Content Filtering in linux?
Any of you guys using content filtering software? I heard DansGuardian will work but we need to setup proxy server before we use DansGuardian. I am looking for content filtering software which can runs without proxy server
I need to filter MSN messenger in my offfice Anyone has idea, please help... Thank You.... |
what do you mean you need to filter MSN messenger? is there too much lewd content? as that's what content filtering refers to, it means to filter unwanted content from a wanted connection.
if you want to block MSN communications totaly then you need to disallow network activity on the port in general. this is done using a firewall. read the documentation on ipchains and iptables |
#iptables -A INPUT -p tcp --sport <port number> -j DROP
-> the destnation port can be different but the port on the MSN server is always the same, or you can filter traff from behind the firewall; #iptables -A OUTPUT -p tcp --dport <port number> -j DROP do the same for udp |
Hey,
My dear friend Administrator.... I got the same doubt...one day I was checking this I got a nice posting ...I am sorry to say that I for got the URL... but I will give you the idea... If you think its mandatory u can do this by blocking access to the servers the clients login... hope you got me... |
Please help me
This is serious issue making my nights mared
Hi, I used to have a squidguard as web filter running very well for thepast four years... to say it was a king in my company's network room. Due to some virus activity from bloody Windows clients the squidguard was abruptly shutting down. I searched for another filtering program where I found as n alternative. I know that critical settings are the following lines .... I am into maintenance only .... i.e not that techie... please suggest me configuration settings for DG ... another doubt is whether we should parse DG config file in squid.conf for squidguard...? ************************** loglevel = 2 logexceptionhits = on logfileformat = 1 filterip = filterport = 8080 proxyip = 192.168.1.9 proxyport = 3128 accessdeniedaddress = 'http://localhost:8444' ************************** I am sure the above settings are giving some problem ... My public IP is XX.XX.XX.XX (security ... sorry u know it) my internal gateway is 192.168.1.9 My Squid settings are +++++++++++++++++++++++++++++++++ #----------------------------------------------------- # DO NOT MODIFY THIS FILE! It is updated automatically #----------------------------------------------------- http_port 8080 icp_port 0 hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? acl download_files urlpath_regex \.exe$ \.zip$ \.tar$ \.mpeg$ \.mpg$ \.mp3$ \.a vi$ \.cda$ \.com$ \.msi$ \.wip$ \.wav$ \.iso$ \.bin$ \.asf$ \.bz2 \.tar.bz2$ \. tar$ \.rm$ \.m3u$ \.pls$ \.xpl$ \.ra$ \.rm$ \.rmx$ \.rmj$ \.rms$ \.mnd$\.smi$ \. mov$ acl download_allowed src 192.168.1.4 192.168.1.10 192.168.1.11 192.168.1.16 192. 168.1.12 192.168.1.7 192.168.10.1 192.168.10.4 192.168.1.2 192.168.1.20 192.168. 1.6 192.168.1.3 192.168.1.1 192.168.1.15 192.168.1.14 http_access allow download_files download_allowed http_access deny download_files no_cache deny QUERY cache_mem 32 MB cache_dir diskd /var/spool/squid 150 16 256 #Redirector #redirect_program /usr/local/bin/squidGuard - c /etc/squid/squidGuard.conf #redirect_children 10 half_closed_clients off refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 #ACL acl Eth0 src 192.168.1.0/255.255.255.0 acl Eth0 src 192.168.10.0/255.255.255.0 #acl Eth0 src 10.0.0.0/255.0.0.0 #acl Eth1 src 202.88.191.0/255.255.255.128 acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl SSL_ports port 443 563 acl ftp port 21 acl Safe_ports port 80 21 443 563 70 210 1025-65535 acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access deny ftp http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost http_access allow Eth0 #http_access allow Eth1 http_access deny all icp_access allow all miss_access allow all # user/group cache_effective_user squid cache_effective_group squid visible_hostname firewall.KITSOL.net #HTTP_ACCEL options httpd_accel_host virtual httpd_accel_port 80 httpd_accel_with_proxy on httpd_accel_uses_host_header on append_domain .KITSOL.net # customized error pages err_html_text network@... memory_pools off +++++++++++++++++++++++++++++++++++++++++ Should I make any changes for DG to work with existing squid? Should I make any changes for DG config file? One important thing my firewall (shorewall) and my squid run on same machine... Should I make any changes to my firewall settings??? Thank you...May Lord keep all System Admins lives specially nights happy... |
All times are GMT -5. The time now is 05:39 AM. |