Thank you. That seems to work! (You have to hand edit the dansguardian.conf file to make it work, but it's there!)That way I can still view activity based on the actual client machine in the sarg report. (since there is no reporting based on the dansguardian log files this works quite well. As a side note there was an option added to allow dansguardian format it output in a format that sarg can process as well.)
http://dansguardian.org/downloads/squidxforwardloggingpatch25S1.txt
-randy
ok, use the latest squid, DansGuardian and naat packages .. I have applied the patch ...
A couple of notes....
The setup seems to go much smoother it finds the interface cards fine. However it seems to believe that the administrative interface is eth0 and won't let you change it! ( my system has the internal interface on eth1 )
In the default rules there is an entry in the shorewall rules file for ftp.mnf.mandrake.com on all high ports. That might take some folks by surprise. Plus if it can't be resolved shorewall will fail.
For some reason httpd2-naat is not started by default.
The really odd and somewhat disconcerting item is that I cannot get into the system via ssh. At first I thought it was a missing rule, which I added but no joy and I can't seem to find any log entry to show what is wrong... :-(
One question which I've always wanted to ask...
I have things setup where I have two forms of transparent http proxying:
1. DHCP served IP addresses which are in a specific ranges are re-directed straight to squid, bypassing Dansguardian. (These are 'trusted' machines. ) (port 8080)
2. All other IP Addresses are routed to the default transparent proxy setup (port 3328)
Now what I've always wanted to do is to be able to put the first one in via the http interface, in a fashion like the MNF created proxy:
25 REDIRECT lan 3328 tcp www all
However I want to do the following:
24 REDIRECT lan:192.168.200.64/29 8080 tcp www all
The problem is that I can't do the 8080 in the GUI without adding fw: to it. When I do it like that shorewall fails to restart.
-randy
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
