Bug #3398
Global whitelist not working when URLBlacklist.com is the Blacklists database
Status: | CLOSED | Start date: | ||
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | - | % Done: | 100% | |
Category: | nethserver-squidguard | |||
Target version: | v6.8-beta1 | |||
Security class: | Resolution: | |||
Affected version: | v6.7 | NEEDINFO: | No |
Description
- Content Filter (squidGuard)
- Blacklist in use : URLBlacklist.com
The global whitelist isn't working, this problem seems to not appear with other blacklists DB (as Shalla or Touluse)
Making some test and analisys I found that urlblacklist.com downloaded also a whitelist and in the squidguard.conf file there is just the downloaded whitelist and not the global whitelist of nethserver.
There is a sort of override of the nethserver's whitelist.
extract from squidguard.conf with urlblacklist.com DB:
dest whitelist { domainlist /var/squidGuard/blacklists/whitelist/domains urllist /var/squidGuard/blacklists/whitelist/urls logfile urlfilter.log }
extract from squidguard.conf with Shalla DB (no problems in this case) :
dest whitelist { domainlist /var/squidGuard/blacklists/custom/whitelist/domains urllist /var/squidGuard/blacklists/custom/whitelist/urls logfile urlfilter.log }
To avoid any problem It should be enough to rename the custom whitelist with a name not present in any blacklist, for example : neth_whitelist, neth_blacklist ...
Associated revisions
squidGuard.conf: avoid name clash on global whitelist and blacklist. Refs #3398
squidGuard.conf: avoid name clash on global whitelist and blacklist. Refs #3398
History
#1 Updated by Giacomo Sanchietti about 5 years ago
- Status changed from NEW to TRIAGED
- Target version set to v6.8-beta1
- % Done changed from 0 to 20
#2 Updated by Giacomo Sanchietti about 5 years ago
- Status changed from TRIAGED to ON_DEV
- Assignee set to Giacomo Sanchietti
- % Done changed from 20 to 30
#3 Updated by Giacomo Sanchietti about 5 years ago
- Status changed from ON_DEV to MODIFIED
- % Done changed from 30 to 60
Added nh_
prefix to whitelist and blacklist.
#4 Updated by Giacomo Sanchietti about 5 years ago
- Status changed from MODIFIED to ON_QA
- Assignee deleted (
Giacomo Sanchietti) - % Done changed from 60 to 70
- nethserver-squidguard-1.4.2-1.1.g24d2177.ns6.noarch.rpm
- Check the bug is not reproducible
- Add a domain to the whitelist and check it's not blocked
- Add a domain to the blacklist and check it's blocked
#5 Updated by Davide Marini about 5 years ago
- Status changed from ON_QA to VERIFIED
- % Done changed from 70 to 90
Installed blacklists from UrlBlacklacklist.com, custom whitelist enabled in the filter section:
the whitelist section taken from urlblacklist.com does not appear in the squidGuard.conf
[root@vmdavide67 ~]# grep -i whitelist /etc/squid/squidGuard.conf dest whitelist { domainlist /var/squidGuard/blacklists/custom/whitelist/domains urllist /var/squidGuard/blacklists/custom/whitelist/urls pass whitelist !blacklist !in-addr !builtin !pers !whitelist all
after installing the updated packet squidGuard.conf has the right configuration:
[root@vmdavide67 ~]# grep -i whitelist /etc/squid/squidGuard.conf dest whitelist { domainlist /var/squidGuard/blacklists/whitelist/domains urllist /var/squidGuard/blacklists/whitelist/urls dest nh_whitelist { domainlist /var/squidGuard/blacklists/custom/whitelist/domains urllist /var/squidGuard/blacklists/custom/whitelist/urls pass nh_whitelist !nh_blacklist !in-addr !builtin !pers !whitelist all
and the content filter works as expected.
#6 Updated by Giacomo Sanchietti about 5 years ago
- Status changed from VERIFIED to CLOSED
- % Done changed from 90 to 100
- 6.8/nethserver-base: nethserver-squidguard-1.4.3-1.ns6.noarch.rpm
- 7.2/nethserver-testing: nethserver-squidguard-1.4.3-1.4.gcaa0e97.ns7.noarch.rpm