Filter, destination, or target groups if you prefer, are declared by:
- any combination of zero, or one of each of: domains list, URLs list and expressions list. - an optional time constraint to the definition. Note that test order is domainlist, urllist and expressionlist and relation between the three are OR.
Time constraints on destination groups can be used to make these groups ignored within or outside a given time space.
You can set for each destination group a redirect URL that will be used when a client request is found in a domain, URL, or expression list. The redirect URL declares the altenative URL to be used for blocked destination groups.
SquidGuard can do runtime string substitutions in the redirectors. Therefore, the character "%" has special meaning in the redirector URLs:
%a is replaced with IP address of the client. %n is replaced with the domainname of the client, or "unknown" if not available. %i is replaced with the user ID (RFC931), or "unknown" if not available. %s is replaced with the matched source group (client group), or "unknown" if no groups were matched. %t is replaced with the matched destination group (filter), or "unknown" if no groups were matched. %u is replaced with the requested URL. %p is replaced with the REQUEST_URI, i.e. the path and the optional query string of %u, but note for convenience without the leading "/". %% is replaced with a single "%".
Thus you can pass useful information to a more or less intelligent CGI page:
http://proxy/cgi/squidGuard?clientaddr=%a&clientname=%n&clientident=%i&clientgroup=%s&destinationgroup=%t&url=%u
The Log to file input box allows you to specify where redirects caused by match of this group should be logged. The value is either a path relative to logdir, or an absolute path (i.e. /full/path) to a logfile.
If the anonymized option is specified, the logged info is somewhat anonymized to protect individuals.