HELP: Squid3 + SquidGuard + HAVP

canefield

Dear all,

I'm trying to configure Squid3 with HAVP and SquidGuard. I read a lot of topics but don't have a clue what to use.
INET -> HAVP -> SQUID -> NETWORK or INET -> SQUID -> NETWORK
I want the internal network completely secured (HAVP), cached (SQUID) and filtered (SquidGuard).

I've tried several configurations, but all without luck concerning my desires/wishes. Meaning trying to setup HAVP working with Squid and vise versa. Using transparent proxy and so on…no luck at all.
So first only used Squid as transparent proxy...but is transparent working. With everything configured I don't see/notice that Squid is my proxy. I did a check on 'whatismyip.com' and nothing illustrates I'm using a proxy; only if I configure it manually. So my first question, how to test if I'm really using the proxy? Second how to combine that with HAVP and SquidGuard? In which order (INET -> HAVP -> SQUID -> NETWORK or INET -> SQUID -> NETWORK) and why would you use/suggest that?
When using one or the other option manually, what proxy-address should I enter in my browser? So far as I understand always the one directly near the LAN/NETWORK, right? The other is it's master in any way, right?

As far as I know, in transparent-mode all HTTPS request are out of scope, right? So for security reasons it is perhaps better to use a predefined proxy-address in the browser.

I looked at serveral posts, but can't get it to work properly:
http://doc.pfsense.org/index.php/Setup_Squid_as_a_Transparent_Proxy
http://doc.pfsense.org/index.php/HAVP_Package_for_HTTP_Anti-Virus_Scanning
http://forum.pfsense.org/index.php/topic,14643.0.html
http://forum.pfsense.org/index.php/topic,48547.0.html
http://forum.pfsense.org/index.php/topic,27756.0.html
http://doc.pfsense.org/index.php/SquidGuard_package

I was not ready yet to look at SquidGuard, because the others where not functioning like it should.

Please help me out and again all suggestions are welcome. Also other packages or whatever you think.

Thanks in advance,
Canefield

marcelloc

canefield,

I think I've told you that but try to configure each step at once.

first, get squid working, then havp or squidguard and then all packages together

Something you need to learn is to debug things on console, using tail, tcpdump, etc.

att,
Marcello Coutinho

canefield

Marcello and others,

I'm willing to learn…could you give my examples of tcpdump and other important programs? Somewhere out there any pfSense debug/administrator guide about this?

Do you have any preference regarding in which order you would configure the whole bundel? Why? If working with manual proxy (no WPAD or Rules) which proxy address should I use for my browser settings?

Thx,
Canefield

marcelloc

I'm using squid3 and dansguardian.

Tcpdump helps you on watching traffic on console. Really useful to detected problems with routing,missing rules and Nat. Google for tcpdump, you will find a lot of examples.

The tail is used to watch logs in real-time, so if you are debugging squid, you will do a tail -f /var/squid/logs/cache.log and access log.

canefield

Marcello and others,

Second how to combine that with HAVP and SquidGuard? In which order (INET -> HAVP -> SQUID -> NETWORK or INET -> SQUID -> NETWORK) and why would you use/suggest that?
When using one or the other option manually, what proxy-address should I enter in my browser? So far as I understand always the one directly near the LAN/NETWORK, right? The other is it's master in any way, right?

Q1: Which order is 'best'?
Q2: Still my remaining question about which proxy should I refer in my browser?

Thanks,
Canefield

marcelloc

If you are using authentication, squid should be fist. and havp a parent for squid.

Dansguardian needs squid after to fetch urls.