After ploughing through suggested docs, not alot further forward.
Still getting no traffic thru squid, the connection is fine as the DNS request goes thru OK.
I'm not seeing log entries from shorewall, or squid/access.log, but I'm getting connection refused from firefox on the remote machine, unfortunately its running winxp. not my machine !
squid.conf is as follows all default hashed entries removed to reduce it size in this mail.
All shorewall policies have "info" turned on so should see something in the syslog, but not.
Last squid/access.log showed TCP_DENIED/400 ..port address on wlan0 is 192.168.90.33 255.255.255.240
Suggestions ??? what have I missed ? Richard
Squid.conf
http_port 127.0.0.1:3128Dansguardian.conf
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
acl our_networks src 192.168.90.0/24 http_access allow our_networks
http_access allow localhost
http_reply_access allow all
icp_access allow all
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
httpd_accel-host virtual
lt rate exceeds this
# DansGuardian config file for version 2.7.7 reportinglevel = 3 language = 'ukenglish' loglevel = 2 logexceptionhits = on logfileformat = 1 filterip = 127.0.0.1 filterport = 8080 proxyip = 127.0.0.1 proxyport = 3128 accessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/cgi-bin/dansguardian.pl' nonstandarddelimiter = on usecustombannedimage = 1 custombannedimagefile = '/etc/dansguardian/transparent1x1.gif' filtergroups = 1 filtergroupslist = '/etc/dansguardian/filtergroupslist' bannediplist = '/etc/dansguardian/bannediplist' exceptioniplist = '/etc/dansguardian/exceptioniplist' banneduserlist = '/etc/dansguardian/banneduserlist' exceptionuserlist = '/etc/dansguardian/exceptionuserlist' showweightedfound = on weightedphrasemode = 2 urlcachenumber = 1000 urlcacheage = 900 phrasefiltermode = 2 preservecase = 0 hexdecodecontent = 0 forcequicksearch = 0 reverseaddresslookups = off reverseclientiplookups = off createlistcachefiles = on maxuploadsize = -1 maxcontentfiltersize = 256 usernameidmethodproxyauth = on usernameidmethodntlm = off # **NOT IMPLEMENTED** usernameidmethodident = off preemptivebanning = on forwardedfor = off usexforwardedfor = off logconnectionhandlingerrors = on maxchildren = 120 minchildren = 8 minsparechildren = 4 preforkchildren = 6 maxsparechildren = 32 maxagechildren = 500 urlipcfilename = '/tmp/.dguardianurlipc' nodaemon = off nologger = off daemonuser = 'squid' daemongroup = 'squid' softrestart = off
