Koozali.org: home of the SME Server

Obsolete Releases => SME 7.x Contribs => Topic started by: Franco on August 23, 2006, 10:30:09 PM

Title: Dansguardian in Server-Only mode
Post by: Franco on August 23, 2006, 10:30:09 PM
As per RayMitchell instructions, to change the default port squid listens on:
Quote
On sme 7.0 you only need to do

db configuration setprop squid TransparentPort 8080

signal-event post-upgrade

signal-event reboot

 

unfortunatelly this isn't working for me in server-only mode for stations set to use proxy on port 3128.

Will these rules still work for me if I'm in server-only?
Code: [Select]
$OUT .= " /sbin/iptables --append Forward$AllowLocals -s $local -p tcp --destination-port 3128 -j DROP\n";

$OUT .= " /sbin/iptables --append Forward$AllowLocals -d $local -p tcp --destination-port 3128 -j DROP\n";

$OUT .= " /sbin/iptables --append Input$AllowLocals -s $local -p tcp --destination-port 3128 -j DROP\n";


Or should I make dansguardian listen on 3128 instead?

Thanks,
Title: Re: Dansguardian in Server-Only mode
Post by: raem on August 24, 2006, 05:37:25 AM
stuntshell

> unfortunatelly this isn't working for me in server-only mode for stations > set to use proxy on port 3128.

The workstations have to be changed to use port 8080 or set to auto detect the sme proxy.

I'm not sure of the server only ramifications, only tried it on gateway/server boxes.
Title: Dansguardian in Server-Only mode
Post by: cool34000 on August 25, 2006, 12:22:05 AM
Your workstations have to connect to it at port 8080

In server mode only, I cannot use 'auto detect proxy' on my m$ workstations, if I do that I have no content filtering.

You should also want not to use the proxy for local adresses, just check the box in the connexion panel.