On Mon, Feb 14, 2005 at 01:14:11PM -0500, Matt Morgan wrote: > For one thing, the whole setup seems to assume that Squid and DG are > running on a proxy server that sits in between the browsing machine > and the internet. I hoped I could set it all up on the desktop, > without having a separate machine between the desktop and the > internet. Does anyone know if that's possible? I believe that you could use the 'owner' module of iptables (see the man page). (Probably the safest thing to do is block *everything* but allow traffic out from squid proxy command only (using owner --cmd-owner /usr/sbin/squid). Note that I've never tried this, let alone done it. :) The gateway machine setup is certainly more failsafe. > For another: DG didn't seem to offer automatic updated banned-site and > banned-content lists. In fact, I couldn't figure out much about that, > at all. There are no banned sites at all listed in the config that > results from the yum install (as far as I can tell). You can probably find some at <http://peacefire.org/>. :) -- Matthew Miller mattdm@xxxxxxxxxx <http://www.mattdm.org/> --> Fedora Users & Developers Conference, hosted by Boston University <-- February 18th, 2005 <http://fedoraproject.org/fudcon/>
