You mean to say that the mailing sites are being banned by dans? That could be possible if you have not taken into consideration dans when you configured squid. You will need to configure dans to bypass the mailing site that you want to access by putting it in exceptionsitelist file.

hi,

If in your office same thing is running please send me all configuration and cod.
this will be appreciable.

Everyones need is different and so are the server configurations. You need to look into it what is your need and then chalk out the policies that you need to make and then configure your server that way. Me sending you the configuration would not work for you.
Do not go over board and first try if squid is working. Then try is dans is working. Then make a very simple squid acl and then look if it is working. Go slow and step by step and you will have a working server.

Hi,
Acording to your old thread your and me requirement is same please send me all required conf and code if you can.Why do you use proxy on client side.Only i am not able to allow selected ip for mailing site, according to your old thread you have done this and you are using both acl(dans and squid) togather.Help of your all documentation i can check step by step.

I do not use proxy on client side. And how do I use it? If you mean to say configure the web browser, then I do not. I have pretty much working transparent squid with dans.(touch wood).
Can you elaborate why you think squid acl are not working? If you think that though you have allowed some sites in squid but are getting blocked by dans, then it will if they are not allowed in dans. Look into dans what you have allowed and what you have not. I doubt your configuration is not working but I guess it is your feeling that it is not. If dans is blocking some thing then you will need to allow it from your configuration files explicitly.

Hi,

I have checked my all configuration throughly.Please send me your all configuration step by step from squid server to desktop then i could match with you.I ahve already send my all configuration.

You are still not answering my question and hell bent on my configuration. My configuration is not much different than yours. What I need to know is what is that is not working for you and how do you come conclusion that your access controls are not working. There is no meaning in matching my configuration with yours. That will not solve your problems long time.
Tell me one thing, the mailing sites that you want to allow are banned by squid or dans? Once you get to this you will have less difficulty.

Hi,
dans is blocking.your mentioed code is allowing all site (acl allowed_stations src 192.168.2.* - 192.168.2.*) on this ip i want to allow only mailing site on particular ip.in my setup when i transfer traffic to 8080 then dand is applying and when i transfer traffic to 3128 then squid is applying.

Do you know why dans is blocking? And can you give what error dans is giving you? You will need to configure dans separately than squid. Dans will not follow squid acl.
If you want to allow mailing sites on some set of ips then you can do that this way

But take care than dans will also allow the mailing sites. I doubt that problem is what you said to be. But it lies in the configuration. You think squid acls are not applied but I guess this is because dans is more restrictive than squid.

Hi,

I have done this you can check in my posted code.only problem is this when i transfer traffic to 3128 then squid acl is applying and when i transfer traffic 8080 then dans is aplying.i have configure dans as full access mode for mailing site in banedsite file .if any other idea regarding dans config please share with me.

No, you dont have to configure bannedsitelist file. If you want to allow some site then you will have to allow it through exceptionsitelist file.
I am still confused how did you get to the conclusion that only one set of control lists are being applied.

Compile and install squid with the "--enable-follow-x-forwarded-for" option.
This helps squid to parse the X-Forwarded-For headers to find the IP address of the original (or indirect) client and apply the ip based acls set in your squid config. file.
Without this option enabled, if you check the squid access log, the only ip address that you can see is either the ip of your dansguardian server or 127.0.0.1 and not the original client machine's ip address. This is why your IP based acls in squid fail to work.

To fix it :
Turn on the option "forwarded_for" in squid.conf
Add the following acl lines in squid.conf :

acl my_other_proxy srcdomain <your.proxy.server/domain.name>
follow_x_forwarded_for allow localhost
follow_x_forwarded_for allow my_other_proxy

Set the option forwardedfor = on in the dansguardian.conf file.

Restart the services and that's it ...

hi,

Plz let me the steps to block adult sites using dansguardian

i need a proper guidence on how to block all the restricted sites using dansguardian
is dansguardian has the default site blocking? or it has to be manually edited

Open your own thread, for your own questions. This thread is from last year, and you're trying to hijack it. Also, spell out your words.

If you want information on setting up Dansguardian, there's plenty you can find on Google.