[ubuntu-uk] Dans Guardian help?

Darren Mansell darren.mansell at opengi.co.uk
Wed Sep 5 09:05:32 BST 2007


> Thanks Chris (and Rob).
> I am beginning to get the idea I think. Am I correct in believing that 
> the Filtering Machine is just 'somewhere' on the LAN as usual, and 
> that the users machines are then configured to  point to it, so LAN 
> cabling is not affected?
> 
> Also, is the arrangement fragile in some way - say, in that if for 
> some reason the filtering machine is not running first, then things 
> get really screwed up? Or does it all later settle down automatically 
> when the filtering machine is later turned on?
> -- 
> alan cocks
> Kubuntu user#10391
> 

to add to the stuff thats already been said, I used DansGuardian as a
transparent proxy, its very easy and just needs 1 iptables rule:

/sbin/iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j
REDIRECT --to-port 8080

then set iptables to block 3128 for squid and no-one will know they are
being content filtered and proxied until it tells them they can't access
a certain page.

This also means you don't have to go around setting everyones proxy
manually, but this only works if you have squid/dansguardian running on
the default gateway for the network. (and dont forget to add transparent
into squid.conf so the line is like this: 
http_port 3128 transparent
)





More information about the ubuntu-uk mailing list