Adrian Chadd wrote:
> Have you configured the http_port with 'transparent' ?
>
I think the problem here is that its *dansguardian* being redirected to
not squid. The transparent features of squid will not work when there is
no redirection, ie between dansguardian and squid.
Amos
> Is it linux based? Did you compile --enable-linux-netfilter?
>
>
>
> Adrian
>
>
> On Sat, Jan 05, 2008, Richard Pyne wrote:
>> I am having a problem with getting this combination to work properly. Yes,
>> I have searched the docs, faq and the web for an answer. The only
>> solutions I can find are for much older versions and do not work with the
>> current versions.
>>
>> I am running squid 3.0STABLE1, shorewall 3.4.5 and dansguardian 2.8.0.6 on
>> my firewall machine.
>>
>> shorewall is configured to redirect through dansguardian as a transparent
>> proxy:
>>
>> REDIRECT loc 8080 tcp http
>> ACCEPT loc fw tcp 8080
>>
>> Watching the logs, requests to dansguardian look fine, but the requests
>> showing in the squid log are missing the domain portion of the request.
>>
>> The really strange part is that if the request comes to dansguardian from
>> the localhost (127.0.0.1) directly on port 8080 everything works fine and
>> the request in the squid log has the domain part of the request, but if
>> the request comes from a machine on the local net, the squid log shows
>> that the domain portion of the request is missing.
>>
>> If I change the shorewall rules do only redirect through squid, everything
>> works fine, I just don't get any content filtering.
>>
>> Please help, I have been tearing my hair out on this now for two days.
>>
>> --Richard
>
-- Please use Squid 2.6STABLE17 or 3.0STABLE1. There are serious security advisories out on all earlier releases.Received on Mon Jan 07 2008 - 03:42:51 MST
This archive was generated by hypermail pre-2.1.9 : Fri Feb 01 2008 - 12:00:04 MST