ltsp and dansguardian
Valerio Pachera
sirio81 at gmail.com
Tue Dec 4 14:57:56 UTC 2012
Hi all, my ltsp server running edubuntu 12.04 is also the gateway for
the local net.
I has two nics so it nat the connections.
I wanted to add a content filer: squid + dansguardian.
It's pretty easy to configure,
Edit the file 7etc/dansguardian/dansguardina.conf
remove the file starting with
#UNCONFIGURED
set
filterip = 192.168.0.254
Restart dansguardian.
PC of the local net use edubuntu like gateway so, to force their
connecction to pass trough dansguardian without setting a proxy in
alle user's browser settings, we need a firewall rule:
if_lan=eth0
iptables -t nat -A PREROUTING -p tcp -i $if_lan --dport 80 -j
REDIRECT --to-port 8080
The rules says: for the request received on eth0 with destination
port 80, change the destination port to 8080.
That way, the will sent to danguardina listening port.
Danguardina then will contact squid on localhost and it will process
the request.
This does not apply for localhost tough!
Than means all the thin client will also not be filtered!
I'm looking for a simple rule that redirects the requests made from
localhost to port 80, back to localhost port 8080.
It's pretty easy to generate a loop that way (you'll see lot's of
dansguardian processes in this case).
I searched a lot and tested several rules but without luck.
I can tell you that, if I set 127.0.0.1:8080 in the thin client
browser options, dansguardian works fine.
Thank you.
More information about the edubuntu-users
mailing list