<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN"> <HTML> <HEAD> <META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8"> <META NAME="GENERATOR" CONTENT="GtkHTML/3.2.5"> </HEAD> <BODY> Barry R Cisna <cisna-barry wc235 k12 il us> wrote: ... "DG will start doing its thing, providing you have the correct DG proxy number entered on your K12LTSP server for the clients to filter through. It would be something like <serveripaddress> port 8080 in your webbrowser. " ... I did it the hard way with config files. My recollection is that the key point was access control. You do not want students to change proxy settings in the browser to get around the filter. You can set your firewall to only accept port 80 requests from the user for squid. You can set access control for squid to only accept port 3128 requests from dansguardian. Then only port 8080 to dansguardian can get out. You can firewall to allow a privileged user like yourself to buypass dansguardian to permit .iso downloads and the like. You can also do this with port forwarding at the firewall but it made my head spin. It should be possible to configure a default user for settings like proxy and have everything done for users added afterward. In the lab, it is no problem to give instructions and have users set their browser, but you need automation for other users in the building. GNOME has such configuration tools but you must be consistent in creating users through GNOME to have it all work. I like to use the command line so I can create a file of user data and run a script over it. There is a mechanism in useradd to clone a home directory. <TABLE CELLSPACING="0" CELLPADDING="0" WIDTH="100%"> <TR> <TD> <PRE> -- A problem is an opportunity. </PRE> </TD> </TR> </TABLE> </BODY> </HTML>