Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Dansguardian See Source IP

    Scheduled Pinned Locked Moved pfSense Packages
    5 Posts 3 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Q
      qwaven
      last edited by

      Hey all,

      Wondering if anyone can help with the logging side of Dansguardian/Squid?

      I'm currently running 2.1.3-RELEASE and current package for Dansguardian and Squid3.

      I've also installed a few log watching packages/also built in ones and I'm seeing traffic but it all appears to be sourced from PFSense "127.0.0.1" instead of the actual IP "LAN IP" of the source.

      Below are what I'm looking at:

      Status –> Proxy Report
      Status --> Sarg Reports
      Server --> Proxy Server --> Real Time

      I'm redirecting port 80 with my firewall so all traffic goes through Dansguardian and Squid. Does redirect cause this?

      Perhaps I've just got the wrong options enabled?

      Any thoughts/help would be great!

      Thanks

      1 Reply Last reply Reply Quote 0
      • R
        rjcrowder
        last edited by

        Look at the dansguardian logs. It is getting lost on the pass from dg to squid. In theory you can also get it to show in squid by setting the xforwarded header and then reporting that in squid - but I was never able to get it working.

        1 Reply Last reply Reply Quote 0
        • S
          smar
          last edited by

          I have mine working using the x-forwarder etc.

          1. On the Proxy Services page, in the Custom ACLs(Before_Auth) box, add (without the quotations) "follow_x_forwarded_for allow localhost"

          2. On the Dansguardian page, General Tab, Under Misc Settings, select the line "fowardedfor(off)" and click save

          Both my proxy reports and the Sarge reports now show the client IPs.

          1 Reply Last reply Reply Quote 0
          • R
            rjcrowder
            last edited by

            If you want something a little better for reporting on DG, you can also check this out… https://forum.pfsense.org/index.php?topic=69003.msg377440#msg377440

            1 Reply Last reply Reply Quote 0
            • Q
              qwaven
              last edited by

              Hey all,

              Thanks a lot for your replies. I've configured Squid/Dansguardian as suggested and it appears to be working. In Sarg and I monitor Squid logs and see local lan IP's now. :)

              Might try and play around with dglog2 at some point.

              Cheers!

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.