■Lenny、Squeezeで確認
「squidGuard.conf」へのacl作成スクリプトを修正
echo -e "dest ${DIR} {\n\tdomainlist\t${DIR}/domains\n\turllist\t\t${DIR}/urls"
echo -e "\tlogfile /var/log/squid/block/${DIR}.log\n\tredirect http://www.labunix.net/block.html\n}\n"; \
done
■「squid.conf」の事前チェック、squidGuardのDB作成
squid設定の再読み込み、再チェック
■テスト
b.st-hatena.com/js/bookmark_button.js
Black
■サイズが「0」のブロックログ
-rw-r--r-- 1 proxy proxy 0 2012-03-15 19:57 /var/log/squid/block/ads.log
-rw-r--r-- 1 proxy proxy 0 2012-03-15 19:57 /var/log/squid/block/aggressive.log
-rw-r--r-- 1 proxy proxy 0 2012-03-15 19:57 /var/log/squid/block/audio-video.log
-rw-r--r-- 1 proxy proxy 0 2012-03-15 19:57 /var/log/squid/block/drugs.log
-rw-r--r-- 1 proxy proxy 0 2012-03-15 19:57 /var/log/squid/block/gambling.log
-rw-r--r-- 1 proxy proxy 0 2012-03-15 19:57 /var/log/squid/block/hacking.log
-rw-r--r-- 1 proxy proxy 0 2012-03-15 19:57 /var/log/squid/block/mail.log
-rw-r--r-- 1 proxy proxy 0 2012-03-15 19:58 /var/log/squid/block/porn.log
-rw-r--r-- 1 proxy proxy 0 2012-03-15 19:58 /var/log/squid/block/proxy.log
-rw-r--r-- 1 proxy proxy 0 2012-03-15 19:58 /var/log/squid/block/redirector.log
-rw-r--r-- 1 proxy proxy 0 2012-03-15 19:58 /var/log/squid/block/spyware.log
-rw-r--r-- 1 proxy proxy 0 2012-03-15 19:58 /var/log/squid/block/suspect.log
-rw-r--r-- 1 proxy proxy 0 2012-03-15 19:58 /var/log/squid/block/violence.log
-rw-r--r-- 1 proxy proxy 0 2012-03-15 19:58 /var/log/squid/block/warez.log
■サイズが「1」以上のブロックログ
-rw-r--r-- 1 proxy proxy 145 2012-03-15 19:59 /var/log/squid/block/personal.log
■1時間以内に変更のあったログ
0.0416667
/var/log/squid/block/
/var/log/squid/block/suspect.log
/var/log/squid/block/mail.log
/var/log/squid/block/ads.log
/var/log/squid/block/warez.log
/var/log/squid/block/spyware.log
/var/log/squid/block/drugs.log
/var/log/squid/block/proxy.log
/var/log/squid/block/redirector.log
/var/log/squid/block/audio-video.log
/var/log/squid/block/personal.log
/var/log/squid/block/gambling.log
/var/log/squid/block/aggressive.log
/var/log/squid/block/hacking.log
/var/log/squid/block/violence.log
/var/log/squid/block/porn.log
■上記の1/4、つまり15分以内に更新のあったログ
/var/log/squid/block/personal.log
■ログのチェック
2012-03-15 19:59:14 [5538] Request(default/personal/-) http://b.st-hatena.com/js/bookmark_button.js [host_info] - GET
■過去一日の間に更新があったブロックリストをシステムメール送信
set -e
if [ `id -u` -ne "0" ];then
echo "Sorry,Not Permit User!"
exit 2
fi
TEMP="/var/log/squid/squidGuard_block_report.log"
sudo -u proxy echo -e "`LANG=C date`\n# SquidGuard block Report" > ${TEMP}
for bar in `seq 1 80`;do echo "#";done | xargs echo -n | \
sudo -u proxy sed s/" "//g >> ${TEMP}
echo "" >> ${TEMP}
sudo -u proxy find /var/log/squid/block -mtime -1 -print | \
grep -v "block\$" | \
for list in `xargs`;do
TITLE=`echo "$list" | sed s%"/var/log/squid/block/"%%g | sed s/"\.log"//g`
echo "[ ${TITLE} ]"
test -f "$list" && sudo -u proxy cat "${list}"
done >> ${TEMP}
cat ${TEMP} | mail -s "squidGuard Block Report" root
unset TEMP bar TITLE list
exit 0
■実行すると、以下のようなメールが届く
※2日目以降は変更のファイルのみ
Subject: squidGuard Block Report
Thu Mar 15 21:49:50 JST 2012
[ warez ]
[ suspect ]
[ spyware ]
[ hacking ]
[ mail ]
[ redirector ]
[ ads ]
[ violence ]
[ proxy ]
[ gambling ]
[ drugs ]
[ porn ]
[ personal ]
2012-03-15 20:49:41 [2200] Request(default/personal/-) http://b.st-hatena.com/js
/bookmark_button.js 192.168.188.188/debian-squeeze - GET REDIRECT
[ audio-video ]
[ aggressive ]
■2日目以降からは以下のようになるはず。
Subject: squidGuard Block Report
Thu Mar 15 21:49:50 JST 2012
[ personal ]
2012-03-15 20:49:41 [2200] Request(default/personal/-) http://b.st-hatena.com/js
/bookmark_button.js 192.168.188.188/debian-squeeze - GET REDIRECT
■更新が無かった場合
Subject: squidGuard Block Report
Thu Mar 15 21:52:09 JST 2012
■cronで自動化
$ sudo cp squidGuard_report.sh /etc/cron.daily/
