Search squid archive

Re: squid with dansguardian

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Yes Dave,
in squid.conf i set
acl myLan src 192.168.1.0/24
and
http_access deny myLan

to try if squid stops me but i can browse. I don't understand why

My iptables rule:

target     prot opt source               destination
REDIRECT   tcp  --  anywhere             anywhere             tcp
dpt:http redir ports 8080

Dansguardian network config.

# the port that DansGuardian listens to.
filterport = 8080

# the ip of the proxy (default is the loopback - i.e. this server)
proxyip = 127.0.0.1

# the port DansGuardian connects to proxy on
proxyport = 3128

Squid

acl myLan src 192.168.1.0/24
and
http_access deny myLan

http_port 3128

Dansguardian runs because it stops me browsing some blocked site! I
have to retry other times this evening.



Amos thanks, I'll try this evening, i don't know that directive.

2013/10/8 Amos Jeffries <squid3@xxxxxxxxxxxxx>:
> On 8/10/2013 12:58 p.m., Dave Burkholder wrote:
>>
>> No squid is not bypassed.  The order flow is:
>>
>> Browser -> Dansguardian -> Squid -> Internet
>>
>> If you're wanting to limit access via squid ACLs, that's another aspect
>> altogether.
>>
>> acl myLan src 10.0.4.0/24
>>
>> http_access deny myLan all
>>
>>
>> Do you have something like that in squid.conf?
>
>
> Don't forget the follow_x_forwarded_for to determine what the client on the
> other side of DG is.
>
>   follow_x_forwarded_for allow localhost
>   follow_x_forwarded_for deny all
>
>
> Amos




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux