i have many users on a closed network
and they surf through a redhat fire wall.

Linux version 2.6.9-1.667smp (bhcompile@tweety.build.redhat.com) (gcc
version 3.4.2 20041017 (Red Hat 3.4.2-6.fc3)) #1 SMP Tue Nov 2 14:59:52
EST 2004

dansguardian-2.8.0.6
squid-2.5.STABLE14-20060522
the apache web engine has been running great for about a year.
the postmail has been running well for about a year or so.
a few bugs with cyrus, but working.

i have setup squid in transparent mode, and users can connect to the
firewall via port 3128.
and it logs every http link they use.

i am experimenting with dansguardian. and it acts like every thing is
ok.
i am running them both as user squid.
but dansguardian won't connect to the squid. squid appears to be
configured correctly.
squid is pretty open for business.

i even made a quick test with

iptables -t nat -A PREROUTING -m tcp -p tcp --dport 8080 -j REDIRECT
--to-port 3128

just to make sure a client could connect from 8080 to 3128 and that did
work.
squid logged every web site.

then i disabled the iptables rule and brought up dansguardian in the
forground.
dansguardian never connects to squid.

i turned on DEBUG in dansguardian and recompiled it.

it makes it through ConnectionHandler.cpp line 263. and attempts to do
something

with FDTunnel, where it makes it to line 183 where it attempts to do a
select( and then fails.

not sure what this is all about.


relevant trace from dansguardian ---->>>>>>

got connection
172.16.4.73
GET http://dansguardian.org/ HTTP/1.1
Host: dansguardian.org
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US;
rv:1.8.0.3) Gecko/20060426 Firefox/1.5.0.3
Accept:
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: identity,gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Proxy-Connection: Close
Cache-Control: max-age=0
from header url:http://dansguardian.org
decoding url
matches:0
getting username...
About to determine group
User not in filter groups list:172.16.4.73=
filtergroup:0
extracted url:http://dansguardian.org
ConnectionHandler 263:
FDTunnel 183, writefds :0

numchildren:8
busychildren:1
freechildren:7
waitingfor:0


[root@fw-me dansguardian-2.8.0.6]# netstat -platn | egrep "dans|squid"
tcp 0 0 0.0.0.0:8080 0.0.0.0:*
LISTEN 4590/dansguardian
tcp 0 0 0.0.0.0:3128 0.0.0.0:*
LISTEN 2212/(squid)