[ubuntu-uk] Dans Guardian help?
Darren Mansell
darren.mansell at opengi.co.uk
Wed Sep 5 09:05:32 BST 2007
> Thanks Chris (and Rob).
> I am beginning to get the idea I think. Am I correct in believing that
> the Filtering Machine is just 'somewhere' on the LAN as usual, and
> that the users machines are then configured to point to it, so LAN
> cabling is not affected?
>
> Also, is the arrangement fragile in some way - say, in that if for
> some reason the filtering machine is not running first, then things
> get really screwed up? Or does it all later settle down automatically
> when the filtering machine is later turned on?
> --
> alan cocks
> Kubuntu user#10391
>
to add to the stuff thats already been said, I used DansGuardian as a
transparent proxy, its very easy and just needs 1 iptables rule:
/sbin/iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j
REDIRECT --to-port 8080
then set iptables to block 3128 for squid and no-one will know they are
being content filtered and proxied until it tells them they can't access
a certain page.
This also means you don't have to go around setting everyones proxy
manually, but this only works if you have squid/dansguardian running on
the default gateway for the network. (and dont forget to add transparent
into squid.conf so the line is like this:
http_port 3128 transparent
)
More information about the ubuntu-uk
mailing list