Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Dansguardian seems to blanket-deny [SOLVED]
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
mocsokmike
Tux's lil' helper
Tux's lil' helper


Joined: 04 Aug 2005
Posts: 116
Location: Budapest, Hungary

PostPosted: Thu Aug 16, 2012 12:32 pm    Post subject: Dansguardian seems to blanket-deny [SOLVED] Reply with quote

I have recently updated our squid/dansguardian proxy, and the squid part works fine, but dansguardian went crazy.
  • If I try to load a banned site, I receive the banned page from dansguardian. This is OK.
  • If I try to load an exception site, it loads properly. This is OK too.
  • If I try to load another site (not in the banned or exception list), nothing happens (for example, links returns: Error reading from socket).

I don't use blanket banning or blanket exceptions. Here are my configs, mostly kept from the previous (working) installation:
/etc/dansguardian.conf
Code:
reportinglevel = 3
languagedir = '/usr/share/dansguardian/languages'
language = 'hungarian'
loglevel = 3
logexceptionhits = 0
logfileformat = 1
anonymizelogs = off
syslog = on
filterip =
filterport = 8080
proxyip = 127.0.0.1
proxyport = 3128
accessdeniedaddress = 'http://mail.globalunion.hu/cgi-bin/dansguardian.pl'
nonstandarddelimiter = on
usecustombannedimage = on
custombannedimagefile = '/usr/share/dansguardian/transparent1x1.gif'
filtergroups = 1
filtergroupslist = '/etc/dansguardian/lists/filtergroupslist'
bannediplist = '/etc/dansguardian/lists/bannediplist'
exceptioniplist = '/etc/dansguardian/lists/exceptioniplist'
showweightedfound = on
weightedphrasemode = 2
urlcachenumber = 1000
urlcacheage = 900
scancleancache = off
phrasefiltermode = 2
preservecase = 0
hexdecodecontent = off
forcequicksearch = off
reverseaddresslookups = on
reverseclientiplookups = on
logclienthostnames = on
createlistcachefiles = on
maxuploadsize = -1
maxcontentfiltersize = 4096
maxcontentramcachescansize = 20480
maxcontentfilecachescansize = 20480
filecachedir = '/tmp'
deletedownloadedtempfiles = on
initialtrickledelay = 20
trickledelay = 10
downloadmanager = '/etc/dansguardian/downloadmanagers/default.conf'
contentscanner = '/etc/dansguardian/contentscanners/clamdscan.conf'
contentscannertimeout = 60
contentscanexceptions = off
recheckreplacedurls = off
forwardedfor = on
usexforwardedfor = on
logconnectionhandlingerrors = on
logchildprocesshandling = off
maxchildren = 120
minchildren = 8
minsparechildren = 4
preforkchildren = 6
maxsparechildren = 32
maxagechildren = 500
maxips = 0
ipcfilename = '/tmp/.dguardianipc'
urlipcfilename = '/tmp/.dguardianurlipc'
ipipcfilename = '/tmp/.dguardianipipc'
nodaemon = off
nologger = off
logadblocks = off
loguseragent = off
softrestart = off
mailer = '/usr/sbin/sendmail -t'

/etc/dansguardianf1.conf
Code:
groupmode = 1
groupname = ''
bannedphraselist = '/etc/dansguardian/lists/bannedphraselist'
weightedphraselist = '/etc/dansguardian/lists/weightedphraselist'
exceptionphraselist = '/etc/dansguardian/lists/exceptionphraselist'
bannedsitelist = '/etc/dansguardian/lists/bannedsitelist'
greysitelist = '/etc/dansguardian/lists/greysitelist'
exceptionsitelist = '/etc/dansguardian/lists/exceptionsitelist'
bannedurllist = '/etc/dansguardian/lists/bannedurllist'
greyurllist = '/etc/dansguardian/lists/greyurllist'
exceptionurllist = '/etc/dansguardian/lists/exceptionurllist'
exceptionregexpurllist = '/etc/dansguardian/lists/exceptionregexpurllist'
bannedregexpurllist = '/etc/dansguardian/lists/bannedregexpurllist'
picsfile = '/etc/dansguardian/lists/pics'
contentregexplist = '/etc/dansguardian/lists/contentregexplist'
urlregexplist = '/etc/dansguardian/lists/urlregexplist'
blockdownloads = off
exceptionextensionlist = '/etc/dansguardian/lists/exceptionextensionlist'
exceptionmimetypelist = '/etc/dansguardian/lists/exceptionmimetypelist'
bannedextensionlist = '/etc/dansguardian/lists/bannedextensionlist'
bannedmimetypelist = '/etc/dansguardian/lists/bannedmimetypelist'
exceptionfilesitelist = '/etc/dansguardian/lists/exceptionfilesitelist'
exceptionfileurllist = '/etc/dansguardian/lists/exceptionfileurllist'
headerregexplist = '/etc/dansguardian/lists/headerregexplist'
bannedregexpheaderlist = '/etc/dansguardian/lists/bannedregexpheaderlist'
naughtynesslimit = 200
categorydisplaythreshold = 0
embeddedurlweight = 0
enablepics = off
infectionbypass = 0
infectionbypasskey = ''
infectionbypasserrorsonly = on
disablecontentscan = off
deepurlanalysis = off
reportinglevel = 3
accessdeniedaddress = 'http://mail.globalunion.hu/cgi-bin/dansguardian.pl'
htmltemplate = 'template.html'
usesmtp = off
mailfrom = ''
avadmin = ''
contentadmin = ''
avsubject = 'dansguardian virus block'
contentsubject = 'dansguardian violation'
notifyav = off
notifycontent = off
thresholdbyuser = off
violations = 0
threshold = 0

I have net-proxy/dansguardian-2.10.0.3
Any ideas?

EDIT:
Solved! Found that someone else had the same issues as well: link
dansguardian-2.10.0.3 does not work properly with newer versions of libpcre than 8.21. :evil:

I did the following:
Code:
ACCEPT_KEYWORDS="~amd64" emerge =dev-libs/libpcre-8.21
mkdir /root/pcre-old
cp -a /usr/lib/libpcre* /root/pcre-old
cp -a /lib/libpcre* /root/pcre-old
ln -sf /lib/libpcre.so.1 /root/pcre-old/libpcre.so
emerge dev-libs/libpcre
/etc/init.d/dansguardian stop

Added this line to the beginning of /etc/init.d/dansguardian:
Code:
export "LD_LIBRARY_PATH=/root/pcre-old"

Started Dansguardian, and it worked properly.
Of course, when an update overwrites my initscript, it will break again, but in case they didn't fixed this PCRE problem they have yet, I will add that line again... :wink:
_________________
format c:
emerge system
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum