LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 03-18-2008, 12:24 PM   #1
metallica1973
Senior Member
 
Registered: Feb 2003
Location: Washington D.C
Posts: 2,113

Rep: Reputation: 57
SQUID/Dansguardian Proxy configuration and problems downloading updates.


I have a small network that has only one subnet. 192.168.3.0/27. My problem is that my users internet is somewhat slow and it will not allow any downloading of files to occur. Even if I allow the remark out the address in Dansguardian/exceptioniplist file is still will not allow unlimited downloading of any type such via ftp,http and etc. So this is where I suspect that it is SQUID.Here is the current configuration from squid.conf:

PHP Code:
http_port 3128
hierarchy_stoplist cgi
-bin ?
acl QUERY urlpath_regex cgi-bin ?
cache deny QUERY
acl apache rep_header Server 
^Apache
broken_vary_encoding allow apache
cache_dir ufs 
/var/spool/squid 100 16 256
access_log 
/var/log/squid/access.log squid
refresh_pattern 
^ftp:           1440    20%     10080
refresh_pattern 
^gopher:        1440    0%      1440
refresh_pattern 
.               0       20%     4320
#Recommended minimum configuration:
acl all src 0.0.0.0/0.0.0.0
acl lan src 192.168.3.0
/27
acl manager proto cache_object
acl localhost src 127.0.0.1
/255.255.255.255
acl to_localhost dst 127.0.0.0
/8
acl SSL_ports port 443
acl Safe_ports port 80          
# http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT
# Only allow cachemgr access from localhost
http_access allow lan
http_access allow manager localhost
http_access deny manager
# Deny requests to unknown ports
http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
# And finally deny all other access to this proxy
http_access allow localhost
http_access deny all
http_reply_access allow all
#Allow ICP queries from everyone
icp_access allow all
visible_hostname Mindyourbizz
coredump_dir 
/var/spool/squid 
This is what happen when I try and download xinetd from the centos website. This is snippet from my /var/log/squid/access.log

PHP Code:
[[B^[[B1205866146.625    461 127.0.0.1 TCP_CLIENT_REFRESH_MISS/200 127022 GET http://sunsite.utk.edu/ftp/pub/linux/CentOS/5.1/os/i386/CentOS/xinetd-2.3.14-10.el5.i386.rpm - DIRECT/160.36.178.159 audio/x-pn-realaudio-plugin 
I am able to download certain format but not others. I have checked my /etc/danguardian/bannedextentionlist and others and everything is ok so what could it be?

Can anyone give me any feedback? thanks

Last edited by metallica1973; 07-11-2008 at 10:05 PM.
 
Old 03-22-2008, 05:38 PM   #2
edcutis
Member
 
Registered: Jun 2003
Location: USA, Missouri
Distribution: mandriva , Kubuntu, MEPIS
Posts: 140

Rep: Reputation: 15
Have you checked the MIME types exceptions and/or blocks in DansGuardian? Depending on where/how you got your blacklists, they could be locked down pretty hard.

Hope this helps...

Ed
 
Old 03-27-2008, 04:30 PM   #3
metallica1973
Senior Member
 
Registered: Feb 2003
Location: Washington D.C
Posts: 2,113

Original Poster
Rep: Reputation: 57
To make a long story short, I had installed dansguardian via a tar and didnt pay any attention to error running make test. It was dansguardian that was causing the issue. I guess next time I will play close attention the the install of programs.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
squid proxy server configuration & distribution of internet without proxy gaurav_gupta082 Linux From Scratch 2 07-31-2010 11:25 AM
Proxy won't let me connect, iptables, squid and dansguardian hindenbergbaby Linux - Networking 4 12-02-2009 03:45 AM
IPTABLES, SQUID, DANSGUARDIAN and Transparent Proxy metallica1973 Linux - Networking 18 09-03-2007 07:17 PM
squid (Transparent proxy) & Dansguardian metallica1973 Linux - Security 8 12-15-2005 07:52 PM
Proxy Server - Squid, Samba, Dansguardian RedCamel Linux - Security 0 03-14-2005 02:16 AM


All times are GMT -5. The time now is 02:02 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration