Hi, I have followed this guide to the best of my ability and can't seem to get over a hurdle. In squid.conf we set it it listen on ports 3128 and 8080. We set dansguardian.conf with a filter port of 3130 and proxy port of 3128. So it goes browser 8080 --> squid 8080 ? How does it get to dansguardian's filter port 3130? Mine seems to work fine authenticating and all, but I can't block anything. Thanks if you can help. btw, 8.04
...I second that! I would like an answer to this too if anyone knows. I'm hard at work trying to figure it out for myself, but I'm a bit thick so this could take a while. shawn
ports Oh, and from my understanding the ports involved are 8081(DG) 3128(DGtoSquid) 8080(Proxy Port) Am I wrong? Thanks, Shawn
one more thing Sorry for all the replies, but I need to get my post count above three so I can ask the author himself. Thanks, Shawn
I too am trying this solution, but I cannot get DG to connect to Squid.... "Error connecting to parent proxy"
How closely did you follow the howto? I'm finding that the latest version of Debian with base system only doesn't even have the right repos for an apt-get installation of DG. Can you confirm that DG is running, and how many nics do you have in the computer? shawn
Silly me!!!! Squid wasn't running.... Fixed now, but everything is blocked.. How do the filter groups tie up with Active directory groups? Squid is set to 3128 localhost. DG Filter IP ***.***.***.****:8081 and Proxy IP 127.0.0.1:3128 Cheers
Ha! we're having exactly the opposite problem. I'm able to get squid to check AD and NTLM to authenticate, but DG wont work right. Try this: server:~# wbinfo -g server:~# wbinfo -u These two commands should check whether or not you're cool with Active Directory. You did join your domain already, right? Oh, and if you were able to install DG from apt-get, please send me a copy of your /etc/apt/sources.list file. Thanks! Shawn
My AD lookup is working just fine, i can resolve users and groups easy, but i don't seem to be able to attribute an ad group to a filter group in dg.... DG is a stable package for etch.... deb http://ftp.uk.debian.org/debian/ etch main deb-src http://ftp.debian.org/debian/ etch main deb http://security.debian.org/ etch/updates main contrib deb-src http://security.debian.org/ etch/updates main contrib deb http://download.webmin.com/download/repository sarge contrib
cool, thank you for that file. So as I understand it, NTLM is a user-level authentication. You'll still need to add AD usernames to the usergroupslist file under /etc/dansguardian. I don't know how to get squid to look so far into AD as to be able to determine group membership of the user. Another authentication method is IDENT, but I have no idea how that works or what it does. you should be able to simplify the addition of usernames to the config file by using the wbinfo command and piping it to a text file, but I haven't gotten quite that far yet. BTW, I'm starting over from scratch to try and get a handle on how exactly this thing is put together. I have been corresponding with the original author (and I'll post the transcript here once the questions are answered for other users to see) but I'm still a bit confused as to how the process works. I think I need a flowchart. I do have a few questions for you to see how your experience has differed from mine: Did all the line numbers that the howto told you to change match up to the line numbers in your config files? (dansguardian.conf, squid.conf, etc) Were you able to install DG from the repository, and did you get the spelling error for resolvEconf (notice the "E") when installing things in the beginning? When you did get DG installed, then installed the webmin module, was it compatible with your version of DG? Mine wasn't, but I got DG from another source since it wasn't in my repositories. Thanks for collaborating, let me know if you have any more questions and I'll try to answer them with my meager linux knowledge. Shawn P.S. Here's my default sources.list file from a base install of etch: deb cdrom:[Debian GNU/Linux 4.0 r4 _Etch_ - Official i386 DVD Binary-1 20080726$ deb http://security.debian.org/ etch/updates main contrib deb-src http://security.debian.org/ etch/updates main contrib
Not all the line numbers matched in the squid conf, especially for "lines 1791 through 1783" in the how-to, so i just changed everything for ntlm and basic, lines 1792 - 1794 and 1801 to 1803, as it seemed logical. resolv.conf was already installed and since my nameserver is also a domain controller i didn't neeed to alter the entries. "apt-get install dansguardian" worked for me. I can't remember where I got my dg webmin module, sorry... Thanks for the tip with usergrouplist... Cheers
I'm having a hard time following some of the Howto. Not all of the lines match up in all the config files, llike the smb.conf, what exactly am i looking for? What specific lines do I need to change? Can someone who ahs set this please help me out?
