Install dansguardian, tinyproxy, and firehol

Original post from http://ubuntuforums.org/showpost.php?p=1222237&postcount=21

Install dansguardian, tinyproxy, and firehol

Code:

sudo apt-get install dansguardian tinyproxy firehol

Edit /etc/dansguardian/dansguardian.conf...

Code:

sudo nano -w /etc/dansguardian/dansguardian.conf

and leave everything at default. You will just need to comment out the UNCONFIGURED line

Code:

# Comment this line out once you have modified this file to suit your needs
#UNCONFIGURED

Next, you will need to edit the tinyproxy.conf

Code:

sudo nano -w /etc/tinyproxy/tinyproxy.conf

and make the following changes

Code:

##
## tinyproxy.conf -- tinyproxy daemon configuration file
##

#
# Name of the user the tinyproxy daemon should switch to after the port
# has been bound.
#
User nobody
Group nogroup

#
# Port to listen on.
#
#Port 8888
Port 3128

Now the last file to be edited is /etc/firehol/firehol.conf

Code:

sudo nano -w /etc/firehol/firehol.conf

and here is my entire firehol.conf file

Code:

#
# $Id: client-all.conf,v 1.2 2002/12/31 15:44:34 ktsaou Exp $
#
# This configuration file will allow all requests originating from the
# local machine to be send through all network interfaces.
#
# No requests are allowed to come from the network. The host will be
# completely stealthed! It will not respond to anything, and it will
# not be pingable, although it will be able to originate anything
# (even pings to other hosts).
#

version 5
iptables -t filter -I OUTPUT -d 127.0.0.1 -p tcp --dport 3128 -m owner ! --uid-owner dansguardian -j DROP
transparent_squid 8080 "nobody root"

# Accept all client traffic on any interface
interface any world
 policy drop
 protection strong
 client all accept

Then restart the services

Code:

sudo /etc/init.d/dansguardian restart
sudo /etc/init.d/tinyproxy restart
sudo /etc/init.d/firehol restart

You should now have a working internet filter without any changes being made to the proxy settings.