"Use own Domain-Blacklist:" not working

This forum is for all copfilter version 2 support related questions in English. (IPCop version 2)

"Use own Domain-Blacklist:" not working

Postby len » 30 Aug 2012 06:08

Hi,

I'm running IPCOP 2.0.4, Copfilter 2.0.91beta3, i-icap svn-836,

C-ICAP Header-Check: Success
C-ICAP URL-Filter Check: Success
C-ICAP Virus Filter Check: Success

I'm using Shalla's list.... and....
When I put "facebook.com" into the "Use own Domain-Blacklist:" edit box, it doesn't work. I can still access http://www.facebook.com.
Furthermore, sometimes I can't even access http://www.copfilter.org or other benign sites (unless I bypass the squid proxy). I get blocked by i-icap....

In other words, with i-cap url filtering on, I sometimes can't get to most things that I should be able to get to, and I'm not able to block things that I want to block.

What am I missing (other than a basic understanding of what is going on)?
len
 
Posts: 5
Joined: 30 Aug 2012 04:23

Re: "Use own Domain-Blacklist:" not working

Postby FischerM » 30 Aug 2012 16:36

Hi!
len wrote:I'm using Shalla's list.... and....
When I put "facebook.com" into the "Use own Domain-Blacklist:" edit box, it doesn't work.


Shalla doesn't contain "facebook.com" - just put it in your own domain Blacklist:

Image

But keep in mind, since this URL will perhaps get redirected, it's difficult to block this completely...

len wrote:Furthermore, sometimes I can't even access http://www.copfilter.org or other benign sites...

What error page do you get?

HTH
Matthias
FischerM
Site Admin
 
Posts: 544
Joined: 09 Dec 2009 19:24
Location: Rheinbach

Re: "Use own Domain-Blacklist:" not working

Postby karesmakro » 30 Aug 2012 18:41

Hello len and welcome to Copfilter forum!

@FischerM
Facebook is listed in Social's Shalla's Blacklist!

I'remember, a user had the same problem, first time using c-icap! Did you made a restart of IPCop, after the Copfilter installation? It is important, to follow the first steps instructions viewtopic.php?f=9&t=727&p=3973#p3973

and make sure, you have activated the "Use own Blacklist" checked to on!

regards
karesmakro
Site Admin
 
Posts: 1280
Joined: 09 Dec 2009 21:17

Re: "Use own Domain-Blacklist:" not working

Postby ShelbyGT500 » 30 Aug 2012 19:04

Hi,

....And if i remember, it is necessary to restart c-icap/recompil database, each time you add or remove a new entry/data or a group of entries/data (black or white list).

Regards.
Last edited by ShelbyGT500 on 30 Aug 2012 19:28, edited 1 time in total.
ShelbyGT500
 
Posts: 844
Joined: 13 May 2010 22:37
Location: FRANCE

Re: "Use own Domain-Blacklist:" not working

Postby FischerM » 30 Aug 2012 19:22

karesmakro wrote:Facebook is listed in Social's Shalla's Blacklist!


Ok, found it... ;-)
FischerM
Site Admin
 
Posts: 544
Joined: 09 Dec 2009 19:24
Location: Rheinbach

Re: "Use own Domain-Blacklist:" not working

Postby len » 31 Aug 2012 04:24

Matthias,

The message when I try to access http://www.copfilter.org is

C-ICAP URL-Filter - Access Denied

Access denied
You are trying to access the URL:


http://www.copfilter.org/forum/ucp.php?mode=register

which does not permitted by the Copfilter system policy
The page generated by the C-ICAP service url_check_module


What I don't understand is how to get facebook.com to be blocked. I DO specify it in the "your own domain Blacklist". And "use own domain-blacklist" is checked.

ShelbyGT500, when you say "restart c-icap/recompil database" do you mean

1. convert categories
2. save settings (and restart service)

or something else?

Should I turn off Shalla's list (turn activate blacklist off) - or does that also turn off the user blacklist function?
len
 
Posts: 5
Joined: 30 Aug 2012 04:23

Re: "Use own Domain-Blacklist:" not working

Postby ShelbyGT500 » 31 Aug 2012 13:15

Hi,
len wrote: when you say "restart c-icap/recompil database" do you mean
1. convert categories (but i think i do a mistake :? because it is converting the category even you choose "save settings")

For your problem with facebook, i had the same with another site, and it was necessary to entry "htttp://www.xxxx" in my blacklist.
Perhaps can you try with "http://www.facebook.com" in your blacklist

For your issue with copfilter.org, you can install the last release: http://www.it-connect-unix.de/index.php ... 45&cid=312, which is showing the corresponding categorie of the blocked site. Then you will be able to disable this category or set this adress in whitelist.

Regards
ShelbyGT500
 
Posts: 844
Joined: 13 May 2010 22:37
Location: FRANCE

Re: "Use own Domain-Blacklist:" not working

Postby karesmakro » 31 Aug 2012 17:10

@ShelbyGT500
I can't believe it, that there was (or there is) a need, to add an url to the blacklist, even the entry is avaliable in one of a corresponding categorie! Did you ever tried, to set the debug level 9 or 10, btw. used the debug mode? And you are sure, you have to put the http:// in front of the url? If so, there is something wrong!

@len
If you restart the C-ICAP service, the init script is searching for enabled categories, which aren't converted yet and rebuilds the databases, if needed.
Perhaps it is really better to install the newer c-icap version, as Shelby has proposed in the previous post, to be able to sort out the corresponding blocked categorie.

It is possible, to run c-icap in a debug mode! Simply type
Code: Select all
/etc/rc.d/init.d/copfilter_c-icap debug
and press <CTRL> & <C> to stop the debug mode. There is really a lot of output and you can find this ouput in the c-icap.log too! If you want, you can also send me the debug log to my mail address, which'll send you over pm

regards
karesmakro
Site Admin
 
Posts: 1280
Joined: 09 Dec 2009 21:17

Re: "Use own Domain-Blacklist:" not working

Postby len » 02 Sep 2012 02:48

karesmakro wrote:@ShelbyGT500
I can't believe it, that there was (or there is) a need, to add an url to the blacklist, even the entry is avaliable in one of a corresponding categorie! Did you ever tried, to set the debug level 9 or 10, btw. used the debug mode? And you are sure, you have to put the http:// in front of the url? If so, there is something wrong!

If you restart the C-ICAP service, the init script is searching for enabled categories, which aren't converted yet and rebuilds the databases, if needed.
Perhaps it is really better to install the newer c-icap version, as Shelby has proposed in the previous post, to be able to sort out the corresponding blocked categorie.

It is possible, to run c-icap in a debug mode! Simply type
Code: Select all
/etc/rc.d/init.d/copfilter_c-icap debug
and press <CTRL> & <C> to stop the debug mode. There is really a lot of output and you can find this ouput in the c-icap.log too! If you want, you can also send me the debug log to my mail address, which'll send you over pm


I have now upgraded to the following:
Code: Select all
ClamAV 0.97.5/15306
copfilter-2.91beta3_c-icap-0.2.1


This is in my c-icap/etc/denydomains.txt. I have not activated/uploaded any external blacklst (e.g. shalla).
Code: Select all
www-slb-10-05-prn1.facebook.com
www.mises.org
facebook.com
www.facebook.com


No matter what I do, I cannot get http://www.facebook.com to get denied. However, http://www.mises.org is properly denied or allowed depending on whether or not i-icap is running or not respectively.

I tried getting debug data, but when I enter:
Code: Select all
/etc/rc.d/init.d/copfilter_c-icap debug

all that happens is that i-icap stops and restarts (along with a bunch of other messages (shown below) and then eventually terminates for good when I break out of debug mode. I can't find a debug log of any kind anywhere.

Code: Select all
root@ipcop2:~ # /etc/rc.d/init.d/copfilter_c-icap debug
Waiting ..

c-icap killed                                                                                                                                                                     Done

starting c-icap  in debug modeEnabling parameter -D
Disabling parameter -N
Searching 0xb77d5090 for default value
Setting parameter :PidFile=/var/log/copfilter/default/opt/c_icap/var/run/c-icap.pid
Searching 0xb77d5094 for default value
Setting parameter :CommandsSocket=/var/log/copfilter/default/opt/c_icap/var/run/c-icap.ctl
Searching 0xb77d5040 for default value
Setting parameter :Timeout=300
Searching 0xb77d5048 for default value
Setting parameter :MaxKeepAliveRequests=100
Searching 0xb77d5044 for default value
Setting parameter :KeepAliveTimeout=600
Searching 0xb77d5050 for default value
Setting parameter :StartServers=3
Searching 0xb77d5054 for default value
Setting parameter :MaxServers=10
Searching 0xb77d505c for default value
Setting parameter :MinSpareThreads=10
Searching 0xb77d5060 for default value
Setting parameter :MaxSpareThreads=20
Searching 0xb77d5058 for default value
Setting parameter :ThreadsPerChild=10
Searching 0xb77d5728 for default value
Setting parameter :MaxRequestsPerChild=0
Searching 0xb77d5084 for default value
Setting parameter :Port=1344
Searching 0xb77d5098 for default value
Setting parameter :User=squid
Searching 0xb77d509c for default value
Setting parameter :Group=squid
Searching 0xb77d50b8 for default value
Setting parameter :ServerName=Copfilter_c-icap
Searching 0xb77d508c for default value
Setting parameter :TmpDir=/var/log/copfilter/default/opt/tmp
Searching 0xb77930d0 for default value
Setting parameter :MaxMemObject=3355443
Searching 0xb77d50b0 for default value
Setting parameter :ModulesDir=/var/log/copfilter/default/opt/c_icap/default/lib/c_icap
Searching 0xb77d50ac for default value
Setting parameter :ServicesDir=/var/log/copfilter/default/opt/c_icap/default/lib/c_icap
Searching 0xb77942a4 for default value
Setting parameter :TemplateDir=/var/log/copfilter/default/opt/c_icap/etc/templates
Searching 0xb7794218 for default value
Setting parameter :TemplateDefaultLanguage=en
Searching 0xb779420c for default value
Setting parameter :TemplateReloadTime=360
Searching 0xb7794210 for default value
Setting parameter :TemplateCacheSize=20
Searching 0xb7794214 for default value
Setting parameter :TemplateMemBufSize=8192
The db file /var/log/copfilter/default/opt/c_icap/etc/c-icap.magic is the same as default. Ignoring...
Searching 0xb77d5748 for default value
Setting parameter :RemoteProxyUsers=0
Searching 0xb77d545c for default value
Setting parameter :RemoteProxyUserHeader=X-Authenticated-User
Searching 0xb77d5450 for default value
Setting parameter :RemoteProxyUserHeaderEncoded=1
In search specs list (nil),name OPTIONS
New ACL with name:OPTIONS and  ACL Type: type{NULL}
Adding to acl OPTIONS the data OPTIONS
In search specs list 0xb8038de8,name RESPMOD
Checking name:RESPMOD with specname OPTIONS
New ACL with name:RESPMOD and  ACL Type: type{NULL}
Adding to acl RESPMOD the data RESPMOD
In search specs list 0xb8038de8,name REQMOD
Checking name:REQMOD with specname OPTIONS
Checking name:REQMOD with specname RESPMOD
New ACL with name:REQMOD and  ACL Type: type{NULL}
Adding to acl REQMOD the data REQMOD
In search specs list 0xb8038de8,name ALLREQUESTS
Checking name:ALLREQUESTS with specname OPTIONS
Checking name:ALLREQUESTS with specname RESPMOD
Checking name:ALLREQUESTS with specname REQMOD
New ACL with name:ALLREQUESTS and  ACL Type: type{NULL}
Adding to acl ALLREQUESTS the data OPTIONS
Adding to acl ALLREQUESTS the data RESPMOD
Adding to acl ALLREQUESTS the data REQMOD
Adding the logformat myFormat: %tl, %a %im %iu %is %I %O %Ib %Ob %{10}bph
Searching 0xb77d55ac for default value
Setting parameter :ServerLog=/var/log/copfilter/default/opt/c_icap/var/log/server.log
Adding the access logfile /dev/null
Loading service :common path bdb_tables.so
Loading service :common path dnsbl_tables.so
In search specs list 0xb8038de8,name localsquid_respmod
Checking name:localsquid_respmod with specname OPTIONS
Checking name:localsquid_respmod with specname RESPMOD
Checking name:localsquid_respmod with specname REQMOD
Checking name:localsquid_respmod with specname ALLREQUESTS
New ACL with name:localsquid_respmod and  ACL Type: src{NULL}
Adding to acl localsquid_respmod the data 127.0.0.1
Adding to acl localsquid_respmod the data type
Invalid ip address: type
Adding to acl localsquid_respmod the data respmod
Invalid ip address: respmod
In search specs list 0xb8038de8,name localsquid
Checking name:localsquid with specname OPTIONS
Checking name:localsquid with specname RESPMOD
Checking name:localsquid with specname REQMOD
Checking name:localsquid with specname ALLREQUESTS
Checking name:localsquid with specname localsquid_respmod
New ACL with name:localsquid and  ACL Type: src{NULL}
Adding to acl localsquid the data 127.0.0.1
In search specs list 0xb8038de8,name internalnet
Checking name:internalnet with specname OPTIONS
Checking name:internalnet with specname RESPMOD
Checking name:internalnet with specname REQMOD
Checking name:internalnet with specname ALLREQUESTS
Checking name:internalnet with specname localsquid_respmod
Checking name:internalnet with specname localsquid
New ACL with name:internalnet and  ACL Type: src{NULL}
Adding to acl internalnet the data 192.168.10.0/255.255.255.0
Adding to acl internalnet the data 192.168.20.0/255.255.255.0
In search specs list 0xb8038de8,name externalnet
Checking name:externalnet with specname OPTIONS
Checking name:externalnet with specname RESPMOD
Checking name:externalnet with specname REQMOD
Checking name:externalnet with specname ALLREQUESTS
Checking name:externalnet with specname localsquid_respmod
Checking name:externalnet with specname localsquid
Checking name:externalnet with specname internalnet
New ACL with name:externalnet and  ACL Type: src{NULL}
Adding to acl externalnet the data 0.0.0.0/0.0.0.0
Creating new access entry as allow with specs:
In search specs list 0xb8038de8,name localsquid_respmod
Checking name:localsquid_respmod with specname OPTIONS
Checking name:localsquid_respmod with specname RESPMOD
Checking name:localsquid_respmod with specname REQMOD
Checking name:localsquid_respmod with specname ALLREQUESTS
Checking name:localsquid_respmod with specname localsquid_respmod
In search specs list 0xb8038de8,name localsquid_respmod
Checking name:localsquid_respmod with specname OPTIONS
Checking name:localsquid_respmod with specname RESPMOD
Checking name:localsquid_respmod with specname REQMOD
Checking name:localsquid_respmod with specname ALLREQUESTS
Checking name:localsquid_respmod with specname localsquid_respmod
   Adding acl spec: localsquid_respmod
Creating new access entry as allow with specs:
In search specs list 0xb8038de8,name localsquid
Checking name:localsquid with specname OPTIONS
Checking name:localsquid with specname RESPMOD
Checking name:localsquid with specname REQMOD
Checking name:localsquid with specname ALLREQUESTS
Checking name:localsquid with specname localsquid_respmod
Checking name:localsquid with specname localsquid
In search specs list 0xb8038de8,name localsquid
Checking name:localsquid with specname OPTIONS
Checking name:localsquid with specname RESPMOD
Checking name:localsquid with specname REQMOD
Checking name:localsquid with specname ALLREQUESTS
Checking name:localsquid with specname localsquid_respmod
Checking name:localsquid with specname localsquid
   Adding acl spec: localsquid
Creating new access entry as deny with specs:
In search specs list 0xb8038de8,name internalnet
Checking name:internalnet with specname OPTIONS
Checking name:internalnet with specname RESPMOD
Checking name:internalnet with specname REQMOD
Checking name:internalnet with specname ALLREQUESTS
Checking name:internalnet with specname localsquid_respmod
Checking name:internalnet with specname localsquid
Checking name:internalnet with specname internalnet
In search specs list 0xb8038de8,name internalnet
Checking name:internalnet with specname OPTIONS
Checking name:internalnet with specname RESPMOD
Checking name:internalnet with specname REQMOD
Checking name:internalnet with specname ALLREQUESTS
Checking name:internalnet with specname localsquid_respmod
Checking name:internalnet with specname localsquid
Checking name:internalnet with specname internalnet
   Adding acl spec: internalnet
Creating new access entry as deny with specs:
In search specs list 0xb8038de8,name externalnet
Checking name:externalnet with specname OPTIONS
Checking name:externalnet with specname RESPMOD
Checking name:externalnet with specname REQMOD
Checking name:externalnet with specname ALLREQUESTS
Checking name:externalnet with specname localsquid_respmod
Checking name:externalnet with specname localsquid
Checking name:externalnet with specname internalnet
Checking name:externalnet with specname externalnet
In search specs list 0xb8038de8,name externalnet
Checking name:externalnet with specname OPTIONS
Checking name:externalnet with specname RESPMOD
Checking name:externalnet with specname REQMOD
Checking name:externalnet with specname ALLREQUESTS
Checking name:externalnet with specname localsquid_respmod
Checking name:externalnet with specname localsquid
Checking name:externalnet with specname internalnet
Checking name:externalnet with specname externalnet
   Adding acl spec: externalnet

*** Going to open config file /var/log/copfilter/default/opt/c_icap/etc/virus_scan.conf ***
Loading service :antivirus_module path virus_scan.so
Found handler C_handler for service with extension:.so
Alias:avscan of service virus_scan
Going to search variable TransferIgnore in table virus_scan
Setting parameter :TransferIgnore=flv,f4v,f4p,f4a,f4b,mpeg,mp2,mp3,mp4,mpg4,mpeg4,x-flv,avi,wmv,gpg
Going to search variable ScanFileTypes in table virus_scan
I am going to scan data for simple scanning of type:,GIF,JPEG,MSOFFICE,TEXT,DATA,EXECUTABLE,ARCHIVE
Going to search variable SendPercentData in table virus_scan
Setting parameter :SendPercentData=25
Going to search variable StartSendPercentDataAfter in table virus_scan
Setting parameter :StartSendPercentDataAfter=5242880
Going to search variable MaxObjectSize in table virus_scan
Setting parameter :MaxObjectSize=31457280
Going to search variable ClamAvTmpDir in table virus_scan
Setting parameter :ClamAvTmpDir=/var/log/copfilter/default/opt/tmp
Going to search variable ClamAvMaxFilesInArchive in table virus_scan
Setting parameter :ClamAvMaxFilesInArchive=0
Going to search variable ClamAvMaxFileSizeInArchive in table virus_scan
Setting parameter :ClamAvMaxFileSizeInArchive=52428800
Going to search variable ClamAvMaxRecLevel in table virus_scan
Setting parameter :ClamAvMaxRecLevel=16

*** Going to open config file /var/log/copfilter/default/opt/c_icap/etc/srv_url_check.conf ***
Loading service :url_check_module path srv_url_check.so
Found handler C_handler for service with extension:.so
Initialization of url_check module......
Going to search variable LookupTableDB in table url_check
pool hits:0 allocations: 1
Allocating from objects pool object 0
Going to search variable LookupTableDB in table url_check
pool hits:0 allocations: 2
Allocating from objects pool object 0
Going to search variable Profile in table url_check
srv_url_check: Add profile :default
srv_url_check: Add dbs to profile default: selftest
Going to search variable Profile in table url_check
srv_url_check: Add dbs to profile default: denydomains
Going to search variable Profile in table url_check
srv_url_check: Add dbs to profile default: ALL
Going to search variable ProfileAccess in table url_check
In search specs list 0xb8038de8,name externalnet
Checking name:externalnet with specname OPTIONS
Checking name:externalnet with specname RESPMOD
Checking name:externalnet with specname REQMOD
Checking name:externalnet with specname ALLREQUESTS
Checking name:externalnet with specname localsquid_respmod
Checking name:externalnet with specname localsquid
Checking name:externalnet with specname internalnet
Checking name:externalnet with specname externalnet
   Adding acl spec: externalnet in profile default
My hostname is:ipcop2.localdomain
Create shared mem, qsize=20 stat_block_size=488 childshared data:880
Register in shared mem, qsize=20 stat_block_size=488 childshared data:880
Going to execute start child commands
Check command:virus_scan:clamav_dbreload, type: 3
Check command:srv_clamav:dbreload, type: 3
Check command:relog, type: 3
Check command:stop, type: 1
Check command:reconfigure, type: 1
Check command:dump_statistics, type: 1
Check command:test, type: 3
Register in shared mem, qsize=20 stat_block_size=488 childshared data:880
Going to execute start child commands
Check command:virus_scan:clamav_dbreload, type: 3
Check command:srv_clamav:dbreload, type: 3
Check command:relog, type: 3
Check command:stop, type: 1
Check command:reconfigure, type: 1
Check command:dump_statistics, type: 1
Check command:test, type: 3
Register in shared mem, qsize=20 stat_block_size=488 childshared data:880
Going to execute start child commands
Check command:virus_scan:clamav_dbreload, type: 3
Check command:srv_clamav:dbreload, type: 3
Check command:relog, type: 3
Check command:stop, type: 1
Check command:reconfigure, type: 1
Check command:dump_statistics, type: 1
Check command:test, type: 3
Waiting for a request....
Waiting for a request....
Waiting for a request....
Waiting for a request....
Waiting for a request....
Waiting for a request....
Waiting for a request....
Waiting for a request....
Waiting for a request....
Child 29321 getting requests now ...
Waiting for a request....
Waiting for a request....
Waiting for a request....
Waiting for a request....
Waiting for a request....
Waiting for a request....
Waiting for a request....
Waiting for a request....
Waiting for a request....
Waiting for a request....
Waiting for a request....
Waiting for a request....
Waiting for a request....
Waiting for a request....
Waiting for a request....
Waiting for a request....
Waiting for a request....
Waiting for a request....
Waiting for a request....
Waiting for a request....
Waiting for a request....

^CSIGINT signal received for main server.   <------ CNTL-C entered here.

Possibly a term signal received. Monitor process going to term all children
Going to term children....
A termination signal received (15).
Child :29321 going down :IMMEDIATELY
Listener server signalled to exit!
A termination signal received (15).
Child :29322 going down :IMMEDIATELY
Child 29322 getting requests now ...
A termination signal received (15).
Child :29323 going down :IMMEDIATELY
proc_mutex_lock interrupted (EINTR received, pid=29323)!
Listener of pid:29323 exiting!
Going to wait for the listener thread (pid: 29323) to exit!
OK, cancelling the listener thread (pid: 29323)!
Listener server signalled to exit!
Going to wait for the listener thread (pid: 29321) to exit!
OK, cancelling the listener thread (pid: 29321)!
Going to wait for the listener thread (pid: 29322) to exit!
OK, cancelling the listener thread (pid: 29322)!
Cancel server 29321, thread_id 2945743728 (0)
Cancel server 29321, thread_id 2937355120 (1)
Cancel server 29321, thread_id 2928966512 (2)
Cancel server 29321, thread_id 2920577904 (3)
Cancel server 29321, thread_id 2912189296 (4)
Cancel server 29321, thread_id 2903800688 (5)
Cancel server 29321, thread_id 2895412080 (6)
Cancel server 29321, thread_id 2887023472 (7)
Cancel server 29321, thread_id 2878634864 (8)
Cancel server 29321, thread_id 2870246256 (9)
Cancel server 29323, thread_id 2945743728 (0)
Cancel server 29323, thread_id 2937355120 (1)
Cancel server 29323, thread_id 2928966512 (2)
Cancel server 29323, thread_id 2920577904 (3)
Cancel server 29323, thread_id 2912189296 (4)
Cancel server 29323, thread_id 2903800688 (5)
Cancel server 29323, thread_id 2895412080 (6)
Cancel server 29323, thread_id 2887023472 (7)
Cancel server 29323, thread_id 2878634864 (8)
Cancel server 29323, thread_id 2870246256 (9)
Cancel server 29322, thread_id 2945743728 (0)
Cancel server 29322, thread_id 2937355120 (1)
Cancel server 29322, thread_id 2928966512 (2)
Cancel server 29322, thread_id 2920577904 (3)
Cancel server 29322, thread_id 2912189296 (4)
Cancel server 29322, thread_id 2903800688 (5)
Cancel server 29322, thread_id 2895412080 (6)
Cancel server 29322, thread_id 2887023472 (7)
Cancel server 29322, thread_id 2878634864 (8)
Cancel server 29322, thread_id 2870246256 (9)
All servers canceled
Going to execute start child commands
Check command:virus_scan:clamav_dbreload, type: 3
Check command:srv_clamav:dbreload, type: 3
Check command:relog, type: 3
Check command:stop, type: 1
Check command:reconfigure, type: 1
Check command:dump_statistics, type: 1
Check command:test, type: 3
Service info shutdown!
All servers canceled
Going to execute start child commands
Check command:virus_scan:clamav_dbreload, type: 3
Check command:srv_clamav:dbreload, type: 3
Check command:relog, type: 3
Check command:stop, type: 1
Check command:reconfigure, type: 1
Check command:dump_statistics, type: 1
Check command:test, type: 3
Service info shutdown!
All servers canceled
Going to execute start child commands
Check command:virus_scan:clamav_dbreload, type: 3
Check command:srv_clamav:dbreload, type: 3
Check command:relog, type: 3
Check command:stop, type: 1
Check command:reconfigure, type: 1
Check command:dump_statistics, type: 1
Check command:test, type: 3
Service info shutdown!
Destroy lookup table /var/log/copfilter/default/opt/c_icap/etc/selftest.txt
Storing to objects pool object 0
Destroy lookup table /var/log/copfilter/default/opt/c_icap/etc/denydomains.txt
Storing to objects pool object 0
Child 29323 died with status 0
Destroy lookup table /var/log/copfilter/default/opt/c_icap/etc/selftest.txt
Storing to objects pool object 0
Destroy lookup table /var/log/copfilter/default/opt/c_icap/etc/denydomains.txt
Storing to objects pool object 0
Child 29321 died with status 0
Destroy lookup table /var/log/copfilter/default/opt/c_icap/etc/selftest.txt
Storing to objects pool object 0
Destroy lookup table /var/log/copfilter/default/opt/c_icap/etc/denydomains.txt
Storing to objects pool object 0
Child 29322 died with status 0
Service info shutdown!
Destroy lookup table /var/log/copfilter/default/opt/c_icap/etc/selftest.txt
Storing to objects pool object 0
Destroy lookup table /var/log/copfilter/default/opt/c_icap/etc/denydomains.txt
Storing to objects pool object 0
Exiting....
root@ipcop2:~ #


I can see that i-icap is restarting in debug (of some sort), but after I stop it with CNTL-C, it's stopped:

Code: Select all
root@ipcop2:~ # /etc/rc.d/init.d/copfilter_c-icap start
starting c-icap
Loading Databases ......                                                                                                                                                                                 Done
root@ipcop2:~ # /etc/rc.d/init.d/copfilter_c-icap pid
ON with pid 30260 30259 ...


After copfilter_c-icap debug and CNTL-C after my test(s), I get this:

Code: Select all
root@ipcop2:~ # /etc/rc.d/init.d/copfilter_c-icap pid
OFF


And no debug file to be found.

Thanks in advance for any ideas.
len
 
Posts: 5
Joined: 30 Aug 2012 04:23

Re: "Use own Domain-Blacklist:" not working

Postby karesmakro » 02 Sep 2012 11:58

During I was preparing the new Copfilter release ...
I think, yesterday tonight I found the problem and I was able to reproduce this issue. In some situtations there is created the q.load file (blacklist prepared file) with a new line, before the categories are listed. This leads to an empty srv_url_check.conf! You can check this by opening the in srv_url_check.conf in /var/log/copfilter/default/opt/c_icap/etc
The content only consists comments (# in front of each line)

I wrote a fix, which you can download from
http://www.it-connect-unix.de/copfilter/ipcop-v2/dbmaker_fix.tgz
md5sum: f7211b3b5f98a76def1f2ca79a962eab
Code: Select all
tar xzf dbmaker_fix.tgz
cd dbmaker_fix
./install

after installing this fix, you have to disable the blacklist and afterwards activate it again

regards
karesmakro
Site Admin
 
Posts: 1280
Joined: 09 Dec 2009 21:17

Next

Return to English Copfilter v2 Support

Who is online

Users browsing this forum: No registered users and 0 guests

cron