not at all, in fact you should actually be doing the same thing with squid...and in your squid.conf file set these options:

Once I did the daemonuser and group commands, and created that user and group, I get an error when I try to restart the dansguardian daemon. It gives me this:

./dansguardian restart
Shutting down dansguardian: [ FAILED ]
Starting dansguardian: Error opening/creating log file. (check ownership and access rights).
I am running as dansguardian and I am trying to open /var/log/dansguardian/access.log
[ FAILED ]

It also happens if I su to dansguardian first.

oh yeah, and the same would go for squid, you'd need to change the ownership of the cache and log directories... depending on where you have them, it would go kinda like:BTW, these are the kinda things that you wanna do *after* shutting-down the daemons...

Still no good...

basically, my main concern is/was the ownership of your dansguardian binary and the fact you are/were running it as root... like, cuz it might be what's causing the odd non-filtering behavior... of course it's just a shot in the dark... i'm actually quite dumbfounded about this dansguardian issue...

shucks... =(

does the same problem occur if you use dansguardian from the local machine??

I do appreciate your help. I have run all of your commands verbatim and have restarted the daemons. This there any ls -l information that you would like to see to straighten out the possible ownership issue? Should I reinstall anything? Reboot?

Same issue exists when I put the local machine on the proxy.

i mean, like, using a browser on the same machine which DG and squid are running on... like, telling the browser to use proxy 127.0.0.1:8080 and stuff...??

I put the "server" itself on the proxy. I actually used the public address 192.168.111.46 as when I tried the loopback, squid gave me an access denied page. I never put the loopback address in the ACL in squid. Also, I am using port 3128. If I use 8080, squid gives me an access denied page.

basically you just need to have an ACL for 127.0.0.1 in your squid.conf... this is due to the fact that all requests to squid will be coming from the dansguardian which is running on the same box... so squid in this case won't care about your LAN IPs... an ACL like this in your squid.conf should suffice:seems like you already have that, but now that you mention it, it doesn't look like you have the respective "allow" for it, which would look like:you should double-check that...

having said that, squid should be listening on port 3128, while dansguardian listens on port 8080... so since squid's ACL's only allow connections from 127.0.0.1 (localhost) then trying to connect directly to 3128 from a client will fail, which is a good thing in this case... they are forced to use port 8080 which will be the content-filter...

Okay, we are making progress. Now if I point the browser to port 3128, squid will give me an access denied page, while is I point it to 8080 everything is allowed. I had the 192.168.111.0 subnet allowed in squid and the localhost disallowed. I reversed that now. Since I had the whole port thing messed up (and in effect the relationship btwn squid and dansguardian) perhaps that is the root of the problem. Is there any thing else I should look at regarding ports and how dansguardian and squid communicate?

seems like everything should be okay and stuff... i mean, your dansguardian was definitely aware of the setup and stuff:as you can see it knew it was to listen on port 8080 and it knew it was to communicate with squid on port 3128 of the localhost...

ok. Perhaps a reinstall of the software is called for?