> What is the output of "iptables -t nat -L -v" > I can't cite any explicit benefits as this is my first XS install and my first time using Dansguardian. I'm still getting used to iptables and the wonderful science of redirecting packets. Google led me to believe this is the best way to do it so folks have no chance of circumventing DG.
# sudo iptables -t nat -L -v ======================================== Chain PREROUTING (policy ACCEPT 1643 packets, 150K bytes) pkts bytes target prot opt in out source destination 2562 138K REDIRECT tcp -- lanbond0 any anywhere anywhere tcp dpt:http redir ports 3128 0 0 REDIRECT tcp -- mshbond0 any anywhere anywhere tcp dpt:http redir ports 3128 0 0 REDIRECT tcp -- mshbond1 any anywhere anywhere tcp dpt:http redir ports 3128 0 0 REDIRECT tcp -- mshbond2 any anywhere anywhere tcp dpt:http redir ports 3128 Chain POSTROUTING (policy ACCEPT 10613 packets, 544K bytes) pkts bytes target prot opt in out source destination 4233 282K MASQUERADE all -- any eth0 anywhere anywhere Chain OUTPUT (policy ACCEPT 12189 packets, 670K bytes) pkts bytes target prot opt in out source destination 2037 122K ACCEPT tcp -- any any anywhere anywhere tcp dpt:http owner UID match squid 119 7140 ACCEPT tcp -- any any anywhere anywhere tcp dpt:squid owner UID match squid 96 5688 REDIRECT tcp -- any any anywhere anywhere tcp dpt:http redir ports 8887 17 940 REDIRECT tcp -- any any anywhere anywhere tcp dpt:squid redir ports 8887 ======================================= As you can see, everything 'should' be being redirected from squid to dansguardian. Before the upgrade, this worked flawlessly, so something got mixed up with the new configs. It seems to be ignoring the last rule in the OUTPUT chain. Again, squid access.log reports normal activity, but dansguardian access.log isn't touched. This is why I love gentoo cause you know everything that goes into your build, so troubleshooting is a snap. These highly customized builds that run off an array of scripts can be tough to navigate unless you are very familiar how everything works. _______________________________________________ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel