Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Does anyone know how to setup groups to be affacted differently by the content filtering (dans guardian) on Endian (variation of IPCOP)? I would like to be able to setup an admin group that has bypass permissions around the content filter. Or is there a way to have a password bypass through the content filter?
Hi, we run Dan's Guardian (DG) for filtering at our organization. We use the Webmin graphical interface to administer the DG features. From the DG bash script on our site, you can ...
" ... retrieve a list of users from a NT Domain controller, and based on group membership of the username, assign the username to a certain Dansguardian filtergroup. NOTE: You MUST modify several elements of this script to match your particular configuration. Also, this script depends upon SAMBA 3.02 being installed and joined to a working NT domain. While this script does not give Dansguardian the ability to select content filtering based on group membership, it does permit the assignment of users to filtergroups based on group membership thus saving the system administrator many keystrokes, especially on larger systems."
Our workstations run a SmoothWall mini-app that connects their login name with the DG user list. If someone's user name belongs to Group1, they automatically get different access than someone who belongs to Group2. If the details of this setup would help you, let me know and I can do some digging to see how the architects set up the system (I'm just the administrator).
We dont use domain accounts so is there a way to setup Dans Guardian to allow groups or is this what you were saying using WebMin to setup users and groups? Does your organization have a custom Access Denied page? I would like to notify users why the site was blocked and who to contact. I would really like to be able to give them a link on the page to bypass the filter with login, thus logging all use of the bypass.
On a seperate issue, does anyone know why Endian blocks use of all Chat apps? We have an internal chat app which uses port 13 and 227 and I have put rules in to allow this traffic even to external users. Yet it blocks the signin process and when I view the port scan it doesn't allow traffic on any of these ports.
Our DG web admin interface provides a control for groups. If you log into the DG admin page using a web browser, you should see a control panel titled View/Edit Groups. Our groups are numbered f1, f2, f3, and so on. We give each group different rights starting with f1 as the most restrictive, f2 with more permissions, and so on. The DG documentation says:
"DansGuardian can switch off filtering for certain users, sites and IPs, but not varying degrees. Nor can it block for ranges of IPs or subnets. Nor can it block by time of day. If you need this, install squidGuard also. (As of version 2.7.5 it can have different filtering for groups of users but it still can't do time of day functionality nor subnets nor range of IPs)."
We do have a custom access denied page with a mail link so users can report a page to the webmaster if they think it's been unfairly blocked. The DG documentation says:
"When a page is denied, DansGuardian redirects to a cgi perl script on your web server to report to the user. This makes it easy to customise the message. This server does not need to be the same machine as the DansGuardian filter server, however if it is not local you will need to amend or comment out the perl script copying line in the Makefile."
The DG online documentation has been a big help for me to figure out the install and customization of the product.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.