Did you know LQ has a Linux Hardware Compatibility List?
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 03-18-2008, 12:24 PM   #1
Senior Member
Registered: Feb 2003
Location: Washington D.C
Posts: 2,145

Rep: Reputation: 59
SQUID/Dansguardian Proxy configuration and problems downloading updates.

I have a small network that has only one subnet. My problem is that my users internet is somewhat slow and it will not allow any downloading of files to occur. Even if I allow the remark out the address in Dansguardian/exceptioniplist file is still will not allow unlimited downloading of any type such via ftp,http and etc. So this is where I suspect that it is SQUID.Here is the current configuration from squid.conf:

PHP Code:
http_port 3128
hierarchy_stoplist cgi
-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
acl apache rep_header Server 
broken_vary_encoding allow apache
cache_dir ufs 
/var/spool/squid 100 16 256
/var/log/squid/access.log squid
^ftp:           1440    20%     10080
^gopher:        1440    0%      1440
.               0       20%     4320
#Recommended minimum configuration:
acl all src
acl lan src
acl manager proto cache_object
acl localhost src
acl to_localhost dst
acl SSL_ports port 443
acl Safe_ports port 80          
# http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
# Only allow cachemgr access from localhost
http_access allow lan
http_access allow manager localhost
http_access deny manager
# Deny requests to unknown ports
http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
# And finally deny all other access to this proxy
http_access allow localhost
http_access deny all
http_reply_access allow all
#Allow ICP queries from everyone
icp_access allow all
visible_hostname Mindyourbizz
This is what happen when I try and download xinetd from the centos website. This is snippet from my /var/log/squid/access.log

PHP Code:
[[B^[[B1205866146.625    461 TCP_CLIENT_REFRESH_MISS/200 127022 GET - DIRECT/ audio/x-pn-realaudio-plugin 
I am able to download certain format but not others. I have checked my /etc/danguardian/bannedextentionlist and others and everything is ok so what could it be?

Can anyone give me any feedback? thanks

Last edited by metallica1973; 07-11-2008 at 10:05 PM.
Old 03-22-2008, 05:38 PM   #2
Registered: Jun 2003
Location: USA, Missouri
Distribution: mandriva , Kubuntu, MEPIS
Posts: 140

Rep: Reputation: 15
Have you checked the MIME types exceptions and/or blocks in DansGuardian? Depending on where/how you got your blacklists, they could be locked down pretty hard.

Hope this helps...

Old 03-27-2008, 04:30 PM   #3
Senior Member
Registered: Feb 2003
Location: Washington D.C
Posts: 2,145

Original Poster
Rep: Reputation: 59
To make a long story short, I had installed dansguardian via a tar and didnt pay any attention to error running make test. It was dansguardian that was causing the issue. I guess next time I will play close attention the the install of programs.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
squid proxy server configuration & distribution of internet without proxy gaurav_gupta082 Linux From Scratch 2 07-31-2010 11:25 AM
Proxy won't let me connect, iptables, squid and dansguardian hindenbergbaby Linux - Networking 4 12-02-2009 03:45 AM
IPTABLES, SQUID, DANSGUARDIAN and Transparent Proxy metallica1973 Linux - Networking 18 09-03-2007 07:17 PM
squid (Transparent proxy) & Dansguardian metallica1973 Linux - Security 8 12-15-2005 07:52 PM
Proxy Server - Squid, Samba, Dansguardian RedCamel Linux - Security 0 03-14-2005 02:16 AM

All times are GMT -5. The time now is 07:05 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration