i'll go with the server and ebox for now. it was me who suggested this whole solution so i guess its only fair i do the admin for it for now.
but thanks for ebox/webmin idea, i guess i could always do an smb share to the whitelist folder and let people update it themselves
Ok a bit of a break in replying.
After a lot of thinking, playing around with stuff and talking to the local top geeks in the area. I have decided to go with ISA server on Server 2008.
Total licence cost is around the £90 mark (love education licences, got to confirm this btw) and it just works. Not even that difficult to set up.
Its certainly easier to get working than squid was and so far has not caused any issues.
Editing dansguardian whitelists is not terribly difficult though. Your colleagues need to know which are the appropriate files, how to navigate to them and how to edit them correctly. I use mc sometimes and nano sometimes via ssh. mc is great for this kind of thing, because it's visual. I'm sure your colleagues will get the hang of it quickly. How will they restart the dansguardian service to reload the new lists? I don't know what gui service controls there are for Ubuntu, but typing /etc/init.d/dansguardian restart on the cli is pretty quick imo.
Anyway, hope you have great success with your project.
Try this instead if your just updating the white/black/grey lists./etc/init.d/dansguardian restart
This way, current connections don't get dropped on the floor.Code:dansguardian -g
ok i got the server up and running today, ebox/dansg/squid installed
eth0 connected to bt router, with ip of 192.168.1.2
eth1 connected to switch with ip of 192.168.1.3
firstly, with both IPs set, i cant browse the internet and internal hosts, im guessing it uses one ip for both and that wont work. is there any way i can specify eth0 is only to be used for web requests and eth1 is to be used for internet requests?
secondly if i forward all traffic from eth1 on port 80 to eth0 on 3128 so it goes via squid, how do i implement dansg? cos it needs an ip/port to listen on, and if i set it to eth1:80 to listen on, wouldn't that then mean that nothing gets redirected, or will it filter then redirect?
haven't done any conf file edits yet, so if anybody would be willing to help me out id be very grateful. basically we just want any pda on the 192.168.1.x ip range (set via dhcp on ubuntu) to have access to the internet with dansg and squid in between in transparent mode.
sorry if im going over things more than once, im simple :P
Internet > BT Router > eth0 (192.168.1.2) > Ubuntu server > eth1 (192.168.1.3) > switch > wireless AP > PDAs
so all internal traffic (PDAs, wireless APs) would be hitting eth1, and all internet traffic would hit eth0.
But when both are plugged in, and I try to get on either an AP or the net, it hangs, unplug eth0 and i can see the router, unplug eth1 and i can see the internet. Obviously I'll need both to work together.
If anybody is available to hit me up on MSN and give me a hand to go through things I'd love it (Keegan style!). Mainly just with getting both cards working in unison, and getting squid/dansg working together with squid being transparent.
I am very novice at this myself, but I was under the impression that both cards couldn't be on the same subnet. Perhaps someone can confirm (or otherwise)
andy, this is why i need help :P
do you need to do aperhaps?Code:echo 1 > /proc/sys/net/ipv4/ip_forward
xxxxxxxxx <- theres your comment
xxxxxx<- theres my head
not that it'd matter anyway with EMBC
This page has been blocked because it has been categorised as Match Making
The web page you were trying to visit has been blocked by the Internet filtering system.
You wouldn't believe how many women melt when I tell them about configuring IP forwarding in a Linux environment
There are currently 1 users browsing this thread. (0 members and 1 guests)