Squid with Dansguardian problem.

To: debian-user@lists.debian.org
Subject: Squid with Dansguardian problem.
From: "Semih Gokalp" <semihgokalp@gmail.com>
Date: Wed, 14 Nov 2007 11:55:50 +0200
Message-id: <[🔎] 9d56246d0711140155u1e119f7axc25149dc7434190a@mail.gmail.com>

I am sorry for asking question to debian list about dansguardian.
I am using dansguardian + squid3 + clamav but i have a problem.

I have two NIC and eth1:192.168.0.0/24(inside) and eth0:192.168.1.0/24(outside)

1)I configured Dansguardianlike below:

filterip =192.168.0.1
filterport = 8080
proxyip = 127.0.0.1 (Same server)
proxyport = 3128

usernameidmethodproxyauth = on ( i tried "off" but not worked)
usernameidmethodntlm = off # **NOT IMPLEMENTED**
usernameidmethodident = off

2)And configured squid like below:

http_port 3128 transparent

cache_dir ufs /media/httpcache/squid3 512 16 256
access_log /media/httpcache/log/squid3/access.log

acl all src 0.0.0.0/0.0.0.0
acl yerel src 192.168.0.0/24
acl manager proto cache_object
acl localhost src 127.0.0.0/8
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT

http_access allow manager localhost
http_access deny manager
# Deny requests to unknown ports
http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow yerel

http_reply_access allow all

icp_access allow all

3)and configured iptables like this:

iptables -t nat -A PREROUTING -p tcp -i $INTIF -s 192.168.0.0/24 --dport 80 -j REDIRECT --to-port 8080

but when i try enter to any website,web browser print this:

--------
ERROR
The requested URL could not be retrieved

The fallowing error was encountered:

Invalid URL

-Missing or incorrect access protocol (Should be http:// or smilar)
-Missing hostname
-Illegal double-escape in the URL-Path
-Illegal character in hostname;underscores are not allowed
---------------

But when i use only squid(REDIRECT 3128),i have not a problem.

Why dont work squid with dansguardian ?

If you help me,i will be happy.

--
Semih Gokalp

Reply to:

Follow-Ups:
- Re: Squid with Dansguardian problem.
  - From: Mihira Fernando <mihiratheace@gmail.com>

Prev by Date: Re: Convert .OGG to .MPEG or .SWF
Next by Date: Re: Suggest core2duo motherboard for debian.
Previous by thread: Re: need help with BIND9
Next by thread: Re: Squid with Dansguardian problem.
Index(es):
- Date
- Thread