Pfsense2.1.4+squid+dansguardian+Ldap



  • Hello Everyone

    I am new in this forum and I have some problems with danguardian and ldap.
    squid(3) is authenticating with ldap, dansguardian also get users from AD (2008r2). Authentication in dans is set to "proxy base" and proxy doesn’t ask me for username and password and is working with dansguardian "default group" by default, ignoring other groups with users.
    If I comment #http_access allow localhost in squid.conf system ask me for user and password and dansguardian groups are used. Everything is working OK until I change something in squid web gui and manually edit of "http_access allow localhost" in squid.conf is overwritten. Where can I change or disable default settings for "http_access allow localhost"
    Pfsense is 2.1.4.

    Thanks in advance
    Bogdan



  • Hello

    I tried same scenario with pfs-2.1.3 and squid-2 and I have the same problem as mentioned in previous massage.
    Am I missing something in squid configuration. Squid.conf is generated with WEB GUI, where in WEB GUI can  "http_access allow localhost" be disabled. With "http_access allow localhost" Dansguardian filter groups doesnt work for me.

    Regards
    Binkec



  • Hello

    I found a solution for disabling default setting "http_access allow localhost", default settings are in /usr/local/pkg/squid.inc.
    Maybe someone can find this useful.

    I have second question I need some help.
    Now Dansguardian filter groups are working but asking user for credentials every time you start the browser. Is it possible to use domain login credentials with browser, so when you login to computer you automatically get rules for using the internet.

    Regards
    Binkec