Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Proxy Exceptions with Dansguardian

    Scheduled Pinned Locked Moved pfSense Packages
    5 Posts 2 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A Offline
      abbey
      last edited by

      Hello, i currently have 3 major components to my setup:

      1. Proxy for caching,
      2. Dansguarding for blocking/filtering,
      3. VPN for selective routing

      Since, i have squid running in Transparent mode, i found that i needed to add exceptions for sites that i needed to pass through VPN tunnel, otherwise squid would use my ISP.

      I do not understand how Dansguarding works, but it appears that i have to add the same exception again for NAT rules that pass port 80 to Dansguardian(DG)

      It seems redundant that i am specifying same rules to DG and squid. I would like to simplify this if possible if:
      user->DG->squid->firewall->Internet

      Shouldn't any exception in DG go to firewall?

      Additionally, i am trying to setup Antivirus (calmav) with DG. Is there a n00b tutorial for all the shell commands?

      1 Reply Last reply Reply Quote 0
      • marcellocM Offline
        marcelloc
        last edited by

        Dansguardian works fine with dansguardian.  Just configure the way you described. The nat exception maybe the worst part to configure. Keep squid in non transparent mode and listening on 127.0.0.1

        Treinamentos de Elite: http://sys-squad.com

        Help a community developer! ;D

        1 Reply Last reply Reply Quote 0
        • A Offline
          abbey
          last edited by

          How do i enable clamav scan?

          1 Reply Last reply Reply Quote 0
          • marcellocM Offline
            marcelloc
            last edited by

            It's on dansguardian gui. Just find the option and enable it.

            Treinamentos de Elite: http://sys-squad.com

            Help a community developer! ;D

            1 Reply Last reply Reply Quote 0
            • A Offline
              abbey
              last edited by

              the default status is off and it never comes on and it makes dansguardian unusable since it cant scan content.

              GUI notifies that freshclam is running but i know its not. By default freshcalm does not have any permissions to run updates, i had previously activated this and fixed all permission errors, but dansguardian always shows clamav status off

              I got pretty far but could not find clamd.conf as it didnt exist anywhere. Now i reinstalled everything and starting from square and need some directions.

              Update: On a side-note i got squid (non-transparent mode) working with dansguardian. Just like i want: all traffic is redirected based on my 1 NAT rule, instead of having rules+multiple exceptions. I made a mistake when testing dansguardian proxy which lead me to believe that proxy wasn't working. All i need is Clamav setup and ll be greatful!!!

              Update2: Got pretty far after finding a thread with same problem. Now i just need to know how to get blacklist working, DG does not download the specified list..

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.