LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   Content Filtering in linux? (https://www.linuxquestions.org/questions/linux-security-4/content-filtering-in-linux-308043/)

dwarf007 03-30-2005 10:12 PM
Content Filtering in linux?
 
Any of you guys using content filtering software? I heard DansGuardian will work but we need to setup proxy server before we use DansGuardian. I am looking for content filtering software which can runs without proxy server

I need to filter MSN messenger in my offfice

Anyone has idea, please help...
Thank You....

taxtropel 03-30-2005 10:25 PM
what do you mean you need to filter MSN messenger? is there too much lewd content? as that's what content filtering refers to, it means to filter unwanted content from a wanted connection.

if you want to block MSN communications totaly then you need to disallow network activity on the port in general. this is done using a firewall.

read the documentation on ipchains and iptables

makko 03-31-2005 01:07 AM
#iptables -A INPUT -p tcp --sport <port number> -j DROP
-> the destnation port can be different but the port on the MSN server is always the same, or you can filter traff from behind the firewall;
#iptables -A OUTPUT -p tcp --dport <port number> -j DROP

do the same for udp

nolinuxnollife 07-01-2005 02:16 PM
Hey,

My dear friend Administrator....
I got the same doubt...one day I was checking this I got a nice posting ...I am sorry to say that I for got the URL... but I will give you the idea...
If you think its mandatory u can do this by blocking access to the servers the clients login...


hope you got me...

nolinuxnollife 07-01-2005 02:38 PM
Please help me
 
This is serious issue making my nights mared


Hi,

I used to have a squidguard as web filter running very well for
thepast four years... to say it was a king in my company's network
room.
Due to some virus activity from bloody Windows clients the squidguard
was abruptly shutting down. I searched for another filtering program
where I found as n alternative.
I know that critical settings are the following lines .... I am into
maintenance only .... i.e not that techie... please suggest me
configuration settings for DG ...

another doubt is whether we should parse DG config file in squid.conf
for squidguard...?


**************************

loglevel = 2
logexceptionhits = on
logfileformat = 1

filterip =

filterport = 8080

proxyip = 192.168.1.9
proxyport = 3128

accessdeniedaddress = 'http://localhost:8444'


**************************
I am sure the above settings are giving some problem ...

My public IP is XX.XX.XX.XX (security ... sorry u know it)
my internal gateway is 192.168.1.9

My Squid settings are



+++++++++++++++++++++++++++++++++


#-----------------------------------------------------
# DO NOT MODIFY THIS FILE! It is updated automatically
#-----------------------------------------------------
http_port 8080

icp_port 0
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
acl download_files urlpath_regex \.exe$ \.zip$ \.tar$ \.mpeg$ \.mpg$
\.mp3$ \.a
vi$ \.cda$ \.com$ \.msi$ \.wip$ \.wav$ \.iso$ \.bin$ \.asf$ \.bz2
\.tar.bz2$ \.
tar$ \.rm$ \.m3u$ \.pls$ \.xpl$ \.ra$ \.rm$ \.rmx$ \.rmj$ \.rms$
\.mnd$\.smi$ \.
mov$



acl download_allowed src 192.168.1.4 192.168.1.10 192.168.1.11
192.168.1.16 192.
168.1.12 192.168.1.7 192.168.10.1 192.168.10.4 192.168.1.2
192.168.1.20 192.168.
1.6 192.168.1.3 192.168.1.1 192.168.1.15 192.168.1.14
http_access allow download_files download_allowed
http_access deny download_files


no_cache deny QUERY
cache_mem 32 MB
cache_dir diskd /var/spool/squid 150 16 256
#Redirector
#redirect_program /usr/local/bin/squidGuard -
c /etc/squid/squidGuard.conf
#redirect_children 10

half_closed_clients off

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320

#ACL
acl Eth0 src 192.168.1.0/255.255.255.0
acl Eth0 src 192.168.10.0/255.255.255.0

#acl Eth0 src 10.0.0.0/255.0.0.0
#acl Eth1 src 202.88.191.0/255.255.255.128

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl ftp port 21
acl Safe_ports port 80 21 443 563 70 210 1025-65535
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

http_access deny ftp
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow Eth0
#http_access allow Eth1

http_access deny all
icp_access allow all
miss_access allow all


# user/group
cache_effective_user squid
cache_effective_group squid
visible_hostname firewall.KITSOL.net

#HTTP_ACCEL options
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
append_domain .KITSOL.net

# customized error pages
err_html_text network@...

memory_pools off

+++++++++++++++++++++++++++++++++++++++++



Should I make any changes for DG to work with existing squid?
Should I make any changes for DG config file?

One important thing my firewall (shorewall) and my squid run on same machine...

Should I make any changes to my firewall settings???

Thank you...May Lord keep all System Admins lives specially nights
happy...


All times are GMT -5. The time now is 05:39 AM.