• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Dansguardian not blocking

Scheduled Pinned Locked Moved pfSense Packages
8 Posts 3 Posters 3.2k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • A
    awsiemieniec
    last edited by Nov 1, 2012, 10:21 PM

    I have a fresh install of pfS 2.0.1 AMD64.
    Dansguardian: 2.12.0.0 pkg v.0.1.6_1 via the package manager of webConfigurator
    Squid3: 3.1.20 pkg 2.0.5_5 via the package manager of webConfigurator

    I first installed squid3, then Dansguardian.  Squid3 is configured and working.  Dansguardian is configured but doesn't appear to be working.  I've created a NAT port forward of "LAN/TCP/LAN net///80 (HTTP)/127.0.0.1/8080".  I have squid3 working on loopback, 3128, transparent and Dans configured on LAN, 8080 with proxy of 127.0.0.1:3128.

    I've done all the configuring via the webConfigurator - no modifying via shell or whathaveyou.

    I add "playboy.com" to the config (text file) section of Services, Dansguardian, Access Lists, Site, Default (edit), Banned and then navigate to said site and I still am able to see all the site.

    I've overlooked something but can't see what/where.  I've rebooted pfS multiple times, run dansguardian -Q after each config change… still nothing.

    Looking at the system log this stands out:

    Nov 1 15:01:27 php: : Not calling package sync code for dependency squidreverse of squid3 because some include files are missing.
    Nov 1 15:01:24 php: : XML error: XML_ERR_NAME_REQUIRED at line 1 in /usr/local/pkg/dansguardian_users_footer.xml
    Nov 1 15:01:24 php: : XML error: Invalid document end at line 99 in /usr/local/pkg/dansguardian_users_header.xml
    Nov 1 15:01:24 php: : XML error: Invalid document end at line 114 in /usr/local/pkg/dansguardian_ips_header.xml

    Any help is appreciated.

    Thx

    1 Reply Last reply Reply Quote 0
    • M
      marcelloc
      last edited by Nov 2, 2012, 5:51 AM

      The first step is to check and save all dansguardian config tabs.
      Second step is check you nat for transparent proxy

      Treinamentos de Elite: http://sys-squad.com

      Help a community developer! ;D

      1 Reply Last reply Reply Quote 0
      • A
        awsiemieniec
        last edited by Nov 2, 2012, 5:31 PM

        Thanks for the help.

        Here is the image of NAT…

        NAT

        Everything is "checked" as in the check boxes in the multiple config tabs have been checked.  I have also checked/reviewed the settings (if that's what you meant?)

        1 Reply Last reply Reply Quote 0
        • A
          awsiemieniec
          last edited by Nov 2, 2012, 6:02 PM

          Here are Dansguardian and Squid3 config (general) screens:


          Dansguardian Daemon


          Squid3 General

          1 Reply Last reply Reply Quote 0
          • L
            lexemmens
            last edited by Nov 2, 2012, 7:18 PM

            Try changing 127.0.0.1 to the IP of your Server (usually 192.168.1.1 or something like that)

            1 Reply Last reply Reply Quote 0
            • A
              awsiemieniec
              last edited by Nov 2, 2012, 7:32 PM

              tried changing 127.0.0.1 to local IP of the pfS box and all IP traffic came to a halt.  Changed in the NAT and also within the DG config.

              Putting back to 127.0.0.1

              1 Reply Last reply Reply Quote 0
              • A
                awsiemieniec
                last edited by Nov 2, 2012, 7:34 PM

                Does there need to be anything in the Firewall/Rules section (LAN?) or just in the Firewall/NAT?

                1 Reply Last reply Reply Quote 0
                • A
                  awsiemieniec
                  last edited by Nov 2, 2012, 10:09 PM Nov 2, 2012, 8:15 PM

                  There we go… kind of.

                  DansGuardian: Listen Interface = LAN, Listen Port = 8080, Proxy IP = (internal IP of pfS), Proxy Port = 3128
                  Squid3: Proxy Interface = loopback, Proxy port = 3128, Allow users on interface = checked, Transparent proxy = checked
                  NAT:LAN/TCP/LAN net///80 (HTTP)/10.1.1.254/8080

                  Then I get filtering via DansGuardian.  However, I don't get updates to the /var/log/dansguardian/access.log  System Logs report:

                  dansguardian[48437]: Error connecting via IPC socket to log: Connection refused

                  Looking for why.
                  EDIT: Changed DG listen interface to include both LAN and Loopback and proxy IP back to 127.0.0.1, changed the NAT from (LAN pfS IP) to 127.0.0.1 and everything works.

                  1 Reply Last reply Reply Quote 0
                  8 out of 8
                  • First post
                    8/8
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                    This community forum collects and processes your personal information.
                    consent.not_received