Proxy Exceptions with Dansguardian
-
Hello, i currently have 3 major components to my setup:
1. Proxy for caching,
2. Dansguarding for blocking/filtering,
3. VPN for selective routingSince, i have squid running in Transparent mode, i found that i needed to add exceptions for sites that i needed to pass through VPN tunnel, otherwise squid would use my ISP.
I do not understand how Dansguarding works, but it appears that i have to add the same exception again for NAT rules that pass port 80 to Dansguardian(DG)
It seems redundant that i am specifying same rules to DG and squid. I would like to simplify this if possible if:
user->DG->squid->firewall->InternetShouldn't any exception in DG go to firewall?
Additionally, i am trying to setup Antivirus (calmav) with DG. Is there a n00b tutorial for all the shell commands?
-
Dansguardian works fine with dansguardian. Just configure the way you described. The nat exception maybe the worst part to configure. Keep squid in non transparent mode and listening on 127.0.0.1
-
How do i enable clamav scan?
-
It's on dansguardian gui. Just find the option and enable it.
-
the default status is off and it never comes on and it makes dansguardian unusable since it cant scan content.
GUI notifies that freshclam is running but i know its not. By default freshcalm does not have any permissions to run updates, i had previously activated this and fixed all permission errors, but dansguardian always shows clamav status off
I got pretty far but could not find clamd.conf as it didnt exist anywhere. Now i reinstalled everything and starting from square and need some directions.
Update: On a side-note i got squid (non-transparent mode) working with dansguardian. Just like i want: all traffic is redirected based on my 1 NAT rule, instead of having rules+multiple exceptions. I made a mistake when testing dansguardian proxy which lead me to believe that proxy wasn't working. All i need is Clamav setup and ll be greatful!!!
Update2: Got pretty far after finding a thread with same problem. Now i just need to know how to get blacklist working, DG does not download the specified list..