ESXi 5.5 - want Squid and Dansguardian working in transparent mode (to users)
-
I've currently got a PC with two NICs running pfSense 2.1.5 with Squid 3.3.10 pkg 2.2.8 and Dansguardian 2.12.0.3_2 pkg v.0.1.12.
I've been trying to get Dansguardian to work with Squid with Squid set as a transparent proxy. I've tried all manner of combinations and read a number of posts online which assert quite strongly that DG simply will not work with Squid in transparent mode. I've sadly found this to be true. I've actually even tried taking Squid out of 'transparent' mode, and just having it use the LAN IP, which I suppose is basically the same thing anyway. I'm getting Squid, but I'm not getting anything out of DG at all. My absolute goal is filtering without any manual configuration on any client devices which connect to my network…hence my desire for getting the 'transparent' mode to work. :)
So, I realize this may just not be humanly possible on a single system. (If it is, please tell me how!)
My current idea is, what if I ditch my standalone PC and set up two VMs on my ESXi to handle Squid+DG separately in some fashion? Is it possible then to get squid to act as a transparent proxy and get DG to work in this way? I really don't care if it's not technically 'transparent' in the way it works, but I still need it to appear to be transparent to the client systems that connect in.
FWIW, my ESXi host has 6 network ports, so setting up dedicated ports for the instance(s) of pfSense is not a problem as far as hardware.
Has anyone come close to accomplishing what I'm looking for with DG and Squid? Or, is this simply impossible?