I have a brand new Gentoo Linux install set up with the following:
Arno's Firewall 1.8.4d is firewalling my internet connection and
forwarding all outgoing port 80 traffic through a transparent proxy
setup.
dnsmasq is both my dns server and dhcp server (both of these work no problem.
I've installed dansguardian with the default config file (for now)
Ive install squid 2.5 stable11 with an alered /etc/squid/squid.conf file.
My sequence is internal internet request -> dansguardian -> squid ->
out to internet
I just couldnt follow all the comments in such a large config file so I
copied the sample one that comes with squid to squid.conf.sample
and started over with a blank squid.conf file
here it is:
http_port 127.0.0.1:3128
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1
follow_x_forwarded_for allow localhost
acl_uses_indirect_client on
delay_pool_uses_indirect_client on
log_uses_indirect_client on
acl homenet src 192.168.0.0/24
http_access allow localhost
http_access allow homenet
http_access deny all
Ok:
this setup seems to work for regular port 80 traffic ok
(please note, Im going for an unfiltered setup for now, I want to make
sure everything that needs to work does, BEFORE the access rules start
changing stuff, I want to know for sure that my problem was in my last
rule change, not a setup issue
My problem with this setup is web sites that require you to log in.
EG www.hotmail.com
dont work for the log in part.
there are no error messages, just timeouts on the connection and
windows shows the DNS error page.
What am I missing? Is it safe_ports? (I read about those in my master
copy of the .conf.default file)
I want to make sure that squid allows all of my normal traffic before I
start restricting any.
Could someone please tell me what I've missed here, Thanks
Rance
