Koozali.org: home of the SME Server
Obsolete Releases => SME 7.x Contribs => Topic started by: GlitchFreak on January 27, 2009, 04:05:15 PM
-
Hey everyone
I setup my clients box to use NCSA auth to access the web. They need to manually setup proxy settings to enable the auth procedure.
I disabled transarent proxy for this reason.I f the user disables the proxy settings in the web browser, they can access the web without authentication.
Any pointers please?
Thanks!
-
Hi,
Assuming you went with Dansguardian, then http://wiki.contribs.org/Dansguardian#Configuring_your_system_to_force_Dansguardian_usage_.26_prevent_bypassing
-
Have already done so...
[root@gateway ~]# config show squid
squid=service
EnforceSafePorts=no
RequireAuth=nsca
SafePorts=21,70,80,81,119,210,443,563,980,1024-65535
TCPPort=3128
TCPProxyPort=80:3128
Transparent=no
TransparentPort=8080
access=private
status=enabled
[root@gateway ~]# config show dansguardian
dansguardian=service
portblocking=yes
status=enabled
That is why I find it bizarre that they are able to access the web
-
very strange, my setup is the same and works fine.
Do you see activity when reading the squid and dansguardian logs?
-
http://bugs.contribs.org/show_bug.cgi?id=4820#c5
the workaround is don't disable transparent proxy
then 80 diverts to 3128
and enable portblocking
3128 is blocked
-
Thanks snoble. Will give it a shot and report back...
On a side note, should this not be included in the wiki?
-
Looks like the fix worked.
Thanks SNoble
-
Updated the wiki; see http://wiki.contribs.org/Dansguardian#Configuring_your_system_to_force_Dansguardian_usage_.26_prevent_bypassing
-
Thanks David. :grin: