[ILUG] dansguardian, squid, smoothwall and transparent proxying
Stephen McGuinness
smcguinness at gmail.com
Wed Mar 9 08:55:20 GMT 2005
On Wed, 9 Mar 2005 00:12:32 +0000, conor.daly at cod.utvinternet.com
<conor.daly at cod.utvinternet.com> wrote:
> Eeek! Now that the kids are starting to want to go surfing, I'm working
> on a dansguardian / squid setup for the HAN. I'm running squid and
> dansguardian on the internal server and smoothwall express on the
> firewall. I have both dans and squid working and dilligently blocking but
> I have to manually configure the browsers {which the kids will
> {eventually} manually _unconfigure_}. To avoid this, I tried having
> smoothwall do a transparent proxy thing. I gave it the ip:port of the
> internal dans server and told it it was transparent. Now I get an "access
> denied" message from squid for any web access. I suspect it's the proxy
> equivalent of a mail loop since it's only when I put the smoothwall proxy
> bit in place that this happens.
Correct, smoothwall will redirect all the HTTP traffic to the internal
server, which will then try to access the interweb via the same route.
Can you set your internal proxy to use an upstream proxy at your ISP,
avoiding the port 80 (and/or 443?) on the smoothwall box?
>
> So, is there anything I can do to get smoothwall either
>
> 1. Use my internal dans/squid proxy transparently
> 2. Block relevant ports outbound so that a manual proxy config will be
> needed.
>
> Smoothwall express doesn't seem to allow outbound blocking.
>
> Conor
> --
> Conor Daly <conor.daly at oceanfree.net>
>
> Domestic Sysadmin :-)
> ---------------------
> Hobbiton.cod.ie
> 00:01:58 up 29 days, 11:22, 1 user, load average: 0.08, 0.08, 0.02
> --
> Irish Linux Users' Group
> http://www.linux.ie/mailman/listinfo/ilug/
>
>
More information about the ILUG
mailing list