How to Pfsense + external squid transparent proxy + dansguardian

 

In this tutorial will guide throught how to set up Pfsense + external squid transparent proxy + dansguardian.

In this guide I use Pfsense with newest version, squid and dansguardian running on Centos 5.x. Same configuration on ubuntu.

Squid proxy ip : 10.0.10.3 port 3128

Dansguardian : port 8081

 

+ First we will setup Pfsense:

le0 = external interface with ip 192.168.29.1

le1 = internal interface with ip 192.168.10.201

You can go to http://doc.pfsense.org/index.php/Tutorials to get how to install Pfsense. It quit easy, will not show here.

+ Sencond we get Squid + Dansguardian for Centos :

yum install squid dansguardian

Squid config file

After install we change something on squid.conf file. ( /etc/squid/squid.conf)

http_port 10.0.10.3:3128 transparent
visible_hostname SQUID
cache_mem 512 MB
cache_dir ufs /srv/squid/cache 10000 16 256
access_log /srv/squid/logs/access.log squid
cache_log /srv/squid/logs/cache.log
cache_store_log /srv/squid/logs/store.log
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl Safe_ports port 80        # http
acl Safe_ports port 21        # ftp
acl Safe_ports port 443        # https
acl Safe_ports port 70        # gopher
acl Safe_ports port 210        # wais
acl Safe_ports port 1025-65535    # unregistered ports
acl Safe_ports port 280        # http-mgmt
acl Safe_ports port 488        # gss-http
acl Safe_ports port 591        # filemaker
acl Safe_ports port 777        # multiling http
acl CONNECT method CONNECT

acl MyNetwork1 src 192.168.29.0/255.255.255.0
http_access allow  MyNetwork1
always_direct allow all
icp_access allow all
http_access deny all
refresh_pattern ^ftp:        1440    20%    10080
refresh_pattern ^gopher:    1440    0%    1440
refresh_pattern .        0    20%    4320
coredump_dir /var/spool/squid

Dansguardin config file: (/etc/dansguardian/dansguardian.conf)

For basicallly I use the default config on dansguardian just modify some to make it connect to squid.

Find these configs and replace with your config below

# the port that DansGuardian listens to.
filterport = 8081

# the ip of the proxy (default is the loopback – i.e. this server)
proxyip = 10.0.10.3

# the port DansGuardian connects to proxy on
proxyport = 3128

Ok . Now we start squid and dansguardian

/etc/init.d/squid restart ; /etc/init.d/dansguardian restart

Now we go back to Pfsense and do some change on this box.

- First we go to /etc/default/rc.conf
Find the this :

natd_flags=”";

and replace with this :

natd_flags=”-f /etc/natd.conf”

OK /etc/natd.conf should look like this

interface re0
use_sockets yes
dynamic yes
redirect_port tcp 10.0.10.3:8081 80

This will redirect all traffic www to 8081 on box 10.0.10.3 running Squid and dansguardian.
Done.
Source from Linux tutorial
How to Google Hacking ?