This is a discussion on users -> dansguardian -> squid -> internet problem. - squid ; i have many users on a closed network and they surf through a redhat fire wall. Linux version 2.6.9-1.667smp (firstname.lastname@example.org) (gcc version 3.4.2 20041017 (Red Hat 3.4.2-6.fc3)) #1 SMP Tue Nov 2 14:59:52 EST 2004 dansguardian-18.104.22.168 squid-2.5.STABLE14-20060522 the apache web ...
i have many users on a closed network
and they surf through a redhat fire wall.
Linux version 2.6.9-1.667smp (email@example.com) (gcc
version 3.4.2 20041017 (Red Hat 3.4.2-6.fc3)) #1 SMP Tue Nov 2 14:59:52
the apache web engine has been running great for about a year.
the postmail has been running well for about a year or so.
a few bugs with cyrus, but working.
i have setup squid in transparent mode, and users can connect to the
firewall via port 3128.
and it logs every http link they use.
i am experimenting with dansguardian. and it acts like every thing is
i am running them both as user squid.
but dansguardian won't connect to the squid. squid appears to be
squid is pretty open for business.
i even made a quick test with
iptables -t nat -A PREROUTING -m tcp -p tcp --dport 8080 -j REDIRECT
just to make sure a client could connect from 8080 to 3128 and that did
squid logged every web site.
then i disabled the iptables rule and brought up dansguardian in the
dansguardian never connects to squid.
i turned on DEBUG in dansguardian and recompiled it.
it makes it through ConnectionHandler.cpp line 263. and attempts to do
with FDTunnel, where it makes it to line 183 where it attempts to do a
select( and then fails.
not sure what this is all about.
relevant trace from dansguardian ---->>>>>>
GET http://dansguardian.org/ HTTP/1.1
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US;
rv:22.214.171.124) Gecko/20060426 Firefox/126.96.36.199
from header url:http://dansguardian.org
About to determine group
User not in filter groups list:172.16.4.73=
FDTunnel 183, writefds :0
[root@fw-me dansguardian-188.8.131.52]# netstat -platn | egrep "dans|squid"
tcp 0 0 0.0.0.0:8080 0.0.0.0:*
tcp 0 0 0.0.0.0:3128 0.0.0.0:*