LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 02-19-2008, 02:43 PM   #1
brave1frommo
LQ Newbie
 
Registered: Oct 2006
Posts: 2

Rep: Reputation: 0
Question Endian Firewall, dansguardian


Does anyone know how to setup groups to be affacted differently by the content filtering (dans guardian) on Endian (variation of IPCOP)? I would like to be able to setup an admin group that has bypass permissions around the content filter. Or is there a way to have a password bypass through the content filter?

Thanks,
eric
 
Old 02-19-2008, 04:32 PM   #2
jmor3
LQ Newbie
 
Registered: Mar 2007
Posts: 6

Rep: Reputation: 0
Dan's Guardian groups ...

Hi, we run Dan's Guardian (DG) for filtering at our organization. We use the Webmin graphical interface to administer the DG features. From the DG bash script on our site, you can ...

" ... retrieve a list of users from a NT Domain controller, and based on group membership of the username, assign the username to a certain Dansguardian filtergroup. NOTE: You MUST modify several elements of this script to match your particular configuration. Also, this script depends upon SAMBA 3.02 being installed and joined to a working NT domain. While this script does not give Dansguardian the ability to select content filtering based on group membership, it does permit the assignment of users to filtergroups based on group membership thus saving the system administrator many keystrokes, especially on larger systems."

Our workstations run a SmoothWall mini-app that connects their login name with the DG user list. If someone's user name belongs to Group1, they automatically get different access than someone who belongs to Group2. If the details of this setup would help you, let me know and I can do some digging to see how the architects set up the system (I'm just the administrator).

Cheers, Mike
 
Old 02-20-2008, 08:48 AM   #3
brave1frommo
LQ Newbie
 
Registered: Oct 2006
Posts: 2

Original Poster
Rep: Reputation: 0
Dans Guardian setup and chat question

We dont use domain accounts so is there a way to setup Dans Guardian to allow groups or is this what you were saying using WebMin to setup users and groups? Does your organization have a custom Access Denied page? I would like to notify users why the site was blocked and who to contact. I would really like to be able to give them a link on the page to bypass the filter with login, thus logging all use of the bypass.

On a seperate issue, does anyone know why Endian blocks use of all Chat apps? We have an internal chat app which uses port 13 and 227 and I have put rules in to allow this traffic even to external users. Yet it blocks the signin process and when I view the port scan it doesn't allow traffic on any of these ports.

Sorry for so many questions.

Eric
 
Old 02-21-2008, 09:54 AM   #4
jmor3
LQ Newbie
 
Registered: Mar 2007
Posts: 6

Rep: Reputation: 0
Groups and Custom pages

Our DG web admin interface provides a control for groups. If you log into the DG admin page using a web browser, you should see a control panel titled View/Edit Groups. Our groups are numbered f1, f2, f3, and so on. We give each group different rights starting with f1 as the most restrictive, f2 with more permissions, and so on. The DG documentation says:

"DansGuardian can switch off filtering for certain users, sites and IPs, but not varying degrees. Nor can it block for ranges of IPs or subnets. Nor can it block by time of day. If you need this, install squidGuard also. (As of version 2.7.5 it can have different filtering for groups of users but it still can't do time of day functionality nor subnets nor range of IPs)."

We do have a custom access denied page with a mail link so users can report a page to the webmaster if they think it's been unfairly blocked. The DG documentation says:

"When a page is denied, DansGuardian redirects to a cgi perl script on your web server to report to the user. This makes it easy to customise the message. This server does not need to be the same machine as the DansGuardian filter server, however if it is not local you will need to amend or comment out the perl script copying line in the Makefile."

The DG online documentation has been a big help for me to figure out the install and customization of the product.

Cheers, Mike
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Endian Firewall Upgrade sombra_tommy Linux - Software 1 03-15-2007 04:32 AM
Change MTU Settings on Endian Firewall VanTheLinuxNewbie Linux - Newbie 5 11-15-2006 04:54 AM
Need secure OS for squid+dansguardian firewall drokmed Linux - Security 6 06-23-2006 03:43 PM
problem in understanding little endian/big endian machine program indian Programming 6 04-19-2006 02:50 PM
What is all this big endian-little endian stuff about? vdemuth Linux - Newbie 1 04-28-2004 02:16 AM


All times are GMT -5. The time now is 05:11 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration