On Fri, Aug 21, 2009 at 9:32 AM, Walubengo J <jwalu@yahoo.com> wrote:
hey,
I have a basic traditional NAT setup of squid+dansguardian on Linux Ubuntu 8.10. Squid as the proxy and dansguardian as the content manager. My network has suddenly started crawling and /var/log/dansguardian/access.log shows foreign IPs riding on my bandwidth and visiting graphic porn sites with impunity.
Could someone give pointers on where I need to tighten the configs to keep off the external bad boys and girls (IPs) from the riding my proxy server?
Hi Walu, Ensure the following: 1. Your squid port (3128 or whatever you changed it to) is not open from outside. Block it from the firewall. You could as well let squid listen only on the private IP. 2. Ensure that DG port is also blocked from outsiders. Don't leave the "filterip =" in dansguardian.conf blank (which is the default). Bind it to the private IP of the host machine. If those two and what Alex Nderitu has detailed are observed and you still see foreigners using your bandwidth, then check if some other application/port is being abused on that host. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ "If you have nothing good to say about someone, just shut up!." -- Lucky Dube