[K12OSN] Locking Down Firefox
James P. Kinney III
jkinney at localnetsolutions.com
Thu Oct 5 20:06:16 UTC 2006
On Thu, 2006-10-05 at 08:32 -1000, R. Scott Belford wrote:
> James P. Kinney III wrote:
> >
> > The PREROUTING target doesn't exist in the default table filter. Sorry,
> > it needs to be:
> >
> > iptables -t nat -A PREROUTING .....
> >
> > Must specify the correct table to use (the one where the chain
> > PREROUTING is would be best :)
>
> Thanks, James. I think I have two lingering questions.
>
> Squidguard is on Port 3128 and dansguardian is on 8080. I have found
> that when I manually set the browsers to 3128, squidguard does not come
> in to play. Can I just set the firewall rules to 8080?
Yes. Dansguardian comes first in the chain of events. It seems backwards
to me as I would like the URL blocks first so I don't spend time
downloading anything that is going to thrown out anyway.
Look at this page:
http://dansguardian.org/downloads/DGandTransparent.txt
What you are doing is implementing a transparent proxy.
>
> Where do I put these additional rules so that they are loaded on each
> reboot?
>
> With Aloha
>
> --scott
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
--
James P. Kinney III
CEO & Director of Engineering
Local Net Solutions,LLC
770-493-8244
http://www.localnetsolutions.com
GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics)
<jkinney at localnetsolutions.com>
Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/k12osn/attachments/20061005/274f2c46/attachment.sig>
More information about the K12OSN
mailing list