On Fri, Aug 21, 2009 at 10:24 AM, Walubengo J <jwalu@yahoo.com> wrote:
i will check. but my understanding was that there is a link btw squid and dansgaurdian and indeed only localhost 127.0.0.1 is configured to run squid -the other IPs being denied since they get access via dansguardian. so am a bit suprised to see foreign IPs.
In that case, can we take a look at your squid.conf, dansguardian.conf and perhaps the firewall/NAT rules? egrep -v '^[[:space:]]*(#|$)' /path/to/squid.conf If you have something like: http_port 3128 transparent That means squid is binded (forget the English here) to all IPs on that host, so port 3128 must be closed from outsiders. If you have "filterip = " in dansgurdian.conf, it also means that DG is binded to all IPs and I can simply configure my browser (or even my proxy) to connect to your host on whatever port is open and I use your bandwidth. So I suggest that at the very first level, ensure that you have: http_port a.b.c.d:3128 transparent And in DG, have filterip = a.b.c.d (where a.b.c.d is the private IP of the host running DG) Then check your firewall rules to see if any rule might be causing the circumvention. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ "If you have nothing good to say about someone, just shut up!." -- Lucky Dube