[ale] The joy of false postives - squidGuard / blacklist-upd

[BruceG]

On Monday 03 May 2004 08:04, BruceG wrote:
> On Sunday 02 May 2004 22:38, James P. Kinney III wrote:
> > A second thought on this:
> >
> > Make a new list that is an approved list and add these sites to it. If
> > the attempted site is not on the approved list the default list is
> > checked and _that_ one goes to the blacklist.
>
> Thanks, that's what I'll try. I see that the script and acl's have 2
> databases defined but not populated. One is local-ok, the other is
> local-block. Looks the purpose is to add user defined blocking and
> approval. I messed it up I guess - as the local-ok is either not getting
> picked up, or I didn't do it correctly. Time to read a little more doc.
> Although the format looks real straight-forward.
>

Found it and fixed it. WooHoo! I was updating local-ok in /var/spool/
squidGuard/db/local-ok. I should have hit it in /var/spool/squidGuard/db/
custom/local-ok. Looks like pretty much every problem I encountered was with 
getting directories and paths written correctly. Up and running now!

Hey all - if you need blacklists for your proxy server, the script and 
blacklists at http://www.bn-paf.de/filter seems pretty good. It downloads the 
blacklists, pops them in directories, creates the textfiles, and compiles the 
databases. You can do custom allows and blocks by creating domain or url 
entries in /var/spool/squidGuard/db/custom/local-ok and local-block.

You are supposed to be able to add the script to cron for weekly diffs and 
monthly full updates. I haven't got that far yet. I think I'll let this run 
for a week or so, then consider adding a second nic to the server and making 
it a transparent proxy.  That seems like a steep learning curve, so I'll give 
it a little more thought.