Dansguardian not blocking



  • I have a fresh install of pfS 2.0.1 AMD64.
    Dansguardian: 2.12.0.0 pkg v.0.1.6_1 via the package manager of webConfigurator
    Squid3: 3.1.20 pkg 2.0.5_5 via the package manager of webConfigurator

    I first installed squid3, then Dansguardian.  Squid3 is configured and working.  Dansguardian is configured but doesn't appear to be working.  I've created a NAT port forward of "LAN/TCP/LAN net///80 (HTTP)/127.0.0.1/8080".  I have squid3 working on loopback, 3128, transparent and Dans configured on LAN, 8080 with proxy of 127.0.0.1:3128.

    I've done all the configuring via the webConfigurator - no modifying via shell or whathaveyou.

    I add "playboy.com" to the config (text file) section of Services, Dansguardian, Access Lists, Site, Default (edit), Banned and then navigate to said site and I still am able to see all the site.

    I've overlooked something but can't see what/where.  I've rebooted pfS multiple times, run dansguardian -Q after each config change… still nothing.

    Looking at the system log this stands out:

    Nov 1 15:01:27 php: : Not calling package sync code for dependency squidreverse of squid3 because some include files are missing.
    Nov 1 15:01:24 php: : XML error: XML_ERR_NAME_REQUIRED at line 1 in /usr/local/pkg/dansguardian_users_footer.xml
    Nov 1 15:01:24 php: : XML error: Invalid document end at line 99 in /usr/local/pkg/dansguardian_users_header.xml
    Nov 1 15:01:24 php: : XML error: Invalid document end at line 114 in /usr/local/pkg/dansguardian_ips_header.xml

    Any help is appreciated.

    Thx



  • The first step is to check and save all dansguardian config tabs.
    Second step is check you nat for transparent proxy



  • Thanks for the help.

    Here is the image of NAT…

    NAT

    Everything is "checked" as in the check boxes in the multiple config tabs have been checked.  I have also checked/reviewed the settings (if that's what you meant?)



  • Here are Dansguardian and Squid3 config (general) screens:


    Dansguardian Daemon


    Squid3 General



  • Try changing 127.0.0.1 to the IP of your Server (usually 192.168.1.1 or something like that)



  • tried changing 127.0.0.1 to local IP of the pfS box and all IP traffic came to a halt.  Changed in the NAT and also within the DG config.

    Putting back to 127.0.0.1



  • Does there need to be anything in the Firewall/Rules section (LAN?) or just in the Firewall/NAT?



  • There we go… kind of.

    DansGuardian: Listen Interface = LAN, Listen Port = 8080, Proxy IP = (internal IP of pfS), Proxy Port = 3128
    Squid3: Proxy Interface = loopback, Proxy port = 3128, Allow users on interface = checked, Transparent proxy = checked
    NAT:LAN/TCP/LAN net///80 (HTTP)/10.1.1.254/8080

    Then I get filtering via DansGuardian.  However, I don't get updates to the /var/log/dansguardian/access.log  System Logs report:

    dansguardian[48437]: Error connecting via IPC socket to log: Connection refused

    Looking for why.
    EDIT: Changed DG listen interface to include both LAN and Loopback and proxy IP back to 127.0.0.1, changed the NAT from (LAN pfS IP) to 127.0.0.1 and everything works.


Log in to reply