Yes Dave,
in squid.conf i set
acl myLan src 192.168.1.0/24
and
http_access deny myLan
to try if squid stops me but i can browse. I don't understand why
My iptables rule:
target prot opt source destination
REDIRECT tcp -- anywhere anywhere tcp
dpt:http redir ports 8080
Dansguardian network config.
# the port that DansGuardian listens to.
filterport = 8080
# the ip of the proxy (default is the loopback - i.e. this server)
proxyip = 127.0.0.1
# the port DansGuardian connects to proxy on
proxyport = 3128
Squid
acl myLan src 192.168.1.0/24
and
http_access deny myLan
http_port 3128
Dansguardian runs because it stops me browsing some blocked site! I
have to retry other times this evening.
Amos thanks, I'll try this evening, i don't know that directive.
2013/10/8 Amos Jeffries <squid3_at_treenet.co.nz>:
> On 8/10/2013 12:58 p.m., Dave Burkholder wrote:
>>
>> No squid is not bypassed. The order flow is:
>>
>> Browser -> Dansguardian -> Squid -> Internet
>>
>> If you're wanting to limit access via squid ACLs, that's another aspect
>> altogether.
>>
>> acl myLan src 10.0.4.0/24
>>
>> http_access deny myLan all
>>
>>
>> Do you have something like that in squid.conf?
>
>
> Don't forget the follow_x_forwarded_for to determine what the client on the
> other side of DG is.
>
> follow_x_forwarded_for allow localhost
> follow_x_forwarded_for deny all
>
>
> Amos
Received on Tue Oct 08 2013 - 06:13:30 MDT
This archive was generated by hypermail 2.2.0 : Tue Oct 08 2013 - 12:00:21 MDT