Hi Expert,
Please help to fix issue that can not block blacklist
There is more about a configure:
System version: NethServer release 7.3.1611
allow_domain
nethserver.org
bbc.com
nh_blacklist
youtube.com
facebook.com
Proxy mode
Authenticated
vi /etc/ufdbguard/ufdbGuard.conf
src src_user1_profiles {
user “user1”
}
time always {
weekly mtwhfas 00:00-23:59
}
# Profile: User1_profiles
src_user1_profiles within always {
pass !security nh_whitelist !nh_blacklist !files !builtin "allow_domain" none
}
default {
pass !security nh_whitelist !nh_blacklist !in-addr !files !builtin "nofilter_user" none
redirect http://1xx.xxx.xx.xx/cgi-bin/nethserver-block.cgi?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetgroup=%t&url=%u
}
default {
pass !security nh_whitelist !nh_blacklist !in-addr !files !builtin "nofilter_user" none
redirect http://1xx.xxx.xx.xx/cgi-bin/nethserver-block.cgi?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetgroup=%t&url=%u
}
tail -f /var/log/squid/access.log
TCP_TUNNEL/200 6343 CONNECT www.youtube.com:443 user1@xxxx.xxxx HIER_DIRECT/216.58.196.14 -
TCP_TUNNEL/200 129567 CONNECT www.facebook.com:443 user1@xxxx.xxxx HIER_DIRECT/157.240.7.35 -
tail -f /var/log/ufdbguard/ufdbguardd.log
2017-06-17 09:53:57 [30663] LANG is ‘C’
2017-06-17 09:53:57 [30663] 32 HTTPS verification threads created.
2017-06-17 09:53:57 [30663] ERROR: A FATAL ERROR OCCURRED: ALL REQUESTS ARE ANSWERED WITH “OK” (see previous lines with “FATAL ERROR” for more information) *****
2017-06-17 09:53:57 [30663] Changing daemon status to “error”
2017-06-17 09:53:57 [30663] UNIX socket “/tmp/ufdbguardd-03977” successfully created
2017-06-17 09:53:57 [30663] listening on UNIX socket “/tmp/ufdbguardd-03977”
2017-06-17 09:53:57 [30663] using rwlock for database locking with preference for “writer”
2017-06-17 09:53:57 [30663] processor yielding is enabled
2017-06-17 09:53:57 [30663] system: x86_64 Linux 3.10.0-514.16.1.el7.x86_64 bypass.network.local on 4 CPUs
2017-06-17 09:53:57 [30663] ufdbguardd 1.32.4 started with 68 URL verification threads and 32 SSL verification threads
The Result :
user1 can access the youtube and facebook !
Thank you
Ya