LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 06-23-2008, 05:55 PM   #1
jimbo1954
Member
 
Registered: Oct 2006
Location: High Wycombe, Bucks, UK.
Distribution: Debian and Fedora Core in equal measure
Posts: 264

Rep: Reputation: 33
Dansguardian Nightmare


Guys,
I'm having a bit of a 'mare with Dansguardian. I want to run dansguardian integrated with Squid, and as far as it goes, that works just great. If I browse to www.bbc.co.uk, I get the page I request, when I try to browse to www.playboy.com, I get an appropriate block message. However, when I try to make the integration between Dansguardian and ClamAV work, I get a problem.

If I try to go to the EICAR page and download a test virus, its clear that the virus is detected by ClamAV. Instead of getting the file downloaded, or the normal block page, it tries to go to http://yourserver.yourdomain/cgi-bin.../eicar.com.txt
which of course doesn't work because yoursever.yourdomain doesn't resolve to anything, so I get an error from Squid (Can't find the webpage, which is correct, as far as it goes).

OK, you may suggest I look in dansguardian.conf, and adjust the line where it says:
accessdeniedaddress ='http://YOURSERVER.YOURDOMAIN/cgi-bin/dansguardian.pl'
to indicate a proper address so I tried that, but it doesn't make any difference, I still get the same behaviour.

I found some hints....the file dansguardian.conf is looking for "YOURSERVER.YOURDOMAIN" (upper Case) before you change it to a proper name/address, but the browser output indicates "yourserver.yourdomain" (lower case), so the URL that Dansguardian is feeding to squid, (and squid is failing to find) is clearly not coming from the dansguardian.conf file.

I can replicate this on both the latest, fully patched Ubuntu or Debian.

If I could just find where in DansGuardian that the "yourserver.yourdomain" configuration is located, I may be able to make progress, but I can't find it despite significant time looking, and I've run Google thin looking!

any suggestions?

Cheers

Last edited by jimbo1954; 06-23-2008 at 06:00 PM.
 
Old 06-23-2008, 06:00 PM   #2
billymayday
LQ Guru
 
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122
I'm not sure if your logic is correct. If I browse to

http://ww1.SDJSD.com/

I'm told that

http://ww1.sdjsd.com/

doesn't exist, so perhaps firefox's fingers just don't reach the shift key.
 
Old 06-23-2008, 06:06 PM   #3
jimbo1954
Member
 
Registered: Oct 2006
Location: High Wycombe, Bucks, UK.
Distribution: Debian and Fedora Core in equal measure
Posts: 264

Original Poster
Rep: Reputation: 33
I see your point, but when I change the "YOURSERVER.YOURDOMAIN" to "192.168.123.88" (the private network address of my server), the URL that DansGuardian is asking Squid to get when DansGuardian has detected a virus in the download is still "yourserver.yourdomain", thus proving that the field in dansguardian.conf is nor being applied (and yes, I did restart Dansguardian )
 
Old 06-23-2008, 06:34 PM   #4
billymayday
LQ Guru
 
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122
How about

Code:
find /etc/dansguardian -type f | xargs grep yourserver
(substitute correct path in place of /etc/dansguardian as necessary)
 
Old 06-24-2008, 02:12 PM   #5
jimbo1954
Member
 
Registered: Oct 2006
Location: High Wycombe, Bucks, UK.
Distribution: Debian and Fedora Core in equal measure
Posts: 264

Original Poster
Rep: Reputation: 33
You suggested I try:

find /etc/dansguardian -type f | xargs grep yourserver

Sorry...I'm having a "blond" moment! Not sure what you're trying to achieve with this...can you spell it out, its been a long day!

Cheers
JB
 
Old 06-24-2008, 05:02 PM   #6
billymayday
LQ Guru
 
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122
search the dansguardian files for the text "yourserver" to see where it's configured. No idea what directory to start in though (ie, I doubt /etc/dansguardian is the right place)
 
Old 07-26-2008, 03:56 PM   #7
jimbo1954
Member
 
Registered: Oct 2006
Location: High Wycombe, Bucks, UK.
Distribution: Debian and Fedora Core in equal measure
Posts: 264

Original Poster
Rep: Reputation: 33
Fixed!

The problem turned out to be my stupidity! I was building and testing this setup behind a bastion device also running Squid and DG. Do the thing on the inside of the firewall, but not behind Squid/DG...works fine! D'Oh!

Thanks for all suggestions
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Dansguardian deadeye16 Linux - Security 1 04-04-2007 04:35 PM
Dansguardian Thakowbbery Linux - Networking 0 11-09-2006 12:32 PM
using DansGuardian Trio3b Linux - Security 4 12-02-2005 04:18 AM
Dansguardian jomy Linux - Networking 2 11-27-2005 10:56 AM
Dansguardian mahmoudkhn Linux - Networking 4 12-20-2004 07:15 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 07:29 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration