[squid-users] squid3.4 - MySQL, PHP script - block websites

Sun Nov 15 14:53:56 UTC 2015

Hello,

Now, I use the follow script.
But, it ends in endless search - web browser site search.

#!/usr/bin/python

import sys
import time

def grant ():
       sys.stdout.write( 'OK\n' )

def deny ():
       sys.stdout.write( 'ERR\n' )

while True:
     line = sys.stdin.readline()
     if (line.find("web.de") > -1):
         grant()
     else:
         deny()
         time.sleep(1)

2015/11/15 15:47:00.020 kid1| SECURITY ALERT: on URL: s3.amazonaws.com:443
2015/11/15 15:47:00.020 kid1| abandoning local=192.168.178.79:3128 
remote=192.168.178.79:53719 FD 29 flags=33
2015/11/15 15:47:05.659 kid1| SECURITY ALERT: Host header forgery 
detected on local=192.168.178.79:3128 remote=192.168.178.79:53722 FD 34 
flags=33 (intercepted port does not match 443)
2015/11/15 15:47:05.659 kid1| SECURITY ALERT: By user agent: Mozilla/5.0 
(X11; Linux x86_64; rv:38.0) Gecko/20100101 Firefox/38.0 Iceweasel/38.3.0
2015/11/15 15:47:05.659 kid1| SECURITY ALERT: on URL: 
safebrowsing.google.com:443
2015/11/15 15:47:05.659 kid1| abandoning local=192.168.178.79:3128 
remote=192.168.178.79:53722 FD 34 flags=33
2015/11/15 15:48:01 kid1| Preparing for shutdown after 22 requests
2015/11/15 15:48:01 kid1| Waiting 30 seconds for active connections to 
finish
2015/11/15 15:48:01 kid1| Closing HTTP port 0.0.0.0:3129
2015/11/15 15:48:01 kid1| Closing HTTP port 0.0.0.0:3128
2015/11/15 15:48:01 kid1| Closing Pinger socket on FD 30
2015/11/15 15:48:01 kid1| Shutdown: NTLM authentication.
2015/11/15 15:48:01 kid1| Shutdown: Negotiate authentication.
2015/11/15 15:48:01 kid1| Shutdown: Digest authentication.
2015/11/15 15:48:01 kid1| Shutdown: Basic authentication.
2015/11/15 15:41:44| Pinger exiting.
2015/11/15 15:48:32 kid1| Shutting down...
2015/11/15 15:48:32 kid1| Closing unlinkd pipe on FD 23
2015/11/15 15:48:32 kid1| storeDirWriteCleanLogs: Starting...
2015/11/15 15:48:32 kid1|   Finished.  Wrote 3483 entries.
2015/11/15 15:48:32 kid1|   Took 0.00 seconds (2294466.40 entries/sec).
CPU Usage: 0.180 seconds = 0.120 user + 0.060 sys
Maximum Resident Size: 100576 KB
Page faults with physical i/o: 0
Memory usage for squid via mallinfo():
     total space in arena:    5748 KB
     Ordinary blocks:         5637 KB     24 blks
     Small blocks:               0 KB      5 blks
     Holding blocks:         36624 KB      7 blks
     Free Small blocks:          0 KB
     Free Ordinary blocks:     110 KB
     Total in use:           42261 KB 735%
     Total free:               110 KB 2%
2015/11/15 15:48:32 kid1| Logfile: closing log 
stdio:/sap/squid/log/store.log
2015/11/15 15:48:32 kid1| Logfile: closing log 
stdio:/sap/squid/log/access.log
2015/11/15 15:48:32 kid1| Open FD READ/WRITE    7 DNS Socket IPv6
2015/11/15 15:48:32 kid1| Open FD UNSTARTED     8 DNS Socket IPv4
2015/11/15 15:48:32 kid1| Open FD WRITING      10 block.sh #1
2015/11/15 15:48:32 kid1| Open FD READ/WRITE   11 Reading next request
2015/11/15 15:48:32 kid1| Open FD WRITING      12 block.sh #2
2015/11/15 15:48:32 kid1| Open FD READ/WRITE   13 Reading next request
2015/11/15 15:48:32 kid1| Open FD WRITING      14 block.sh #3
2015/11/15 15:48:32 kid1| Open FD READ/WRITE   15 Reading next request
2015/11/15 15:48:32 kid1| Open FD WRITING      16 block.sh #4
2015/11/15 15:48:32 kid1| Open FD READ/WRITE   17 Reading next request
2015/11/15 15:48:32 kid1| Open FD WRITING      18 block.sh #5
2015/11/15 15:48:32 kid1| Open FD READ/WRITE   21 Reading next request
2015/11/15 15:48:32 kid1| Open FD READ/WRITE   22 Reading next request
2015/11/15 15:48:32 kid1| Open FD READ/WRITE   25 Reading next request
2015/11/15 15:48:32 kid1| Open FD READ/WRITE   26 Reading next request
2015/11/15 15:48:32 kid1| Open FD READ/WRITE   29 Reading next request
2015/11/15 15:48:32 kid1| Open FD READING      31 Reading next request
2015/11/15 15:48:32 kid1| Open FD READ/WRITE   32 Reading next request
2015/11/15 15:48:32 kid1| Open FD READ/WRITE   34 Reading next request
2015/11/15 15:48:32 kid1| Squid Cache (Version 3.4.8): Exiting normally.
2015/11/15 15:48:33 kid1| Set Current Directory to /sap/var/spool/squid
2015/11/15 15:48:33 kid1| Starting Squid Cache version 3.4.8 for 
x86_64-pc-linux-gnu...
2015/11/15 15:48:33 kid1| Process ID 10874
2015/11/15 15:48:33 kid1| Process Roles: worker
2015/11/15 15:48:33 kid1| With 65535 file descriptors available
2015/11/15 15:48:33 kid1| Initializing IP Cache...
2015/11/15 15:48:33 kid1| DNS Socket created at [::], FD 7
2015/11/15 15:48:33 kid1| DNS Socket created at 0.0.0.0, FD 8
2015/11/15 15:48:33 kid1| Adding nameserver fd00::c225:6ff:fe71:2b from 
/etc/resolv.conf
2015/11/15 15:48:33 kid1| helperOpenServers: Starting 0/4 
'basic_ncsa_auth' processes
2015/11/15 15:48:33 kid1| helperOpenServers: No 'basic_ncsa_auth' 
processes needed.
2015/11/15 15:48:33 kid1| helperOpenServers: Starting 5/5 'block.sh' 
processes
2015/11/15 15:48:33 kid1| Logfile: opening log /sap/squid/log/access.log
2015/11/15 15:48:33 kid1| WARNING: log name now starts with a module 
name. Use 'stdio:/sap/squid/log/access.log'
2015/11/15 15:48:33 kid1| Unlinkd pipe opened on FD 23
2015/11/15 15:48:33 kid1| Local cache digest enabled; rebuild/rewrite 
every 3600/3600 sec
2015/11/15 15:48:33 kid1| Logfile: opening log /sap/squid/log/store.log
2015/11/15 15:48:33 kid1| WARNING: log name now starts with a module 
name. Use 'stdio:/sap/squid/log/store.log'
2015/11/15 15:48:33 kid1| Swap maxSize 65536 + 8192 KB, estimated 5671 
objects
2015/11/15 15:48:33 kid1| Target number of buckets: 283
2015/11/15 15:48:33 kid1| Using 8192 Store buckets
2015/11/15 15:48:33 kid1| Max Mem  size: 8192 KB
2015/11/15 15:48:33 kid1| Max Swap size: 65536 KB
2015/11/15 15:48:33 kid1| Rebuilding storage in /sap/var/spool/squid 
(clean log)
2015/11/15 15:48:33 kid1| Using Least Load store dir selection
2015/11/15 15:48:33 kid1| Set Current Directory to /sap/var/spool/squid
2015/11/15 15:48:33 kid1| Finished loading MIME types and icons.
2015/11/15 15:48:33 kid1| HTCP Disabled.
2015/11/15 15:48:33 kid1| Pinger socket opened on FD 30
2015/11/15 15:48:33 kid1| Squid plugin modules loaded: 0
2015/11/15 15:48:33 kid1| Adaptation support is off.
2015/11/15 15:48:33 kid1| Accepting HTTP Socket connections at 
local=0.0.0.0:3128 remote=[::] FD 27 flags=9
2015/11/15 15:48:33 kid1| Accepting HTTP Socket connections at 
local=192.168.178.79:3128 remote=[::] FD 28 flags=9
2015/11/15 15:48:33| pinger: Initialising ICMP pinger ...
2015/11/15 15:48:33| pinger: ICMP socket opened.
2015/11/15 15:48:33| pinger: ICMPv6 socket opened
2015/11/15 15:48:33 kid1| Done reading /sap/var/spool/squid swaplog 
(3483 entries)
2015/11/15 15:48:33 kid1| Finished rebuilding storage from disk.
2015/11/15 15:48:33 kid1|      3483 Entries scanned
2015/11/15 15:48:33 kid1|         0 Invalid entries.
2015/11/15 15:48:33 kid1|         0 With invalid flags.
2015/11/15 15:48:33 kid1|      3483 Objects loaded.
2015/11/15 15:48:33 kid1|         0 Objects expired.
2015/11/15 15:48:33 kid1|         0 Objects cancelled.
2015/11/15 15:48:33 kid1|         0 Duplicate URLs purged.
2015/11/15 15:48:33 kid1|         0 Swapfile clashes avoided.
2015/11/15 15:48:33 kid1|   Took 0.03 seconds (103010.77 objects/sec).
2015/11/15 15:48:33 kid1| Beginning Validation Procedure
2015/11/15 15:48:33 kid1| ERROR: listen( FD 28, 192.168.178.79 [ job2], 
16383): (98) Address already in use
2015/11/15 15:48:33 kid1|   Completed Validation Procedure
2015/11/15 15:48:33 kid1|   Validated 3482 Entries
2015/11/15 15:48:33 kid1|   store_swap_size = 58912.00 KB
2015/11/15 15:48:34 kid1| storeLateRelease: released 0 objects
2015/11/15 15:48:59 kid1| Reconfiguring Squid Cache (version 3.4.8)...
2015/11/15 15:48:59 kid1| Closing HTTP port 0.0.0.0:3128
2015/11/15 15:48:59 kid1| Closing HTTP port 192.168.178.79:3128
2015/11/15 15:48:59 kid1| Closing Pinger socket on FD 30
2015/11/15 15:48:59 kid1| Logfile: closing log 
stdio:/sap/squid/log/store.log
2015/11/15 15:48:59 kid1| Logfile: closing log 
stdio:/sap/squid/log/access.log
2015/11/15 15:48:59 kid1| Startup: Initializing Authentication Schemes ...
2015/11/15 15:48:59 kid1| Startup: Initialized Authentication Scheme 'basic'
2015/11/15 15:48:59 kid1| Startup: Initialized Authentication Scheme 
'digest'
2015/11/15 15:48:59 kid1| Startup: Initialized Authentication Scheme 
'negotiate'
2015/11/15 15:48:59 kid1| Startup: Initialized Authentication Scheme 'ntlm'
2015/11/15 15:48:59 kid1| Startup: Initialized Authentication.
2015/11/15 15:48:59 kid1| Processing Configuration File: 
/etc/squid3/squid.conf (depth 0)
2015/11/15 15:48:59 kid1| Logfile: opening log /sap/squid/log/access.log
2015/11/15 15:48:59 kid1| WARNING: log name now starts with a module 
name. Use 'stdio:/sap/squid/log/access.log'
2015/11/15 15:48:59 kid1| Squid plugin modules loaded: 0
2015/11/15 15:48:59 kid1| Adaptation support is off.
2015/11/15 15:48:59 kid1| Logfile: opening log /sap/squid/log/store.log
2015/11/15 15:48:59 kid1| WARNING: log name now starts with a module 
name. Use 'stdio:/sap/squid/log/store.log'
2015/11/15 15:48:59 kid1| DNS Socket created at [::], FD 9
2015/11/15 15:48:59 kid1| DNS Socket created at 0.0.0.0, FD 10
2015/11/15 15:48:59 kid1| Adding nameserver fd00::c225:6ff:fe71:2b from 
/etc/resolv.conf
2015/11/15 15:48:59 kid1| helperOpenServers: Starting 0/4 
'basic_ncsa_auth' processes
2015/11/15 15:48:59 kid1| helperOpenServers: No 'basic_ncsa_auth' 
processes needed.
2015/11/15 15:48:59 kid1| helperOpenServers: Starting 5/5 'block.sh' 
processes
2015/11/15 15:48:59 kid1| HTCP Disabled.
2015/11/15 15:48:59 kid1| Pinger socket opened on FD 26
2015/11/15 15:48:59 kid1| Finished loading MIME types and icons.
2015/11/15 15:48:59 kid1| Accepting HTTP Socket connections at 
local=0.0.0.0:3128 remote=[::] FD 22 flags=9
2015/11/15 15:48:59 kid1| Accepting HTTP Socket connections at 
local=192.168.178.79:3128 remote=[::] FD 24 flags=9
2015/11/15 15:48:59 kid1| ERROR: listen( FD 24, 192.168.178.79 [ job4], 
16383): (98) Address already in use
2015/11/15 15:48:59| pinger: Initialising ICMP pinger ...
2015/11/15 15:48:59| pinger: ICMP socket opened.
2015/11/15 15:48:59| pinger: ICMPv6 socket opened
2015/11/15 15:49:10| Pinger exiting.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20151115/9a783e37/attachment.html>