Dansguardian not blocking
-
I have a fresh install of pfS 2.0.1 AMD64.
Dansguardian: 2.12.0.0 pkg v.0.1.6_1 via the package manager of webConfigurator
Squid3: 3.1.20 pkg 2.0.5_5 via the package manager of webConfiguratorI first installed squid3, then Dansguardian. Squid3 is configured and working. Dansguardian is configured but doesn't appear to be working. I've created a NAT port forward of "LAN/TCP/LAN net///80 (HTTP)/127.0.0.1/8080". I have squid3 working on loopback, 3128, transparent and Dans configured on LAN, 8080 with proxy of 127.0.0.1:3128.
I've done all the configuring via the webConfigurator - no modifying via shell or whathaveyou.
I add "playboy.com" to the config (text file) section of Services, Dansguardian, Access Lists, Site, Default (edit), Banned and then navigate to said site and I still am able to see all the site.
I've overlooked something but can't see what/where. I've rebooted pfS multiple times, run dansguardian -Q after each config change… still nothing.
Looking at the system log this stands out:
Nov 1 15:01:27 php: : Not calling package sync code for dependency squidreverse of squid3 because some include files are missing.
Nov 1 15:01:24 php: : XML error: XML_ERR_NAME_REQUIRED at line 1 in /usr/local/pkg/dansguardian_users_footer.xml
Nov 1 15:01:24 php: : XML error: Invalid document end at line 99 in /usr/local/pkg/dansguardian_users_header.xml
Nov 1 15:01:24 php: : XML error: Invalid document end at line 114 in /usr/local/pkg/dansguardian_ips_header.xmlAny help is appreciated.
Thx
-
The first step is to check and save all dansguardian config tabs.
Second step is check you nat for transparent proxy -
Thanks for the help.
Here is the image of NAT…
NATEverything is "checked" as in the check boxes in the multiple config tabs have been checked. I have also checked/reviewed the settings (if that's what you meant?)
-
-
Try changing 127.0.0.1 to the IP of your Server (usually 192.168.1.1 or something like that)
-
tried changing 127.0.0.1 to local IP of the pfS box and all IP traffic came to a halt. Changed in the NAT and also within the DG config.
Putting back to 127.0.0.1
-
Does there need to be anything in the Firewall/Rules section (LAN?) or just in the Firewall/NAT?
-
There we go… kind of.
DansGuardian: Listen Interface = LAN, Listen Port = 8080, Proxy IP = (internal IP of pfS), Proxy Port = 3128
Squid3: Proxy Interface = loopback, Proxy port = 3128, Allow users on interface = checked, Transparent proxy = checked
NAT:LAN/TCP/LAN net///80 (HTTP)/10.1.1.254/8080Then I get filtering via DansGuardian. However, I don't get updates to the /var/log/dansguardian/access.log System Logs report:
dansguardian[48437]: Error connecting via IPC socket to log: Connection refused
Looking for why.
EDIT: Changed DG listen interface to include both LAN and Loopback and proxy IP back to 127.0.0.1, changed the NAT from (LAN pfS IP) to 127.0.0.1 and everything works.