Re: HOWTO: Install Dansguardian on a single desktop
Unfortunately not (without hacking into the scripts which probably isn't what you want to do!). The only option is to use synaptic and opt to "completely remove" dansguardian, firehol, and tinyproxy then restart and start fresh with the script to do a new install.
--Tony
Re: HOWTO: Install Dansguardian on a single desktop
I am admitting that I am not using Ubuntu, but I am desperate. This posting is about the only one I have found regarding this topic. I am using a 2.6.17.11-shl-up-1 Kanotix kernel KDE 3.5.4 GUI. I am conected through a hub to a M$ box which is connected to a printer. I can get firehol working fine on its own, but as soon as I try to get tinyproxy and dansguardian running, all I get is DansGuardian: Error connecting to parent proxy. I read somewhere that you could run dpkg-reconfigure and it could do some of the work for you and I get chown: `dansguardian.dansguardian': invalid user. I figure it has to do with firehol, but I have no idea where I am going wrong, and the firehol site just tells you to read the readme file, which is fine if you know what you are doing and doing an advance setup, but all I want is for the internet connection, dansguardian, tinyproxy cups and samba to work. Is it at all possible to give me some aid? This is a grep of my firehol setup:
version 5
iptables -t filter -I OUTPUT -d 127.0.0.1 -p tcp --dport 3128 -m owner ! --uid-owner dansguardian -j DROP
transparent_squid 8080 "proxy root"
interface any world
policy drop
protection strong
client all accept
server cups accept
#From here on is what I needed to get firehol to work without tinyproxy and dansguardian. I hope this helps with solving what I need. I do understand that this section cannot remain the same.
interface eth0 lan src "192.168.7.0/24" dst 192.168.7.151
policy drop
server ICMP accept
server cups accept
server dns accept
server microsoft_ds accept
server ntp accept
server samba accept
server ssh accept
client all accept
interface eth0 internet src not "${UNROUTABLE_IPS} 192.168.7.0/24" dst 192.168.7.151
policy drop
protection strong
server ICMP accept
server cups accept
server dns accept
server microsoft_ds accept
server ntp accept
server samba accept
server ssh accept
client all accept
Re: HOWTO: Install Dansguardian on a single desktop
OK I have updated the first post with instructions on how to use with other networked systems.
--Tony
Re: HOWTO: Install Dansguardian on a single desktop
tonhou,
Nice howto, thank you!
You may wish to point out for those unfamiliar with the inner workings of Firefox, myself included, that the firefox.cfg file mentioned is an encoded file which Firefox can use to implement systems wide configuration variables. This file must be encoded, however, for Firefox to use it.
For additional information, see:
http://togami.com/%7Ewarren/guides/mozlockdown/
http://archives.seul.org/seul/edu/Ja.../msg00049.html
http://alain.knaff.lu/howto/MozillaC...on/locked.html
Thanks again.
Re: HOWTO: Install Dansguardian on a single desktop
Thanks for the kind comments.
When I first began looking at locking the prefs I read up about such things but found the Ubuntu Firefox cfg is not encoded - by default it has an entry to disallow upgrading, presumably so it can only happen through the official repositories - but no it is not encoded, at least not in Dapper.
--Tony
Re: HOWTO: Install Dansguardian on a single desktop
This worked perfectly for me. Thanks a lot.
I was amazed to see it works for automagically
all browsers.
Re: HOWTO: Install Dansguardian on a single desktop AND for a network
Is this setup suitable for a webserver? If this fine, then I can go for it. :) Any body have tried it on webserver?
Re: HOWTO: Install Dansguardian on a single desktop
Quote:
Is this setup suitable for a webserver? If this fine, then I can go for it. Any body have tried it on webserver?
Sorry, we would need to know a bit more clearly what you mean. Can you clarify what you want to do.
--Tony
Re: HOWTO: Install Dansguardian on a single desktop
Sorry! I'm just having breakfast.
Actually I just installed Ubuntu Server 6.06LTS into CPU1. My CPU1 acting like a router.
ISP->ADSL_modem->CPU1_NIC_eth0->CPU1_NIC_eth1->Switch_Hub->Workstations
As you can see, the above line, I have two NIC cards connected to my CPU1. So is your configuration is suitable for this type of connection?
Thank you.
Re: HOWTO: Install Dansguardian on a single desktop
I think there are a few complications there if you mean installing on your cpu1.
You can have one of your workstations do the filtering and other systems point to it as explained in the first post above, but this requires that it always be on so that other systems can access it.
There are probably more efficient ways to have a filtering system on a server using something like ClarkConnect which will run dansguardian and offer other firewall features.
--Tony