{"id":455,"date":"2014-01-21T15:30:05","date_gmt":"2014-01-21T14:30:05","guid":{"rendered":"http:\/\/www.phigtech.com\/?p=455"},"modified":"2014-01-27T15:30:20","modified_gmt":"2014-01-27T14:30:20","slug":"squidguard-et-les-blacklists","status":"publish","type":"post","link":"https:\/\/www.phigtech.com\/?p=455","title":{"rendered":"SquidGuard et les Blacklists"},"content":{"rendered":"<p>J&rsquo;ai r\u00e9cemment du impl\u00e9menter des listes noires dans squid via squidGuard.<\/p>\n<p>Le probl\u00e8me, c&rsquo;est que certaines listes sont tellement grosses qu&rsquo;il est presque impossible de les compiler sans bloquer le serveur. De plus, les performance sont d\u00e9grad\u00e9es sur ces listes.<\/p>\n<p>Vient alors la question: sont-elles \u00e0 jour ?<\/p>\n<p>pour les nouveaux sites, plut\u00f4t. Par contre, il traine dedans moultes sites qui n&rsquo;existent plus.<\/p>\n<p>d&rsquo;o\u00f9 le petit script suivant qui permet de cr\u00e9er un fichier .new de la blacklist en param\u00e8tre (chemin) .<\/p>\n<div class=\"codecolorer-container bash blackboard\" style=\"overflow:auto;white-space:nowrap;height:300px;\"><div class=\"bash codecolorer\"><span class=\"co0\">#!\/bin\/bash<\/span><br \/>\n<br \/>\n<span class=\"kw1\">function<\/span> one_line <span class=\"br0\">&#40;<\/span><span class=\"br0\">&#41;<\/span><span class=\"br0\">&#123;<\/span><br \/>\n<span class=\"kw1\">if<\/span> host <span class=\"re5\">-s<\/span> <span class=\"re5\">-4<\/span> <span class=\"re5\">-W<\/span> <span class=\"nu0\">1<\/span> <span class=\"re5\">-t<\/span> any <span class=\"re4\">$1<\/span> <span class=\"sy0\">&gt;\/<\/span>dev<span class=\"sy0\">\/<\/span>null <span class=\"nu0\">2<\/span><span class=\"sy0\">&gt;&amp;<\/span><span class=\"nu0\">1<\/span> ; <span class=\"kw1\">then<\/span><br \/>\n<span class=\"kw3\">echo<\/span> <span class=\"st0\">&quot;$1&quot;<\/span> <span class=\"sy0\">&gt;&gt;<\/span><span class=\"re4\">$2<\/span>.new<br \/>\n<span class=\"re2\">ok<\/span>=<span class=\"st0\">&quot;ok&quot;<\/span><br \/>\n<span class=\"kw1\">else<\/span><br \/>\n<span class=\"kw3\">echo<\/span> <span class=\"st0\">&quot;-$1&quot;<\/span><span class=\"sy0\">&gt;&gt;<\/span><span class=\"re4\">$2<\/span>.diff<br \/>\n<span class=\"re2\">ok<\/span>=<span class=\"st0\">&quot;nok&quot;<\/span><br \/>\n<span class=\"kw1\">fi<\/span><br \/>\n<span class=\"kw3\">echo<\/span> <span class=\"st0\">&quot;$1 <span class=\"es2\">$ok<\/span>&quot;<\/span><br \/>\n<span class=\"br0\">&#125;<\/span><br \/>\n<br \/>\n<span class=\"re2\">count<\/span>=<span class=\"nu0\">0<\/span><br \/>\n<span class=\"re2\">NB_PROC<\/span>=<span class=\"nu0\">8<\/span><br \/>\n<span class=\"co0\"># nb de process en parallele<\/span><br \/>\n<span class=\"kw1\">for<\/span> line <span class=\"kw1\">in<\/span> $<span class=\"br0\">&#40;<\/span><span class=\"kw2\">cat<\/span> <span class=\"re4\">$1<\/span><span class=\"br0\">&#41;<\/span><br \/>\n<span class=\"kw1\">do<\/span><br \/>\none_line <span class=\"re1\">$line<\/span> <span class=\"re4\">$1<\/span> <span class=\"sy0\">&amp;<\/span><br \/>\n<span class=\"kw3\">let<\/span> count+=<span class=\"nu0\">1<\/span><br \/>\n<span class=\"br0\">&#91;<\/span><span class=\"br0\">&#91;<\/span> $<span class=\"br0\">&#40;<\/span><span class=\"br0\">&#40;<\/span>count<span class=\"sy0\">%<\/span>NB_PROC<span class=\"br0\">&#41;<\/span><span class=\"br0\">&#41;<\/span> <span class=\"re5\">-eq<\/span> <span class=\"nu0\">0<\/span> <span class=\"br0\">&#93;<\/span><span class=\"br0\">&#93;<\/span> <span class=\"sy0\">&amp;&amp;<\/span> <span class=\"kw3\">wait<\/span><br \/>\n<span class=\"co0\">#si modulo 0 tous process pris!<\/span><br \/>\n<span class=\"kw1\">done<\/span><\/div><\/div>\n<p>libre \u00e0 vous de le mette ensuite en production en ajoutant au script :<\/p>\n<div class=\"codecolorer-container bash blackboard\" style=\"overflow:auto;white-space:nowrap;\"><div class=\"bash codecolorer\">squidGuard <span class=\"re5\">-C<\/span> <span class=\"re4\">$1<\/span><\/div><\/div>\n<p>si vous utilisez le nouveau fichier ( .new) que vous prendrez soin de renommer ou<\/p>\n<div class=\"codecolorer-container bash blackboard\" style=\"overflow:auto;white-space:nowrap;\"><div class=\"bash codecolorer\">squidGuard <span class=\"re5\">-u<\/span><\/div><\/div>\n<p>si vous utilisez le .diff g\u00e9n\u00e9r\u00e9 \ud83d\ude42<\/p>\n<p>vous noterez la parall\u00e9lisation des tests: la commande host \u00e9tant plut\u00f4t lente, il est int\u00e9ressant de traiter plusieurs lignes en simultan\u00e9.<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<div id=\"fb-root\"><\/div><script src=\"http:\/\/connect.facebook.net\/en_US\/all.js#xfbml=1\"><\/script><fb:like href=\"https:\/\/www.phigtech.com\/?p=455\" send=\"true\" layout=\"standard\" width=\"450\" show_faces=\"true\" font=\"arial\" action=\"like\" colorscheme=\"light\"><\/fb:like><h3>Related Images:<\/h3>","protected":false},"excerpt":{"rendered":"<p>J&rsquo;ai r\u00e9cemment du impl\u00e9menter des listes noires dans squid via squidGuard. Le probl\u00e8me, c&rsquo;est que certaines listes sont tellement grosses qu&rsquo;il est presque impossible de les compiler sans bloquer le serveur. De plus, les performance sont d\u00e9grad\u00e9es sur ces listes. Vient alors la question: sont-elles \u00e0 jour ? pour les nouveaux sites, plut\u00f4t. Par contre, [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"ngg_post_thumbnail":0,"footnotes":""},"categories":[1,9],"tags":[24,27,23,25,26],"class_list":["post-455","post","type-post","status-publish","format-standard","hentry","category-non-classe","category-linux","tag-black-list","tag-linux","tag-proxy","tag-squid","tag-squidguard"],"_links":{"self":[{"href":"https:\/\/www.phigtech.com\/index.php?rest_route=\/wp\/v2\/posts\/455","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.phigtech.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.phigtech.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.phigtech.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.phigtech.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=455"}],"version-history":[{"count":9,"href":"https:\/\/www.phigtech.com\/index.php?rest_route=\/wp\/v2\/posts\/455\/revisions"}],"predecessor-version":[{"id":464,"href":"https:\/\/www.phigtech.com\/index.php?rest_route=\/wp\/v2\/posts\/455\/revisions\/464"}],"wp:attachment":[{"href":"https:\/\/www.phigtech.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=455"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.phigtech.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=455"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.phigtech.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=455"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}