Zapping Ads with Squid and adzapper

Discuss Applications
User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main » Thu May 01, 2003 1:58 pm

You *can* make blank placeholders. But they have to be accessible on a web server, "/etc/squid/zaps" is not a web URL. Turn apache on on the machine you have Squid installed on and stick your images in "/var/www/html/zaps" and use "http://yoursquidserver/zaps" as the URL.

Also, I believe you could have the zapper script just strip all occurances of the ad but I see two problems with this. One is it would screw up the formatting of the web page and the second is you would have to heavily modify your "squid_redirect" script (if that would be enough to do it). It wouldn't hurt for you to open that script up and take a look at it. You should see things like where the environment variables are set to the default URL of http://adzapper.sourceforge.net/zaps.

jarends
n00b
n00b
Posts: 4
Joined: Sun Jun 22, 2003 9:28 pm

Post by jarends » Sun Jun 22, 2003 11:32 pm

any way you could post the cgi you wrote?

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main » Sun Jun 22, 2003 11:50 pm

Which CGI? The CGI scripts I used to manage my allowed sites and user lists? I would have to do some work to the CGI scripts to make them generic and do some documenting. I keep meaning to do it but I always get side tracked. The latest side track is learning more about LDAP and setting up a directory...

jarends
n00b
n00b
Posts: 4
Joined: Sun Jun 22, 2003 9:28 pm

Post by jarends » Mon Jun 23, 2003 5:12 pm

The CGIs to add/remove stuff from the access lists. I run a couple of squidguard boxes right now.

The problem I had with writing a web interface was how to get something on the web to run commands as root like squid -k restart. I couldn't come up with a safe way to do that.

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main » Mon Jun 23, 2003 5:21 pm

Webmin has a Squid interface for doing the basic configurations but I created custom CGI scripts to manipulate user lists and acl files for the base Squid setup so I could have a file with a list of web servers and domains and only allow users in a certain group access to those specific sites will allowing users in another group wide open access except for banned sites, etc, etc. The CGI scripts allow me to edit the user and domain lists and then reload squid if anything has changed. I don't have an interface to manipulate the SquidGuard acls as I didn't start using SquidGuard until recently and DansGuardian even more recently.

Having said that, this is how I reload squid from the CGI:

Code: Select all

system("/usr/bin/sudo /etc/rc.d/init.d/squid reload");
"sudo" works great for this. You just configure the /etc/sudoers file to allow the user apache to execute the above command. And of course I limit access to the CGI programs via htaccess authentication.

Maniaman
scripter
scripter
Posts: 94
Joined: Tue Mar 11, 2003 5:10 pm

Post by Maniaman » Mon Jul 21, 2003 6:46 pm

I must have something set up wrong here...

Exerpt from /etc/squid/squid.conf
acl mynetwork src 192.168.0.0/255.255.255.0
acl bannedsites dstdomain "/etc/squid/banned.sites"

http_access allow localhost !bannedsites
http_access allow mynetwork !bannedsites
http_access deny bannedsites
http_access deny all
And my banned.sites...
.microsoft.com
.msn.com
.doubleclick.net
For some reason its blocking every website... I cant seem to figure out the problem either

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main » Mon Jul 21, 2003 6:52 pm

Hmmmm, it looks like that should work. Did you restart Squid after making the changes? I don't see a need for the "http_access deny bannedsites" line though.

Maniaman
scripter
scripter
Posts: 94
Joined: Tue Mar 11, 2003 5:10 pm

Post by Maniaman » Mon Jul 21, 2003 6:57 pm

I've tried it with the http_access deny bannedsites commented out. I done both server squid reload and service squid restart when I update the config file

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main » Mon Jul 21, 2003 7:05 pm

I just tested your rules on a test Squid server and they worked fine. Your clients are in the 192.168.0.* range right? If so is there a place you can stick your squid.conf file and your banned.sites file so I can inspect them more closely? Also, right after making an attempt to connect what does the output of these commands give you:

Code: Select all

# tail /var/log/squid/access.log
# grep squid /var/log/messages | tail

Maniaman
scripter
scripter
Posts: 94
Joined: Tue Mar 11, 2003 5:10 pm

Post by Maniaman » Mon Jul 21, 2003 7:18 pm

<>This post go poof<>
Last edited by Maniaman on Mon Jul 21, 2003 8:34 pm, edited 1 time in total.

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main » Mon Jul 21, 2003 7:32 pm

By looking at your access log I can see that your client is actually 192.168.1.253 and not 192.168.0.253 which is what it would have to be to fit your acl definition. Change the "192.168.0.0/255.255.255.0" to "192.168.1.0/255.255.255.0" in your squid.conf. This would allow clients in the range of 192.168.1.1 through 192.168.1.254 to access your squid cache.
Last edited by Void Main on Mon Jul 21, 2003 7:38 pm, edited 1 time in total.

Maniaman
scripter
scripter
Posts: 94
Joined: Tue Mar 11, 2003 5:10 pm

Post by Maniaman » Mon Jul 21, 2003 7:37 pm

It works! :)

Thanks for the help void :D

Now all I need is a cgi script to add sites to the banned list ;)

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main » Mon Jul 21, 2003 7:39 pm

Maniaman wrote:Now all I need is a cgi script to add sites to the banned list ;)
Uh, that's not a hint is it? :) I should write a generic one from scratch, it's only like 5 minutes of work.

Maniaman
scripter
scripter
Posts: 94
Joined: Tue Mar 11, 2003 5:10 pm

Post by Maniaman » Mon Jul 21, 2003 7:42 pm

Uh, that's not a hint is it?
Of course it is :p

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main » Mon Jul 21, 2003 8:35 pm

I'll try and whip one up tonight or tomorrow night. Don't forget to remind me if I forget again. :)

Post Reply