[tproxy] Squid, TPROXY and SquidGuard
Mamadou Touré
e2ia.ci at gmail.com
Mon Aug 9 00:10:44 CEST 2010
hi all i'm about to implement a transparent content filtering using
squid tproxy and squidGuard.
I've tried this:
squid.conf:
++++++++++++++++++++++++++++++++++++++++++++
http_port 3129 tproxy
redirect_program /usr/local/bin/squidGuard -c
/usr/local/squidGuard/squidGuard.conf -d redirect_children 10
+++++++++++++++++++++++++++++++++++++++++++++++++
my squidGuard.conf
+++++++++++++++++++++++++++++++++++++++++++++++++++++
.....
dest porn {
domainlist porn/domains
urllist porn/urls
expressionlist porn/expressions
redirect http://localhost/denied.bl }
acl {
winxp_1 {
pass !porn any
}
default {
pass any
}
}
......
+++++++++++++++++++++++++++++++++++++++++++++++++++
HTTP traffic are redirect with:
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY
--tproxy-mark 0x1/0x1 --on-port 3129
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
I think that My traffic passthrougth squid.
Because my LAN machine can browse Internet.
But the contents are not filtered because the user can access porn site.
Also access are not logged in access.log.
Does some one already implement such config ?
Can someone help me?
regards.
More information about the tproxy
mailing list