Adrian Chadd wrote:
Have you configured the http_port with 'transparent' ?
I think the problem here is that its *dansguardian* being redirected to
not squid. The transparent features of squid will not work when there is
no redirection, ie between dansguardian and squid.
Amos
Is it linux based? Did you compile --enable-linux-netfilter?
Adrian
On Sat, Jan 05, 2008, Richard Pyne wrote:
I am having a problem with getting this combination to work properly. Yes,
I have searched the docs, faq and the web for an answer. The only
solutions I can find are for much older versions and do not work with the
current versions.
I am running squid 3.0STABLE1, shorewall 3.4.5 and dansguardian 2.8.0.6 on
my firewall machine.
shorewall is configured to redirect through dansguardian as a transparent
proxy:
REDIRECT loc 8080 tcp http
ACCEPT loc fw tcp 8080
Watching the logs, requests to dansguardian look fine, but the requests
showing in the squid log are missing the domain portion of the request.
The really strange part is that if the request comes to dansguardian from
the localhost (127.0.0.1) directly on port 8080 everything works fine and
the request in the squid log has the domain part of the request, but if
the request comes from a machine on the local net, the squid log shows
that the domain portion of the request is missing.
If I change the shorewall rules do only redirect through squid, everything
works fine, I just don't get any content filtering.
Please help, I have been tearing my hair out on this now for two days.
--Richard
--
Please use Squid 2.6STABLE17 or 3.0STABLE1.
There are serious security advisories out on all earlier releases.
