, which is available
# at https://dev.nethesis.it/projects/nethserver/wiki/NethServer
# original work from http://www.contribs.org/development/
#
# Copyright (C) 2013 Nethesis S.r.l. 
# http://www.nethesis.it - support@nethesis.it
# 
# ufdbGuard.conf - default configuration file for use with URLfilterDB
# #
# # The Reference Manual has detailed information about the configuration
# # of ufdbGuard.  It is highly recommended to read it before using ufdbGuard.
# #
# # Make sure that you edit the 4 lines that are marked with
# # 'EDIT THE NEXT LINE...' to adapt this file to your environment.
#
logdir "/var/log/ufdbguard"
dbhome "/var/squidGuard/blacklists"
squid-version "3.5"
analyse-uncategorised-urls off
upload-crash-reports off
# slow replies when reloading db to decrease the number of passed urls
url-lookup-delay-during-database-reload on

logblock on

# Always strip domain from squid username
strip-domain-from-username on
redirect-https     "blocked.nethserver.org:443"

category "gamble" {
      domainlist /var/squidGuard/blacklists/gamble/domains
}
category "chemistry" {
      domainlist /var/squidGuard/blacklists/science/chemistry/domains
}
category "files" {
      expressionlist /var/squidGuard/blacklists/custom/files/expressions
}
category "pets" {
      domainlist /var/squidGuard/blacklists/hobby/pets/domains
}
category "bikes" {
      domainlist /var/squidGuard/blacklists/automobile/bikes/domains
}
category "aggressive" {
      domainlist /var/squidGuard/blacklists/aggressive/domains
}
category "radiotv" {
      domainlist /var/squidGuard/blacklists/radiotv/domains
}
category "violence" {
      domainlist /var/squidGuard/blacklists/violence/domains
}
category "cars" {
      domainlist /var/squidGuard/blacklists/automobile/cars/domains
}
category "travel" {
      domainlist /var/squidGuard/blacklists/recreation/travel/domains
}
category "martialarts" {
      domainlist /var/squidGuard/blacklists/recreation/martialarts/domains
}
category "webradio" {
      domainlist /var/squidGuard/blacklists/webradio/domains
}
category "wellness" {
      domainlist /var/squidGuard/blacklists/recreation/wellness/domains
}
category "movies" {
      domainlist /var/squidGuard/blacklists/movies/domains
}
category "politics" {
      domainlist /var/squidGuard/blacklists/politics/domains
}
category "military" {
      domainlist /var/squidGuard/blacklists/military/domains
}
category "ringtones" {
      domainlist /var/squidGuard/blacklists/ringtones/domains
}
category "dynamic" {
      domainlist /var/squidGuard/blacklists/dynamic/domains
}
category "astronomy" {
      domainlist /var/squidGuard/blacklists/science/astronomy/domains
}
category "redirector" {
      domainlist /var/squidGuard/blacklists/redirector/domains
}
category "dating" {
      domainlist /var/squidGuard/blacklists/dating/domains
}
category "alcohol" {
      domainlist /var/squidGuard/blacklists/alcohol/domains
}
category "gardening" {
      domainlist /var/squidGuard/blacklists/hobby/gardening/domains
}
category "trading" {
      domainlist /var/squidGuard/blacklists/finance/trading/domains
}
category "hacking" {
      domainlist /var/squidGuard/blacklists/hacking/domains
}
category "adv" {
      domainlist /var/squidGuard/blacklists/adv/domains
}
category "updatesites" {
      domainlist /var/squidGuard/blacklists/updatesites/domains
}
category "tracker" {
      domainlist /var/squidGuard/blacklists/tracker/domains
}
category "humor" {
      domainlist /var/squidGuard/blacklists/recreation/humor/domains
}
category "shopping" {
      domainlist /var/squidGuard/blacklists/shopping/domains
}
category "costtraps" {
      domainlist /var/squidGuard/blacklists/costtraps/domains
}
category "forum" {
      domainlist /var/squidGuard/blacklists/forum/domains
}
category "weapons" {
      domainlist /var/squidGuard/blacklists/weapons/domains
}
category "sports" {
      domainlist /var/squidGuard/blacklists/recreation/sports/domains
}
category "education" {
      domainlist /var/squidGuard/blacklists/sex/education/domains
}
category "webmail" {
      domainlist /var/squidGuard/blacklists/webmail/domains
}
category "moneylending" {
      domainlist /var/squidGuard/blacklists/finance/moneylending/domains
}
category "cooking" {
      domainlist /var/squidGuard/blacklists/hobby/cooking/domains
}
category "hospitals" {
      domainlist /var/squidGuard/blacklists/hospitals/domains
}
category "searchengines" {
      domainlist /var/squidGuard/blacklists/searchengines/domains
}
category "schools" {
      domainlist /var/squidGuard/blacklists/education/schools/domains
}
category "downloads-1" {
      domainlist /var/squidGuard/blacklists/custom/downloads-1/domains
}
category "audio-video" {
      domainlist /var/squidGuard/blacklists/custom/audio-video/domains
}
category "remotecontrol" {
      domainlist /var/squidGuard/blacklists/remotecontrol/domains
}
category "realestate" {
      domainlist /var/squidGuard/blacklists/finance/realestate/domains
}
category "spyware" {
      domainlist /var/squidGuard/blacklists/spyware/domains
}
category "drugs" {
      domainlist /var/squidGuard/blacklists/drugs/domains
}
category "music" {
      domainlist /var/squidGuard/blacklists/music/domains
}
category "government" {
      domainlist /var/squidGuard/blacklists/government/domains
}
category "downloads" {
      domainlist /var/squidGuard/blacklists/downloads/domains
}
category "models" {
      domainlist /var/squidGuard/blacklists/models/domains
}
category "urlshortener" {
      domainlist /var/squidGuard/blacklists/urlshortener/domains
}
category "builtin" {
      domainlist /var/squidGuard/blacklists/custom/builtin/domains
      expressionlist /var/squidGuard/blacklists/custom/builtin/expressions
}
category "imagehosting" {
      domainlist /var/squidGuard/blacklists/imagehosting/domains
}
category "webphone" {
      domainlist /var/squidGuard/blacklists/webphone/domains
}
category "insurance" {
      domainlist /var/squidGuard/blacklists/finance/insurance/domains
}
category "socialnetworks" {
      domainlist /var/squidGuard/blacklists/custom/socialnetworks/domains
}
category "planes" {
      domainlist /var/squidGuard/blacklists/automobile/planes/domains
}
category "games-online" {
      domainlist /var/squidGuard/blacklists/hobby/games-online/domains
}
category "warez" {
      domainlist /var/squidGuard/blacklists/warez/domains
}
category "other" {
      domainlist /var/squidGuard/blacklists/finance/other/domains
}
category "nh_blacklist" {
      domainlist /var/squidGuard/blacklists/custom/blacklist/domains
}
category "lingerie" {
      domainlist /var/squidGuard/blacklists/sex/lingerie/domains
}
category "homestyle" {
      domainlist /var/squidGuard/blacklists/homestyle/domains
}
category "games-misc" {
      domainlist /var/squidGuard/blacklists/hobby/games-misc/domains
}
category "podcasts" {
      domainlist /var/squidGuard/blacklists/podcasts/domains
}
category "library" {
      domainlist /var/squidGuard/blacklists/library/domains
}
category "jobsearch" {
      domainlist /var/squidGuard/blacklists/jobsearch/domains
}
category "anonvpn" {
      domainlist /var/squidGuard/blacklists/anonvpn/domains
}
category "socialnet" {
      domainlist /var/squidGuard/blacklists/socialnet/domains
}
category "porn" {
      domainlist /var/squidGuard/blacklists/porn/domains
}
category "webtv" {
      domainlist /var/squidGuard/blacklists/webtv/domains
}
category "religion" {
      domainlist /var/squidGuard/blacklists/religion/domains
}
category "fortunetelling" {
      domainlist /var/squidGuard/blacklists/fortunetelling/domains
}
category "chat" {
      domainlist /var/squidGuard/blacklists/chat/domains
}
category "restaurants" {
      domainlist /var/squidGuard/blacklists/recreation/restaurants/domains
}
category "nh_whitelist" {
      domainlist /var/squidGuard/blacklists/custom/whitelist/domains
}
category "banking" {
      domainlist /var/squidGuard/blacklists/finance/banking/domains
}
category "boats" {
      domainlist /var/squidGuard/blacklists/automobile/boats/domains
}
category "news" {
      domainlist /var/squidGuard/blacklists/news/domains
}
category "isp" {
      domainlist /var/squidGuard/blacklists/isp/domains
}

category "security" {
   cacerts        "/var/ufdbguard/blacklists/security/cacerts"
   option         enforce-https-with-hostname off
   option         enforce-https-official-certificate off
   option         allow-skype-over-https on
   option         allow-gtalk-over-https on
   option         allow-yahoomsg-over-https on
   option         allow-aim-over-https on
   option         allow-fb-chat-over-https on
   option         allow-citrixonline-over-https on
   option         allow-anydesk-over-https on
   option         allow-teamviewer-over-https on
   option         allow-unknown-protocol-over-https on
   option         https-prohibit-insecure-sslv2 off
   option         https-prohibit-insecure-sslv3 off
}

src src_all_students {
    execuserlist "/usr/libexec/nethserver/ufdbguard-list-group-members all student"
}
src src_dorm {
    execuserlist "/usr/libexec/nethserver/ufdbguard-list-group-members dorm"
}
src src_finance {
    execuserlist "/usr/libexec/nethserver/ufdbguard-list-group-members finance"
}
src src_heads {
    execuserlist "/usr/libexec/nethserver/ufdbguard-list-group-members heads"
}
src src_itprofile {
    execuserlist "/usr/libexec/nethserver/ufdbguard-list-group-members it"
}
src src_management {
    execuserlist "/usr/libexec/nethserver/ufdbguard-list-group-members management"
}
src src_newitgroup {
    execuserlist "/usr/libexec/nethserver/ufdbguard-list-group-members it"
}
src src_office {
    execuserlist "/usr/libexec/nethserver/ufdbguard-list-group-members office management"
}
src src_primary_teacher {
    execuserlist "/usr/libexec/nethserver/ufdbguard-list-group-members primary teacher"
}
src src_secondary_teacher {
    execuserlist "/usr/libexec/nethserver/ufdbguard-list-group-members secondary teacher"
}
src src_teacher_admin {
    execuserlist "/usr/libexec/nethserver/ufdbguard-list-group-members teacher administration"
}

time weekdays_students {
    weekly mtwhf 08:00-20:30
}

acl {

    # Profile: all_students
    src_all_students within weekdays_students {
        pass !security !nh_blacklist  !files  !builtin  !"adv"  !"aggressive"  !"alcohol"  !"anonvpn"  !"audio-video"  !"cars"  !"chat"  !"costtraps"  !"dating"  !"downloads"  !"downloads-1"  !"fortunetelling"  !"gamble"  !"games-misc"  !"games-online"  !"hacking"  !"lingerie"  !"models"  !"movies"  !"music"  !"pets"  !"porn"  !"remotecontrol"  !"ringtones"  !"socialnet"  !"socialnetworks"  !"tracker"  !"updatesites"  !"violence"  !"warez"  !"webphone"  !"webradio"  !"webtv"  all
    }
    # Profile: dorm
    src_dorm  {
        pass !security !nh_blacklist  !files  !builtin  !"adv"  !"audio-video"  !"chat"  !"costtraps"  !"dating"  !"downloads"  !"downloads-1"  !"gamble"  !"games-misc"  !"games-online"  !"hacking"  !"lingerie"  !"movies"  !"music"  !"porn"  !"ringtones"  !"socialnet"  !"socialnetworks"  !"spyware"  !"tracker"  !"violence"  !"warez"  !"webphone"  !"webradio"  !"webtv"  all
    }
    # Profile: finance
    src_finance  {
        pass !security !nh_blacklist  !files  !builtin  !"adv"  !"audio-video"  !"chat"  !"costtraps"  !"dating"  !"downloads"  !"downloads-1"  !"gamble"  !"games-misc"  !"games-online"  !"hacking"  !"lingerie"  !"movies"  !"music"  !"porn"  !"ringtones"  !"socialnet"  !"socialnetworks"  !"spyware"  !"tracker"  !"violence"  !"warez"  !"webphone"  !"webradio"  !"webtv"  all
    }
    # Profile: heads
    src_heads  {
        pass !security nh_whitelist  !nh_blacklist  !builtin  !"downloads-1"  !"hacking"  all
    }
    # Profile: itprofile
    src_itprofile  {
        pass !security nh_whitelist  !builtin  all
    }
    # Profile: management
    src_management  {
        pass !security nh_whitelist  !nh_blacklist  !builtin  !"downloads-1"  !"hacking"  all
    }
    # Profile: newitgroup
    src_newitgroup  {
        pass !security nh_whitelist  !builtin  all
    }
    # Profile: office
    src_office  {
        pass !security !nh_blacklist  !files  !builtin  !"adv"  !"audio-video"  !"chat"  !"costtraps"  !"dating"  !"downloads"  !"downloads-1"  !"gamble"  !"games-misc"  !"games-online"  !"hacking"  !"lingerie"  !"movies"  !"music"  !"porn"  !"ringtones"  !"socialnet"  !"socialnetworks"  !"spyware"  !"tracker"  !"violence"  !"warez"  !"webphone"  !"webradio"  !"webtv"  all
    }
    # Profile: primary_teacher
    src_primary_teacher  {
        pass !security !nh_blacklist  !files  !builtin  !"adv"  !"audio-video"  !"chat"  !"costtraps"  !"dating"  !"downloads"  !"downloads-1"  !"gamble"  !"games-misc"  !"games-online"  !"hacking"  !"lingerie"  !"movies"  !"music"  !"porn"  !"ringtones"  !"socialnet"  !"socialnetworks"  !"spyware"  !"tracker"  !"violence"  !"warez"  !"webphone"  !"webradio"  !"webtv"  all
    }
    # Profile: secondary_teacher
    src_secondary_teacher  {
        pass !security !nh_blacklist  !files  !builtin  !"adv"  !"audio-video"  !"chat"  !"costtraps"  !"dating"  !"downloads"  !"downloads-1"  !"gamble"  !"games-misc"  !"games-online"  !"hacking"  !"lingerie"  !"movies"  !"music"  !"porn"  !"ringtones"  !"socialnet"  !"socialnetworks"  !"spyware"  !"tracker"  !"violence"  !"warez"  !"webphone"  !"webradio"  !"webtv"  all
    }
    # Profile: teacher_admin
    src_teacher_admin  {
        pass !security nh_whitelist  !nh_blacklist  !builtin  !"downloads-1"  !"hacking"  all
    }

    default {
        pass !security !nh_blacklist  !files  !builtin  !"adv"  !"aggressive"  !"alcohol"  !"anonvpn"  !"audio-video"  !"cars"  !"chat"  !"costtraps"  !"dating"  !"downloads"  !"downloads-1"  !"fortunetelling"  !"gamble"  !"games-misc"  !"games-online"  !"hacking"  !"lingerie"  !"models"  !"movies"  !"music"  !"pets"  !"porn"  !"remotecontrol"  !"ringtones"  !"socialnet"  !"socialnetworks"  !"tracker"  !"updatesites"  !"violence"  !"warez"  !"webphone"  !"webradio"  !"webtv"  all
        redirect     http://192.168.2.202/cgi-bin/nethserver-block.cgi?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetgroup=%t&url=%u
    }

}

Harold_Maponde_Shama · August 2, 2017, 11:53am

I have a temporary fix for the issue. The not very pleased with it. Have a feeling problem is originating from the windows AD. What i have done is created a new OU called Proxy and then created a group called proxies under the Proxy OU. Thrown all my teachers in that group. When i check the Users list under
"/usr/libexec/nethserver/ufdbguard-list-group-members proxies" all populating:) All for now and thanks alot. I hope i can figure out the actual problem anayway.

m.traeumner · August 2, 2017, 12:23pm

I think you should have an “else” here like the following example from http://www.squidguard.org/Doc/sourceacl.html

minor within nonworkhours {
       pass !porn !spyware !tracker !banking !webtv !webradio !banking all
    } else {
       pass !porn !spyware !tracker !banking !webtv !webradio !shopping !banking !games all

Were all groups of users listed in the same OU. I ask because I have had problems with multiple branches, I only could connect to one.

Harold_Maponde_Shama · August 2, 2017, 12:53pm

Well i have a top level OU called School then under that there is Education/Student/Grades…,etc
Similar Structure for staff. So yes i have multiple OUs. So what i i have done is created An OU for Staff and Students Under My Top Level OU and this seems to work…
Quick question off the topic though, I have removed the firewall module, Has this got any negative effect on my server?
Thanks alot for your interest and time

m.traeumner · August 8, 2017, 12:44pm

Sorry for late response,

I think it’s not wrong to have the firewall installed. For example, I’ve added some firewallobjects to bypass the proxy for some sites.

Could you try to create all OU’s you need this way and have a look if it works for all users in there.