Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 23 replies
  • Subscribers 1 subscriber
  • Views 10834 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Problem with Cobion Surf Protection.

Simon Shaw
Hi,

I have been trying the last two days to get Ali's surf protection working for him without any luck.

The Content Filter log shows this:

2005:10:18-14:51:41 (none) weed: 195.127.173.135:6000 -> continuing ...
2005:10:18-14:51:42 (none) weed: 195.127.173.135:6000 -> continuing ...
2005:10:18-14:51:43 (none) weed: 212.126.210.198:6000 -> marking myself as temporarily invalid
2005:10:18-14:51:44 (none) weed: 212.126.210.198:6000 -> marking myself as temporarily invalid
2005:10:18-14:51:45 (none) weed: 212.126.210.198:6000 -> marking myself as temporarily invalid
2005:10:18-14:51:46 (none) weed: 212.126.210.198:6000 -> marking myself as temporarily invalid
2005:10:18-14:51:48 (none) weed: 212.126.210.198:6000 -> marking myself as temporarily invalid
2005:10:18-14:51:48 (none) weed: Profile profile_0_request starting for: protocol:'http', user:'@', facility:'request', src_address:'10.0.0.5' RESULT:'400', REASON:'URL category 'Unknown category' not allowed' LAST SCANNER:'/usr/lib/libcofs.so'
2005:10:18-14:52:09 (none) weed: 195.127.173.136:6000 -> continuing ...
2005:10:18-14:52:10 (none) weed: 195.127.173.136:6000 -> continuing ...
2005:10:18-14:52:11 (none) weed: 195.127.173.136:6000 -> continuing ...
2005:10:18-14:52:13 (none) weed: 195.127.173.136:6000 -> continuing ...
2005:10:18-14:52:14 (none) weed: 195.127.173.136:6000 -> continuing ...
2005:10:18-14:52:27 (none) weed: 195.127.173.136:6000 -> continuing ...
2005:10:18-14:52:29 (none) weed: 195.127.173.136:6000 -> continuing ...
2005:10:18-14:52:30 (none) weed: 195.127.173.136:6000 -> continuing ...
2005:10:18-14:52:31 (none) weed: 195.127.173.136:6000 -> continuing ...
2005:10:18-14:52:32 (none) weed: 195.127.173.136:6000 -> continuing ...
2005:10:18-14:53:13 (none) weed: 212.126.210.198:6000 -> marking myself as temporarily invalid
2005:10:18-14:53:15 (none) weed: 212.126.210.198:6000 -> marking myself as temporarily invalid
2005:10:18-14:53:19 (none) weed: 212.126.210.198:6000 -> marking myself as temporarily invalid
2005:10:18-14:53:20 (none) weed: 212.126.210.198:6000 -> marking myself as temporarily invalid
2005:10:18-14:53:22 (none) weed: 212.126.210.198:6000 -> marking myself as temporarily invalid
2005:10:18-14:53:26 (none) weed: 212.126.210.198:6000 -> marking myself as temporarily invalid
2005:10:18-14:53:27 (none) weed: 212.126.210.198:6000 -> marking myself as temporarily invalid

Is this correct behavior?

Please reply urgently.


This thread was automatically locked due to age.
Parents
  • 0
    No, it doesn't look normal (compared to what I get in my logs anyway). When I specifically try a site in an unblocked category, then block it and try again, I get the blocked message and the following in the log:

    2005:10:18-09:46:16 (none) contentfilter[1789]: Profile profile_0 starting for: protocol:'http', user:'', facility:'request', src_address:'192.168.0.8' RESULT:'200', REASON:'', LAST SCANNER:'/usr/lib/libcofs.so'
    2005:10:18-09:46:16 (none) contentfilter[1805]: Profile profile_0 starting for: protocol:'http', user:'', facility:'request', src_address:'192.168.0.8' RESULT:'200', REASON:'', LAST SCANNER:'/usr/lib/libcofs.so'
    2005:10:18-09:46:16 (none) contentfilter[1799]: Profile profile_0 starting for: protocol:'http', user:'', facility:'request', src_address:'192.168.0.8' RESULT:'200', REASON:'', LAST SCANNER:'/usr/lib/libcofs.so'
    2005:10:18-09:48:09 (none) contentfilter[7998]: Profile profile_0 starting for: protocol:'http', user:'', facility:'request', src_address:'192.168.0.8' RESULT:'401', REASON:'Blocked due to Cobion categorization', LAST SCANNER:'/usr/lib/libcofs.so'

    If I look at an older log (only Virus and Spyware blocked), I see a lot of 
    2005:10:13-12:38:28 (none) contentfilter[972]: Profile profile_1 starting for: protocol:'http', user:'', facility:'response', src_address:'192.168.0.8' RESULT:'200', REASON:'', LAST SCANNER:'/usr/lib/libkav.so'
    2005:10:13-12:38:28 (none) contentfilter[950]: Profile profile_0 starting for: protocol:'http', user:'', facility:'request', src_address:'192.168.0.8' RESULT:'200', REASON:'', LAST SCANNER:'/usr/lib/libcofs.so'
    2005:10:13-12:38:28 (none) contentfilter[977]: Profile profile_0 starting for: protocol:'http', user:'', facility:'request', src_address:'192.168.0.8' RESULT:'200', REASON:'', LAST SCANNER:'/usr/lib/libcofs.so'
    2005:10:13-12:38:29 (none) contentfilter[946]: Profile profile_1 starting for: protocol:'http', user:'', facility:'response', src_address:'192.168.0.8' RESULT:'200', REASON:'', LAST SCANNER:'/usr/lib/libkav.so'
    2005:10:13-12:38:29 (none) contentfilter[971]: Profile profile_0 starting for: protocol:'http', user:'', facility:'request', src_address:'192.168.0.8' RESULT:'200', REASON:'', LAST SCANNER:'/usr/lib/libcofs.so'
    2005:10:13-12:38:29 (none) contentfilter[956]: Profile profile_1 starting for: protocol:'http', user:'', facility:'response', src_address:'192.168.0.8' RESULT:'200', REASON:'', LAST SCANNER:'/usr/lib/libkav.so'
    2005:10:13-12:38:29 (none) contentfilter[963]: Profile profile_1 starting for: protocol:'http', user:'', facility:'response', src_address:'192.168.0.8' RESULT:'200', REASON:'', LAST SCANNER:'/usr/lib/libkav.so'
    2005:10:13-12:38:29 (none) contentfilter[964]: Profile profile_0 starting for: protocol:'http', user:'', facility:'request', src_address:'192.168.0.8' RESULT:'200', REASON:'', LAST SCANNER:'/usr/lib/libcofs.so'
    2005:10:13-12:38:29 (none) contentfilter[948]: Profile profile_1 starting for: protocol:'http', user:'', facility:'response', src_address:'192.168.0.8' RESULT:'200', REASON:'', LAST SCANNER:'/usr/lib/libkav.so'
    in it, with the occasional
    2005:10:13-12:38:28 (none) contentfilter[970]: Profile profile_0 starting  for: protocol:'http', user:'', facility:'request', src_address:'192.168.0.8'  RESULT:'401', REASON:'Blocked due to Cobion categorization', LAST SCANNER:'/usr/lib/libcofs.so'
    from some ad getting blocked.

    I'm running the proxy transparent with no authentication.
Reply
  • 0
    No, it doesn't look normal (compared to what I get in my logs anyway). When I specifically try a site in an unblocked category, then block it and try again, I get the blocked message and the following in the log:

    2005:10:18-09:46:16 (none) contentfilter[1789]: Profile profile_0 starting for: protocol:'http', user:'', facility:'request', src_address:'192.168.0.8' RESULT:'200', REASON:'', LAST SCANNER:'/usr/lib/libcofs.so'
    2005:10:18-09:46:16 (none) contentfilter[1805]: Profile profile_0 starting for: protocol:'http', user:'', facility:'request', src_address:'192.168.0.8' RESULT:'200', REASON:'', LAST SCANNER:'/usr/lib/libcofs.so'
    2005:10:18-09:46:16 (none) contentfilter[1799]: Profile profile_0 starting for: protocol:'http', user:'', facility:'request', src_address:'192.168.0.8' RESULT:'200', REASON:'', LAST SCANNER:'/usr/lib/libcofs.so'
    2005:10:18-09:48:09 (none) contentfilter[7998]: Profile profile_0 starting for: protocol:'http', user:'', facility:'request', src_address:'192.168.0.8' RESULT:'401', REASON:'Blocked due to Cobion categorization', LAST SCANNER:'/usr/lib/libcofs.so'

    If I look at an older log (only Virus and Spyware blocked), I see a lot of 
    2005:10:13-12:38:28 (none) contentfilter[972]: Profile profile_1 starting for: protocol:'http', user:'', facility:'response', src_address:'192.168.0.8' RESULT:'200', REASON:'', LAST SCANNER:'/usr/lib/libkav.so'
    2005:10:13-12:38:28 (none) contentfilter[950]: Profile profile_0 starting for: protocol:'http', user:'', facility:'request', src_address:'192.168.0.8' RESULT:'200', REASON:'', LAST SCANNER:'/usr/lib/libcofs.so'
    2005:10:13-12:38:28 (none) contentfilter[977]: Profile profile_0 starting for: protocol:'http', user:'', facility:'request', src_address:'192.168.0.8' RESULT:'200', REASON:'', LAST SCANNER:'/usr/lib/libcofs.so'
    2005:10:13-12:38:29 (none) contentfilter[946]: Profile profile_1 starting for: protocol:'http', user:'', facility:'response', src_address:'192.168.0.8' RESULT:'200', REASON:'', LAST SCANNER:'/usr/lib/libkav.so'
    2005:10:13-12:38:29 (none) contentfilter[971]: Profile profile_0 starting for: protocol:'http', user:'', facility:'request', src_address:'192.168.0.8' RESULT:'200', REASON:'', LAST SCANNER:'/usr/lib/libcofs.so'
    2005:10:13-12:38:29 (none) contentfilter[956]: Profile profile_1 starting for: protocol:'http', user:'', facility:'response', src_address:'192.168.0.8' RESULT:'200', REASON:'', LAST SCANNER:'/usr/lib/libkav.so'
    2005:10:13-12:38:29 (none) contentfilter[963]: Profile profile_1 starting for: protocol:'http', user:'', facility:'response', src_address:'192.168.0.8' RESULT:'200', REASON:'', LAST SCANNER:'/usr/lib/libkav.so'
    2005:10:13-12:38:29 (none) contentfilter[964]: Profile profile_0 starting for: protocol:'http', user:'', facility:'request', src_address:'192.168.0.8' RESULT:'200', REASON:'', LAST SCANNER:'/usr/lib/libcofs.so'
    2005:10:13-12:38:29 (none) contentfilter[948]: Profile profile_1 starting for: protocol:'http', user:'', facility:'response', src_address:'192.168.0.8' RESULT:'200', REASON:'', LAST SCANNER:'/usr/lib/libkav.so'
    in it, with the occasional
    2005:10:13-12:38:28 (none) contentfilter[970]: Profile profile_0 starting  for: protocol:'http', user:'', facility:'request', src_address:'192.168.0.8'  RESULT:'401', REASON:'Blocked due to Cobion categorization', LAST SCANNER:'/usr/lib/libcofs.so'
    from some ad getting blocked.

    I'm running the proxy transparent with no authentication.
Children