Dansguardian Version 2.8.0.6 - Installation und Konfiguration

Transcription

Dansguardian Version 2.8.0.6 - Installation und Konfiguration
13.01.2017 13:19.
1/15
Dansguardian Version 2.8.0.6 - Installation und Konfiguration
Dansguardian Version 2.8.0.6 - Installation
und Konfiguration
Für die Zugriffsverwaltung und inhaltliche Bewertung der angewählten Internetseiten bedienen wir
uns dem Proxy Squid und dem Contentfilter Dansguardian.
Bei dieser Konstellation arbeiten Squid und Dansguardian als einer Vermittler, der auf der einen
Seite Anfragen entgegennimmt, um dann über seine eigene Adresse eine Verbindung zu einem
Zielhost herzustellen. So bleibt einerseits die eigentliche Adresse des Client-Rechners dem Zielhost
gegenüber komplett verborgen, was eine gewisse Anonymität schafft. Ferner können die Ergebnisse
der Clientanfragen zwischengespeichert werden, um so Bandbreite zu sparen, da diese gepufferten
Objekte nicht nochmals geladen werden müssen. Darüber hinaus haben wir so die Möglichkeit:
unerwünschte Seiten zu blocken (Pornographie)
bestimmte Inhalte nur bestimmten Usern zur Verfügung zu stellen (Multimediainhalte des
WWW)
Seiten auf unerwünschten Inhalt zu überprüfen und ggf. zu blocken (Glücksspiel und politische
Propaganda) oder
eine Virenprüfung der übermittelten Daten vorzunehmen.
Die einfachere Variante ist die Installation der Version 2.8.0.6 aus dem Dag Apt Repository.
Stand Dezember 2009
Diese Version unterstützt nur die Inhaltliche Überprüfung noch noch NICHT die Virenfilterung!
Diese ist im aktuellen neuen Release-Kandidaten enthalten - die Installation ist im folgenden
Kapitel beschrieben.
Installation
Wie sollte es auch hier anders sein, die Installation der benötigten Programme erfolgt im gewohnten
Rahmen via yum, welches wir als User root ausführen.
# su # yum install dansguardian
Was uns das Paket dansguardian alles mitbringt offenbart eine detailierte Blick1), nach erfolgter
Installation des Paketes, in das RPM.
Linux - Wissensdatenbank - https://dokuwiki.nausch.org/
Last update: 22.11.2013 15:34.
centos:dansguardian_2.8 https://dokuwiki.nausch.org/doku.php/centos:dansguardian_2.8
# rpm -iql dansguardian
Name
: dansguardian
Relocations: (not relocatable)
Version
: 2.8.0.6
Vendor: Dag Apt Repository,
http://dag.wieers.com/apt/
Release
: 1.2.el5.rf
Build Date: Mi 07 Mär 2007
19:59:59 CET
Install Date: Sa 08 Nov 2008 13:55:11 CET
Build Host:
lisse.leuven.wieers.com
Group
: System Environment/Daemons
Source RPM:
dansguardian-2.8.0.6-1.2.el5.rf.src.rpm
Size
: 736787
License: GPL
Signature
: DSA/SHA1, Fr 09 Mär 2007 10:32:24 CET, Key ID a20e52146b8d79e6
Packager
: Dag Wieers <dag@wieers.com>
URL
: http://www.dansguardian.org/
Summary
: Content filtering web proxy
Description :
DansGuardian is a web filtering engine that checks the content within
the page itself in addition to the more traditional URL filtering.
DansGuardian is a content filtering proxy. It filters using multiple
methods,
including URL and domain filtering, content phrase filtering, PICS
filtering,
MIME filtering, file extension filtering, POST filtering.
/etc/dansguardian
/etc/dansguardian/bannedextensionlist
/etc/dansguardian/bannediplist
/etc/dansguardian/bannedmimetypelist
/etc/dansguardian/bannedphraselist
/etc/dansguardian/bannedregexpurllist
/etc/dansguardian/bannedsitelist
/etc/dansguardian/bannedurllist
/etc/dansguardian/banneduserlist
/etc/dansguardian/contentregexplist
/etc/dansguardian/dansguardian.conf
/etc/dansguardian/dansguardianf1.conf
/etc/dansguardian/exceptioniplist
/etc/dansguardian/exceptionphraselist
/etc/dansguardian/exceptionsitelist
/etc/dansguardian/exceptionurllist
/etc/dansguardian/exceptionuserlist
/etc/dansguardian/filtergroupslist
/etc/dansguardian/greysitelist
/etc/dansguardian/greyurllist
/etc/dansguardian/languages
/etc/dansguardian/languages/ReadMe
/etc/dansguardian/languages/arspanish
/etc/dansguardian/languages/arspanish/messages
/etc/dansguardian/languages/arspanish/template.html
/etc/dansguardian/languages/bulgarian
/etc/dansguardian/languages/bulgarian/messages
https://dokuwiki.nausch.org/
Printed on 13.01.2017 13:19.
13.01.2017 13:19.
3/15
Dansguardian Version 2.8.0.6 - Installation und Konfiguration
/etc/dansguardian/languages/bulgarian/template.html
/etc/dansguardian/languages/chinesebig5
/etc/dansguardian/languages/chinesebig5/messages
/etc/dansguardian/languages/chinesebig5/template.html
/etc/dansguardian/languages/chinesegb2312
/etc/dansguardian/languages/chinesegb2312/messages
/etc/dansguardian/languages/chinesegb2312/template.html
/etc/dansguardian/languages/czech
/etc/dansguardian/languages/czech/messages
/etc/dansguardian/languages/czech/template.html
/etc/dansguardian/languages/danish
/etc/dansguardian/languages/danish/messages
/etc/dansguardian/languages/danish/template.html
/etc/dansguardian/languages/dutch
/etc/dansguardian/languages/dutch/messages
/etc/dansguardian/languages/dutch/template.html
/etc/dansguardian/languages/french
/etc/dansguardian/languages/french/messages
/etc/dansguardian/languages/french/template.html
/etc/dansguardian/languages/german
/etc/dansguardian/languages/german/messages
/etc/dansguardian/languages/german/template.html
/etc/dansguardian/languages/hebrew
/etc/dansguardian/languages/hebrew/messages
/etc/dansguardian/languages/hebrew/template.html
/etc/dansguardian/languages/indonesian
/etc/dansguardian/languages/indonesian/messages
/etc/dansguardian/languages/indonesian/template.html
/etc/dansguardian/languages/italian
/etc/dansguardian/languages/italian/messages
/etc/dansguardian/languages/italian/template.html
/etc/dansguardian/languages/lithuanian
/etc/dansguardian/languages/lithuanian/messages
/etc/dansguardian/languages/lithuanian/template.html
/etc/dansguardian/languages/mxspanish
/etc/dansguardian/languages/mxspanish/messages
/etc/dansguardian/languages/mxspanish/template.html
/etc/dansguardian/languages/polish
/etc/dansguardian/languages/polish/messages
/etc/dansguardian/languages/polish/template.html
/etc/dansguardian/languages/portuguese
/etc/dansguardian/languages/portuguese/messages
/etc/dansguardian/languages/portuguese/messagesaccents
/etc/dansguardian/languages/portuguese/template.html
/etc/dansguardian/languages/russian-1251
/etc/dansguardian/languages/russian-1251/messages
/etc/dansguardian/languages/russian-1251/template.html
/etc/dansguardian/languages/slovak
/etc/dansguardian/languages/slovak/messages
/etc/dansguardian/languages/slovak/template.html
/etc/dansguardian/languages/spanish
Linux - Wissensdatenbank - https://dokuwiki.nausch.org/
Last update: 22.11.2013 15:34.
centos:dansguardian_2.8 https://dokuwiki.nausch.org/doku.php/centos:dansguardian_2.8
/etc/dansguardian/languages/spanish/messages
/etc/dansguardian/languages/spanish/template.html
/etc/dansguardian/languages/swedish
/etc/dansguardian/languages/swedish/messages
/etc/dansguardian/languages/swedish/template.html
/etc/dansguardian/languages/turkish
/etc/dansguardian/languages/turkish/messages
/etc/dansguardian/languages/turkish/template.html
/etc/dansguardian/languages/ukenglish
/etc/dansguardian/languages/ukenglish/messages
/etc/dansguardian/languages/ukenglish/template.html
/etc/dansguardian/logrotation
/etc/dansguardian/phraselists
/etc/dansguardian/phraselists/badwords
/etc/dansguardian/phraselists/badwords/weighted_dutch
/etc/dansguardian/phraselists/badwords/weighted_french
/etc/dansguardian/phraselists/badwords/weighted_german
/etc/dansguardian/phraselists/badwords/weighted_portuguese
/etc/dansguardian/phraselists/badwords/weighted_spanish
/etc/dansguardian/phraselists/chat
/etc/dansguardian/phraselists/chat/weighted
/etc/dansguardian/phraselists/chat/weighted_italian
/etc/dansguardian/phraselists/drugadvocacy
/etc/dansguardian/phraselists/drugadvocacy/weighted
/etc/dansguardian/phraselists/gambling
/etc/dansguardian/phraselists/gambling/banned
/etc/dansguardian/phraselists/gambling/banned_portuguese
/etc/dansguardian/phraselists/gambling/weighted
/etc/dansguardian/phraselists/gambling/weighted_portuguese
/etc/dansguardian/phraselists/games
/etc/dansguardian/phraselists/games/weighted
/etc/dansguardian/phraselists/goodphrases
/etc/dansguardian/phraselists/goodphrases/exception
/etc/dansguardian/phraselists/goodphrases/exception_email
/etc/dansguardian/phraselists/goodphrases/weighted_general
/etc/dansguardian/phraselists/goodphrases/weighted_general_danish
/etc/dansguardian/phraselists/goodphrases/weighted_general_portuguese
/etc/dansguardian/phraselists/goodphrases/weighted_news
/etc/dansguardian/phraselists/googlesearches
/etc/dansguardian/phraselists/googlesearches/banned
/etc/dansguardian/phraselists/gore
/etc/dansguardian/phraselists/gore/weighted
/etc/dansguardian/phraselists/gore/weighted_portuguese
/etc/dansguardian/phraselists/illegaldrugs
/etc/dansguardian/phraselists/illegaldrugs/banned
/etc/dansguardian/phraselists/illegaldrugs/banned_portuguese
/etc/dansguardian/phraselists/illegaldrugs/weighted
/etc/dansguardian/phraselists/illegaldrugs/weighted_portuguese
/etc/dansguardian/phraselists/intolerance
/etc/dansguardian/phraselists/intolerance/banned_portuguese
/etc/dansguardian/phraselists/intolerance/weighted
https://dokuwiki.nausch.org/
Printed on 13.01.2017 13:19.
13.01.2017 13:19.
5/15
Dansguardian Version 2.8.0.6 - Installation und Konfiguration
/etc/dansguardian/phraselists/intolerance/weighted_portuguese
/etc/dansguardian/phraselists/legaldrugs
/etc/dansguardian/phraselists/legaldrugs/weighted
/etc/dansguardian/phraselists/malware
/etc/dansguardian/phraselists/malware/weighted
/etc/dansguardian/phraselists/news
/etc/dansguardian/phraselists/news/weighted
/etc/dansguardian/phraselists/nudism
/etc/dansguardian/phraselists/nudism/weighted
/etc/dansguardian/phraselists/peer2peer
/etc/dansguardian/phraselists/peer2peer/weighted
/etc/dansguardian/phraselists/personals
/etc/dansguardian/phraselists/personals/weighted
/etc/dansguardian/phraselists/personals/weighted_portuguese
/etc/dansguardian/phraselists/pornography
/etc/dansguardian/phraselists/pornography/banned
/etc/dansguardian/phraselists/pornography/banned_portuguese
/etc/dansguardian/phraselists/pornography/weighted
/etc/dansguardian/phraselists/pornography/weighted_danish
/etc/dansguardian/phraselists/pornography/weighted_dutch
/etc/dansguardian/phraselists/pornography/weighted_french
/etc/dansguardian/phraselists/pornography/weighted_german
/etc/dansguardian/phraselists/pornography/weighted_italian
/etc/dansguardian/phraselists/pornography/weighted_portuguese
/etc/dansguardian/phraselists/pornography/weighted_spanish
/etc/dansguardian/phraselists/proxies
/etc/dansguardian/phraselists/proxies/weighted
/etc/dansguardian/phraselists/sport
/etc/dansguardian/phraselists/sport/weighted
/etc/dansguardian/phraselists/violence
/etc/dansguardian/phraselists/violence/weighted
/etc/dansguardian/phraselists/violence/weighted_portuguese
/etc/dansguardian/phraselists/warezhacking
/etc/dansguardian/phraselists/warezhacking/weighted
/etc/dansguardian/phraselists/weapons
/etc/dansguardian/phraselists/weapons/weighted
/etc/dansguardian/phraselists/weapons/weighted_portuguese
/etc/dansguardian/phraselists/webmail
/etc/dansguardian/phraselists/webmail/weighted
/etc/dansguardian/pics
/etc/dansguardian/transparent1x1.gif
/etc/dansguardian/weightedphraselist
/etc/httpd/conf.d/dansguardian.conf
/etc/logrotate.d/dansguardian
/etc/rc.d/init.d/dansguardian
/usr/sbin/dansguardian
/usr/share/doc/dansguardian-2.8.0.6
/usr/share/doc/dansguardian-2.8.0.6/INSTALL
/usr/share/doc/dansguardian-2.8.0.6/LICENSE
/usr/share/doc/dansguardian-2.8.0.6/README
/usr/share/man/man8/dansguardian.8.gz
Linux - Wissensdatenbank - https://dokuwiki.nausch.org/
Last update: 22.11.2013 15:34.
centos:dansguardian_2.8 https://dokuwiki.nausch.org/doku.php/centos:dansguardian_2.8
/var/log/dansguardian
/var/www/dansguardian
/var/www/dansguardian/dansguardian.pl
Konfiguration
Mit dem Editor unserer Wahl z.B. vim bearbeiten wir nun die Konfigurationsdatei des Contentfilters:
# vim /etc/dansguardian/dansguardian.conf
Das erste und wichtigste, was wir hier groß einstellen, sind die Adress- und Portangaben:
# the port that DansGuardian listens to.
filterport = 8080
# the ip of the proxy (default is the loopback - i.e. this server)
proxyip = 127.0.0.1
# the port DansGuardian connects to proxy on
proxyport = 3128
Ferner passen wir noch die Internationalisierung in der Konfigurationsdatei an:
# the port that DansGuardian listens to.
language = 'german'
In Summe ergibt sich also folgende Gesamtkonfiguration:
egrep -v '(^.*#|^$)' /etc/dansguardian/dansguardian.conf
reportinglevel = 3
languagedir = '/etc/dansguardian/languages'
language = 'german'
loglevel = 3
logexceptionhits = on
logfileformat = 1
filterip =
filterport = 8080
proxyip = 127.0.0.1
proxyport = 3128
accessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/cgi-bin/dansguardian.pl'
nonstandarddelimiter = on
usecustombannedimage = 1
custombannedimagefile = '/etc/dansguardian/transparent1x1.gif'
filtergroups = 1
filtergroupslist = '/etc/dansguardian/filtergroupslist'
bannediplist = '/etc/dansguardian/bannediplist'
exceptioniplist = '/etc/dansguardian/exceptioniplist'
banneduserlist = '/etc/dansguardian/banneduserlist'
exceptionuserlist = '/etc/dansguardian/exceptionuserlist'
https://dokuwiki.nausch.org/
Printed on 13.01.2017 13:19.
13.01.2017 13:19.
7/15
Dansguardian Version 2.8.0.6 - Installation und Konfiguration
showweightedfound = on
weightedphrasemode = 2
urlcachenumber = 1000
urlcacheage = 900
phrasefiltermode = 2
preservecase = 0
hexdecodecontent = 0
forcequicksearch = 0
reverseaddresslookups = off
reverseclientiplookups = off
createlistcachefiles = on
maxuploadsize = -1
maxcontentfiltersize = 256
usernameidmethodproxyauth = on
usernameidmethodident = off
preemptivebanning = on
forwardedfor = off
usexforwardedfor = off
logconnectionhandlingerrors = on
maxchildren = 120
minchildren = 8
minsparechildren = 4
preforkchildren = 6
maxsparechildren = 32
maxagechildren = 500
ipcfilename = '/tmp/.dguardianipc'
urlipcfilename = '/tmp/.dguardianurlipc'
nodaemon = off
nologger = off
softrestart = off
Nach der erfolgten Inbetriebnahme drehen wir dem Dansguardian etwas die Luft ab, was heissen will,
wir lassen uns nur noch die geblockten Seiten reporten, da das Logfile ggf. etwas arg überschwemmt
wird mit Informationen, die uns eh' nicht interessieren.
# vim /etc/dansguardian/dansguardian.conf
# Logging Settings
#
# 0 = none 1 = just denied
loglevel = 1
2 = all text based
3 = all requests
In der zweiten Konfig-Datei /etc/dansguardian/dansguardianf1.conf stellen wir dann noch ein, wie
scharf der Kontentfilter arbeiten soll:
# vim /etc/dansguardian/dansguardianf1.conf
Mit einem Naughtyness limit von 100 liegt man schon mal in einem praktikablen Bereich.
# Naughtyness limit
# This the limit over which the page will be blocked.
Linux - Wissensdatenbank - https://dokuwiki.nausch.org/
Each weighted phrase
Last update: 22.11.2013 15:34.
centos:dansguardian_2.8 https://dokuwiki.nausch.org/doku.php/centos:dansguardian_2.8
is given
# a value either positive or negative and the values added up. Phrases to
do with
# good subjects will have negative values, and bad subjects will have
positive
# values. See the weightedphraselist file for examples.
# As a guide:
# 50 is for young children, 100 for old children, 160 for young adults.
naughtynesslimit = 100
Somit ergibt sich hier folgende Gesamtkonfiguration:
egrep -v '(^.*#|^$)' /etc/dansguardian/dansguardianf1.conf
bannedphraselist = '/etc/dansguardian/bannedphraselist'
weightedphraselist = '/etc/dansguardian/weightedphraselist'
exceptionphraselist = '/etc/dansguardian/exceptionphraselist'
bannedsitelist = '/etc/dansguardian/bannedsitelist'
greysitelist = '/etc/dansguardian/greysitelist'
exceptionsitelist = '/etc/dansguardian/exceptionsitelist'
bannedurllist = '/etc/dansguardian/bannedurllist'
greyurllist = '/etc/dansguardian/greyurllist'
exceptionurllist = '/etc/dansguardian/exceptionurllist'
bannedregexpurllist = '/etc/dansguardian/bannedregexpurllist'
bannedextensionlist = '/etc/dansguardian/bannedextensionlist'
bannedmimetypelist = '/etc/dansguardian/bannedmimetypelist'
picsfile = '/etc/dansguardian/pics'
contentregexplist = '/etc/dansguardian/contentregexplist'
naughtynesslimit = 100
bypass = 0
bypasskey = ''
Starten von Dansguardian
Nun starten wir das erste mal unsere neuen Dienst dansguardian:
# service dansguardian start
Web Content Filter (dansguardian) starten:
[
OK
]
automatisches Starten von Dansguardian beim Systemstart
Damit der Dansguardian-daemon automatisch bei jedem Systemstart startet, kann die Einrichtung
des Start-Scriptes über folgenden Befehl erreicht werden:
# chkconfig dansguardian on
Die Überprüfungung ob der Dienst (Daemons) Dansguardian wirklich bei jedem Systemstart
automatisch mit gestartet wird, kann durch folgenden Befehle erreicht werden:
https://dokuwiki.nausch.org/
Printed on 13.01.2017 13:19.
13.01.2017 13:19.
9/15
# chkconfig --list | grep dansguardian
dansguardian
0:Aus
1:Aus
2:Ein
Dansguardian Version 2.8.0.6 - Installation und Konfiguration
3:Ein
4:Ein
5:Ein
6:Aus
Wichtig sind jeweils die Schalter on bzw. Ein bei den Runleveln - 2 3 4 5.
Optimierung von dansguardian
Von Haus aus, ist der „ausgelieferte“ Dansguardian doch recht aggressiv eingestellt; d.h. viele doch
erwünschten Seiten werden geblockt. Zum Erlauben dieser Seiten gibt es mehrere Möglichkeiten.
Ausnahmelisten für Web-Sites
Ganze Seiten können von der inhaltlichen Bewertung ausgenommen werden, wenn in der
/etc/dansguardian/exceptionsitelist ein entsprechender Eintrag vorhanden ist, so z.B.:
# vim /etc/dansguardian/exceptionsitelist
#Sites in exception list
#Don't bother with the www. or
#the http://
#
#These are specifically domains and are not URLs.
#For example 'foo.bar/porn/' is no good, you need
#to just have 'foo.bar'.
#
#You can also match IPs here too.
#
#As of DansGuardian 2.7.3 you can now include
#.tld so for example you can match .gov for example
dansguardian.org
nausch.org
urlblacklist.com
ebay.de
bay.com
Ausnahmelisten für Hosts
Will man einzelne Workstations ausnehmen, so trägt man diese in die
/etc/dansguardian/exceptioniplist ein:
# vim /etc/dansguardian/exceptioniplist
#IP addresses of computers to not filter
Linux - Wissensdatenbank - https://dokuwiki.nausch.org/
Last update: 22.11.2013 15:34.
centos:dansguardian_2.8 https://dokuwiki.nausch.org/doku.php/centos:dansguardian_2.8
#and just pass requests straight through to
#
#These would be servers which
#need unfiltered access for
#updates. Also administrator
#workstations which need to
#download programs and check
#out blocked sites should be
#put here.
#
#Only put IP addresses here,
#not host names
#
#This is not the IP of web servers
#you don't want to filter.
#192.168.0.1
#192.168.0.2
#192.168.42.2
#BOfH's Workstation
192.168.20.10
Sperrlisten für Dateiextensions
Über die /etc/dansguardian/bannedextensionlist stellen wir dann bei Bedarf noch ein, welche
Datei-Extensions wird erlauben und welche wir (aus)sperren wollen:
# vim /etc/dansguardian/bannedextensionlist
#Banned extension list
# File extensions with executable code
# The following file extensions can contain executable code.
# This means they can potentially carry a virus to infect your computer.
.ade
.adp
.asx
.bas
.bat
.cab
.chm
.cmd
.com
.cpl
.crt
.dll
.exe
#
#
#
#
#
#
#
#
#
#
#
#
#
Microsoft Access project extension
Microsoft Access project
Windows Media Audio / Video
Microsoft Visual Basic class module
Batch file
Windows setup file
Compiled HTML Help file
Microsoft Windows NT Command script
Microsoft MS-DOS program
Control Panel extension
Security certificate
Windows system file
Program
https://dokuwiki.nausch.org/
Printed on 13.01.2017 13:19.
13.01.2017 13:19.
.hlp #
.ini #
.hta #
.inf #
.ins #
.isp #
# .js
# .jse
.lnk #
.mda #
.mdb #
.mde #
.mdt #
.mdw #
.mdz #
.msc #
.msi #
.msp #
.mst #
.pcd #
.pif #
.prf #
.reg #
.scf #
.scr #
.sct #
.sh
#
.shs #
.shb #
.sys #
.url #
.vb
#
.vbe #
.vbs #
.vxd #
.wsc #
.wsf #
.wsh #
.otf #
.ops #
11/15
Dansguardian Version 2.8.0.6 - Installation und Konfiguration
Help file
Windows system file
HTML program
Setup Information
Internet Naming Service
Internet Communication settings
# JScript file - often needed in web pages
# Jscript Encoded Script file - often needed in web pages
Windows Shortcut
Microsoft Access add-in program
Microsoft Access program
Microsoft Access MDE database
Microsoft Access workgroup information
Microsoft Access workgroup information
Microsoft Access wizard program
Microsoft Common Console document
Microsoft Windows Installer package
Microsoft Windows Installer patch
Microsoft Visual Test source files
Photo CD image, Microsoft Visual compiled script
Shortcut to MS-DOS program
Microsoft Outlook profile settings
Windows registry entries
Windows Explorer command
Screen saver
Windows Script Component
Shell script
Shell Scrap object
Shell Scrap object
Windows system file
Internet shortcut
VBScript file
VBScript Encoded script file
VBScript file
Windows system file
Windows Script Component
Windows Script file
Windows Script Host Settings file
Font file - can be used to instant reboot 2k and xp
Office XP settings
# Files which one normally things as non-executable but
# can contain harmful macros and viruses
.doc
.xls
.pps
# Word document
# Excel document
# PowerPoint selfrunning
# Other files which may contain files with executable code
Linux - Wissensdatenbank - https://dokuwiki.nausch.org/
Last update: 22.11.2013 15:34.
#.gz
#.tar
.zip
#.tgz
#.bz2
.cdr
.dmg
.smi
.sit
.sea
.bin
.hqx
.rar
centos:dansguardian_2.8 https://dokuwiki.nausch.org/doku.php/centos:dansguardian_2.8
# Gziped file
# Tape ARchive file
# Windows compressed file
# Unix compressed file
# Unix compressed file
# Mac disk image
# Mac disk image
# Mac self mounting disk image
# Mac compressed file
# Mac compressed file, self extracting
# Mac binary compressed file
# Mac binhex encoded file
# Similar to zip
# Time/bandwidth wasting files
.mp3 # Music file
.mpeg # Movie file
.mpg # Movie file
.avi # Movie file
.asf # this can also exploit a security hole allowing virus infection
.iso # CD ISO image
.ogg # Music file
.wmf # Movie file
.bin # CD ISO image
.cue # CD ISO image
# meine eigenen
.ani # animated cursor
Sperrlisten für URLS (regex)
Über die /etc/dansguardian/bannedregexpurllist haben wir die möglichkeit, einzelne Seiten an
Hand ihrer URL zu sperren. Hierzu Nutzen wir geeignete REGEX um die URLs zu definieren, welche
wir (aus)sperren wollen:
# vim /etc/dansguardian/bannedregexpurllist
#Banned URLs based on Regular Expressions
#
# E.g. 'sex' would block sex.com and middlesex.com etc
# The following two lines may work better than the above - Philip Pearce
9/11/2004
(^|[\?+=&/_])(big|cyber|hard|huge|mega|small|soft|super|tiny|bare|naked|nude|ana
l|oral|topp?les|sex){1,}.*(anal|babe|bharath|boob|breast|busen|busty|clit|cu
m|cunt|dick|fetish|fuck|girl|hooter|lez|lust|naked|nude|oral|orgy|penis|porn
|porno|pupper|pussy|rotten|sex|shit|smutpump|teen|topp?les|xxx)s?([https://dokuwiki.nausch.org/
Printed on 13.01.2017 13:19.
13.01.2017 13:19.
13/15
Dansguardian Version 2.8.0.6 - Installation und Konfiguration
\?+=&/_]|$)
(^|[\?+=&/_])(anal|babe|bharath|boob|breast|busen|busty|clit|cum|cunt|dick|fetis
h|fuck|girl|hooter|lez|lust|naked|nude|oral|orgy|penis|porn|porno|pupper|pus
sy|rotten|sex|shit|smutpump|teen|topp?les|xxx){1,}.*(big|cyber|hard|huge|meg
a|small|soft|super|tiny|bare|naked|nude|anal|oral|topp?les|sex){1,}([\?+=&/_]|$)
# Onlinegaming
(gladiatus|4story|gameforge|ikariam|pog.com|cracymonkeygames|poissonrouge)
# Musikmaffia
(musicload|musikload)
# videoportale
(vo.llnwd)
# Werbemüll
(Standardteaser|sponsorads|google-analytics)
# Schnackslanbahnungsportale
(facebook)
Filtergruppen bei dansguardian
Oft ist es wünschenswert einzelen User(gruppen) bei der Bewertung der Verbindungswünsche in's
WWW unterschiedlich zu behandeln. So könnten zum Beispiel Schüler und Lehrer, DAUs, Null- Halbund Stellenleiter wie auch VIPs mit eigenen Filterregelsätzen belegt werden.
Was zunächst kompliziert anmutet, funktioniert recht einfach und auch überschaubar.
dansguardian.conf
Als erstes geben wir unserem Kontentfilter mit, wieviele Filtergruppen (max. 99) wir verwenden
möchten.
# vim dansguardian.conf
# Filter groups options
# filtergroups sets the number of filter groups. A filter group is a set of
content
# filtering options you can apply to a group of users. The value must be 1
or more.
# DansGuardian will automatically look for dansguardianfN.conf where N is
the filter
# group. To assign users to groups use the filtergroupslist option. All
users default
# to filter group 1. You must have some sort of authentication to be able
to map users
Linux - Wissensdatenbank - https://dokuwiki.nausch.org/
Last update: 22.11.2013 15:34.
centos:dansguardian_2.8 https://dokuwiki.nausch.org/doku.php/centos:dansguardian_2.8
# to a group. The more filter groups the more copies of the lists will be
in RAM so
# use as few as possible.
filtergroups = 2
filtergroupslist = '/etc/dansguardian/filtergroupslist'
filtergroupslist
In der Datei filtergroupslist geben wir nun all diejenigen Nutzer an, die nicht in der Standardgruppe
bewertet werden sollen, sondern in einer der zuvor definierten Filtergruppen.
# vim filtergroupslist
# Filter Groups List file for DansGuardian
#
# Format is <user>=filter<1-99> where 1-99 are the groups
#
jakob=filter2
dansguardianf2.conf
Die eigentliche Änderungen zur Standardkonfiguration nehmen wir nun, in der dansguardianfn.conf
vor. Neben einen ggf. abweichenden Naughtyness limit definieren wir hier etwaige abweichende
Sperr- und Ausnahme-Listen.
# vim dansguardianf2.conf
# Content filtering files location
bannedphraselist = '/etc/dansguardian/bannedphraselist'
weightedphraselist = '/etc/dansguardian/weightedphraselist'
exceptionphraselist = '/etc/dansguardian/exceptionphraselist'
bannedsitelist = '/etc/dansguardian/bannedsitelist_f2'
greysitelist = '/etc/dansguardian/greysitelist'
exceptionsitelist = '/etc/dansguardian/exceptionsitelist_f2'
bannedurllist = '/etc/dansguardian/bannedurllist'
greyurllist = '/etc/dansguardian/greyurllist'
exceptionurllist = '/etc/dansguardian/exceptionurllist'
bannedregexpurllist = '/etc/dansguardian/bannedregexpurllist_f2'
bannedextensionlist = '/etc/dansguardian/bannedextensionlist'
bannedmimetypelist = '/etc/dansguardian/bannedmimetypelist'
picsfile = '/etc/dansguardian/pics'
contentregexplist = '/etc/dansguardian/contentregexplist'
In den jeweiligen Listen erweitern wir nun die entsprechenden gesperrten Seiten oder definieren
entsprechende Ausnahmeregelungen.
1)
zum besseren Vergleich zwischen der Verison 2.8.0.6 zur 2.10.1.1 erfolgt der Abdruck der gesamten
Abfrage durch rpm -iql
https://dokuwiki.nausch.org/
Printed on 13.01.2017 13:19.
13.01.2017 13:19.
15/15
Dansguardian Version 2.8.0.6 - Installation und Konfiguration
From:
https://dokuwiki.nausch.org/ - Linux - Wissensdatenbank
Permanent link:
https://dokuwiki.nausch.org/doku.php/centos:dansguardian_2.8
Last update: 22.11.2013 15:34.
Linux - Wissensdatenbank - https://dokuwiki.nausch.org/

Similar documents