[K12OSN] Dansguardian and squid wont play together

Duane Wilson aaa at pacifier.com
Tue Sep 7 12:56:59 UTC 2004 

goblin at scooter.co.nz wrote:

> Mark Cockrell wrote:
>
>> I'm not entirely certain about this, but I think that DG by default 
>> listens on port 8080.  If you're rerouting to port 3128, then I think 
>> you're skipping DG altogether.  Try rerouting from 80 to 8080 and see 
>> what happens.
>>
> Mark Cockrell wrote:
>
> > I'm not entirely certain about this, but I think that DG by default
> > listens on port 8080.  If you're rerouting to port 3128, then I think
> > you're skipping DG altogether.  Try rerouting from 80 to 8080 and see
> > what happens.
> >
>
> Yeah thats exactly right...
> You set Squid to listen on (localhost only) port 3128... DG will talk 
> to squid via 3128 but DG itself will listen on 8080.
>
> From your conf file
> =================================================
> # the port that DansGuardian listens to.
> filterport = 8080
>
> # the ip of the proxy (default is the loopback - i.e. this server)
> proxyip = 127.0.0.1
>
> # the port DansGuardian connects to proxy on
> proxyport = 3128
> =================================================
>
> All requests are then answered by DansGuardian.... DG should be the 
> only thing able to talk to squid or your filtering can be easily 
> bypassed by connecting to squid directly.
>
> (Internet)-->{(squid:3128)-->(DansGuardian:8080)}<:80-->(Clients)
>
> so yeah redirect to port 8080 and if it's still not working we will 
> need to have a look at your squid.conf file.
>
> Regards
>
> John
>
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
>
Thanks for explaining that to me.  That is very logical, but I didn't 
understand the flow.
I changed my firewall rules to intercept all port 80 trafic from the 
local network and send it to port 8080 where DansGuardian dutifuly 
filtered the requests.

I suspect some of you in the Portland area may have heard my shout for 
joy when I saw the "Access Denied" screen.

Yes, Linux rocks,  but not without people willing to help each other out!

Duane

More information about the K12OSN mailing list