Original post from http://ubuntuforums.org/showpost.php?p=1222237&postcount=21
Install dansguardian, tinyproxy, and firehol
Edit /etc/dansguardian/dansguardian.conf...
and leave everything at default. You will just need to comment out the UNCONFIGURED line
Next, you will need to edit the tinyproxy.conf
and make the following changes
Now the last file to be edited is /etc/firehol/firehol.conf
and here is my entire firehol.conf file
Then restart the services
You should now have a working internet filter without any changes being made to the proxy settings.
Install dansguardian, tinyproxy, and firehol
Code:
sudo apt-get install dansguardian tinyproxy firehol
Code:
sudo nano -w /etc/dansguardian/dansguardian.conf
Code:
# Comment this line out once you have modified this file to suit your needs #UNCONFIGURED
Code:
sudo nano -w /etc/tinyproxy/tinyproxy.conf
Code:
## ## tinyproxy.conf -- tinyproxy daemon configuration file ## # # Name of the user the tinyproxy daemon should switch to after the port # has been bound. # User nobody Group nogroup # # Port to listen on. # #Port 8888 Port 3128
Code:
sudo nano -w /etc/firehol/firehol.conf
Code:
# # $Id: client-all.conf,v 1.2 2002/12/31 15:44:34 ktsaou Exp $ # # This configuration file will allow all requests originating from the # local machine to be send through all network interfaces. # # No requests are allowed to come from the network. The host will be # completely stealthed! It will not respond to anything, and it will # not be pingable, although it will be able to originate anything # (even pings to other hosts). # version 5 iptables -t filter -I OUTPUT -d 127.0.0.1 -p tcp --dport 3128 -m owner ! --uid-owner dansguardian -j DROP transparent_squid 8080 "nobody root" # Accept all client traffic on any interface interface any world policy drop protection strong client all accept
Code:
sudo /etc/init.d/dansguardian restart sudo /etc/init.d/tinyproxy restart sudo /etc/init.d/firehol restart