This is a read-only archive. Find the latest Linux articles, documentation, and answers at the new Linux.com!

Linux.com

Followed proceedure and nothing works

Posted by: Administrator on June 06, 2006 01:23 PM
I am using Kanotix 2.6.17 KDE 3.5.2 on an AMD 1100 512MB box. I am trying to make Dansguardian run ontop of squid, but when I try to start DG I get Restarting DansGuardian: Error connecting to parent proxy. Now I have read that if squid is setup right without any filter ontop of it, if you point your browser to the reroute (127.0.0.1:3128) you should get through and a log of what is going on will appear in access.log. Well I setup squid as directed and setup the iptables as directed and no access to internet and nothing shows up in access.log. here is both what I did in konsole and squid and DG. There has to be an answer out there somewhere, I am a newbie to Linux, but I have visited dozens of sites, they all say basically the same thing, but I must be missing something or have something else configured wrong, because although squid is loaded, it is not doing anything. Is their anyone who knows something that can help. This is the first time I have come across anything that no one seems to know the answer.
# iptables -F
# iptables -X
# iptables -t nat -F
# iptables -t nat -X
# iptables -t mangle -F
# iptables -t mangle -X
# iptables -t nat -A OUTPUT -p tcp --dport 80 -m owner --uid-owner squid -j ACCEPT
# iptables -t nat -A OUTPUT -p tcp --dport 3128 -m owner --uid-owner squid -j ACCEPT
# iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to-ports 8080
# iptables -t nat -A OUTPUT -p tcp --dport 3128 -j REDIRECT --to-ports 8080
# iptables-save ><nobr> <wbr></nobr>/etc/sysconfig/iptables
#<nobr> <wbr></nobr>/etc/init.d/squid restart
Restarting Squid HTTP proxy: squid.
#<nobr> <wbr></nobr>/etc/init.d/dansguardian restart
Restarting DansGuardian: Error connecting to parent proxy


squid.conf uncomented lines

http_port 3128
udp_incoming_address 192.168.7.151
udp_outgoing_address 255.255.255.255
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 32 MB
maximum_object_size 8192 KB
cache_dir ufs<nobr> <wbr></nobr>/var/spool/squid 100 16 256
cache_access_log<nobr> <wbr></nobr>/var/log/squid/access.log
cache_log<nobr> <wbr></nobr>/var/log/squid/cache.log
emulate_httpd_log off
log_ip_on_direct on
client_netmask 255.255.255.0
hosts_file<nobr> <wbr></nobr>/etc/hosts
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 127.0.0.1/255.255.255.255
acl manager proto cache_object
acl localhost src 0.0.0.0/0.0.0.0
acl to_localhost dst 127.0.0.1/32
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny to_localhost
acl lan src 192.168.7.0/24
http_access allow lan
http_access allow localhost
http_access deny all
http_reply_access allow all
icp_access allow all
miss_access allow all
visible_hostname 'hostname'
unique_hostname 'hostname'
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_single_host on
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
coredump_dir<nobr> <wbr></nobr>/var/spool/squid
cache_effective_group squid
cache_effective_user squid


dancguardian.conf uncomented lines

reportinglevel = 3
languagedir = '/etc/dansguardian/languages'
language = 'ukenglish'
loglevel = 1
logexceptionhits = on
logfileformat = 1
loglocation = '/var/log/dansguardian/access.log'
filterip =127.0.0.1
filterport = 8080
proxyip = 127.0.0.1
proxyport = 3128
accessdeniedaddress = 'http://www.cbc.ca/'
nonstandarddelimiter = on
usecustombannedimage = 1
custombannedimagefile = '/etc/dansguardian/transparent1x1.gif'
filtergroups = 1
filtergroupslist = '/etc/dansguardian/filtergroupslist'
bannediplist = '/etc/dansguardian/bannediplist'
exceptioniplist = '/etc/dansguardian/exceptioniplist'
banneduserlist = '/etc/dansguardian/banneduserlist'
exceptionuserlist = '/etc/dansguardian/exceptionuserlist'
showweightedfound = on
weightedphrasemode = 2
urlcachenumber = 2000
urlcacheage = 900
phrasefiltermode = 2
preservecase = 0
hexdecodecontent = 0
forcequicksearch = 0
reverseaddresslookups = off
reverseclientiplookups = off
createlistcachefiles = on
maxuploadsize = -1
maxcontentfiltersize = 256
usernameidmethodproxyauth = on
usernameidmethodident = off
preemptivebanning = on
forwardedfor = off
usexforwardedfor = off
logconnectionhandlingerrors = on
maxchildren = 120
minchildren = 8
minsparechildren = 4
preforkchildren = 6
maxsparechildren = 32
maxagechildren = 500
ipcfilename = '/tmp/.dguardianipc'
urlipcfilename = '/tmp/.dguardianurlipc'
nodaemon = off
nologger = off
daemonuser = squid
daemongroup = squid
softrestart = off
virusscan = on
virusengine = 'clamav'
tricklelength = 32768
firsttrickledelay = 30
followingtrickledelay = 60
exceptionvirusmimetypelist = '/etc/dansguardian/exceptionvirusmimetypelist'
maxcontentscansize = 262144
exceptionvirusextensionlist = '/etc/dansguardian/exceptionvirusextensionlist'
downloaddir = '/tmp/dgvirus'
virusscanexceptions = on
urlcachecleanonly = on
virusscannertimeout = 60
localsocket = '/tmp/clamd'
clmaxfiles = 1500
clmaxreclevel = 3
clmaxfilesize = 10485760
clmaxratio = 250

#

Return to A parent's guide to Linux Web filtering