Verification of your squidGuard Configuration

Now that you have installed and configured your squidGuard you just check a couple of things before going online.

  1. Permissions
    Ensure that the blacklist and db files belong to your squid user. If squid cannot access (or modify) them blocking will not work.
  2. SquidGuard dry-run
    To verify that your configuration is working run the following command (changed to reflect your configuration):
    Dry-run squidGuard
    echo " - - GET" |
    squidGuard -c /tmp/test.cfg -d

    If the redirector works properly you should see the redirection URL for the blocked site. For sites not being part of your blacklists the output should end with:

    2007-03-25 16:18:05 [30042] squidGuard ready for requests (1174832285.085)

    2007-03-25 16:18:05 [30042] squidGuard stopped (1174832285.089)

    Some remarks about the different entries of the echoed line:

    • The first entry is the URL you want to test.
    • The second entry is the client IP address. If you configured access control based on IP addresses make sure to test allowed and not allowed IP addresses to ensure proper working.
    • In the third entry (the first – ) you can specify a username. This is only of importance if you have access control based on user names. Make sure to check different names with different access to verify your configuration.

Finalizing the installation by configuring squid

If everything is working properly add the following line to your squid.conf (assuming that your squidGuard is installed in /usr/local; make sure to change the paths to match your installation accordingly):

 redirect_program /usr/local/bin/squidGuard -c