LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 03-30-2005, 11:12 PM   #1
dwarf007
Member
 
Registered: Sep 2004
Location: Malaysia
Posts: 181

Rep: Reputation: 30
Content Filtering in linux?


Any of you guys using content filtering software? I heard DansGuardian will work but we need to setup proxy server before we use DansGuardian. I am looking for content filtering software which can runs without proxy server

I need to filter MSN messenger in my offfice

Anyone has idea, please help...
Thank You....
 
Old 03-30-2005, 11:25 PM   #2
taxtropel
Member
 
Registered: Mar 2005
Location: Cascade Mountains WA USA
Distribution: Linux From Scratch (LFS)
Posts: 149

Rep: Reputation: 16
what do you mean you need to filter MSN messenger? is there too much lewd content? as that's what content filtering refers to, it means to filter unwanted content from a wanted connection.

if you want to block MSN communications totaly then you need to disallow network activity on the port in general. this is done using a firewall.

read the documentation on ipchains and iptables
 
Old 03-31-2005, 02:07 AM   #3
makko
LQ Newbie
 
Registered: Apr 2004
Location: Earth
Distribution: Slackware 10, FreeBSD 4.10
Posts: 19

Rep: Reputation: 0
#iptables -A INPUT -p tcp --sport <port number> -j DROP
-> the destnation port can be different but the port on the MSN server is always the same, or you can filter traff from behind the firewall;
#iptables -A OUTPUT -p tcp --dport <port number> -j DROP

do the same for udp
 
Old 07-01-2005, 03:16 PM   #4
nolinuxnollife
Registered User
 
Registered: Jan 2005
Location: india
Distribution: RedHat and Madrake
Posts: 55
Blog Entries: 1

Rep: Reputation: 15
Hey,

My dear friend Administrator....
I got the same doubt...one day I was checking this I got a nice posting ...I am sorry to say that I for got the URL... but I will give you the idea...
If you think its mandatory u can do this by blocking access to the servers the clients login...


hope you got me...
 
Old 07-01-2005, 03:38 PM   #5
nolinuxnollife
Registered User
 
Registered: Jan 2005
Location: india
Distribution: RedHat and Madrake
Posts: 55
Blog Entries: 1

Rep: Reputation: 15
Please help me

This is serious issue making my nights mared


Hi,

I used to have a squidguard as web filter running very well for
thepast four years... to say it was a king in my company's network
room.
Due to some virus activity from bloody Windows clients the squidguard
was abruptly shutting down. I searched for another filtering program
where I found as n alternative.
I know that critical settings are the following lines .... I am into
maintenance only .... i.e not that techie... please suggest me
configuration settings for DG ...

another doubt is whether we should parse DG config file in squid.conf
for squidguard...?


**************************

loglevel = 2
logexceptionhits = on
logfileformat = 1

filterip =

filterport = 8080

proxyip = 192.168.1.9
proxyport = 3128

accessdeniedaddress = 'http://localhost:8444'


**************************
I am sure the above settings are giving some problem ...

My public IP is XX.XX.XX.XX (security ... sorry u know it)
my internal gateway is 192.168.1.9

My Squid settings are



+++++++++++++++++++++++++++++++++


#-----------------------------------------------------
# DO NOT MODIFY THIS FILE! It is updated automatically
#-----------------------------------------------------
http_port 8080

icp_port 0
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
acl download_files urlpath_regex \.exe$ \.zip$ \.tar$ \.mpeg$ \.mpg$
\.mp3$ \.a
vi$ \.cda$ \.com$ \.msi$ \.wip$ \.wav$ \.iso$ \.bin$ \.asf$ \.bz2
\.tar.bz2$ \.
tar$ \.rm$ \.m3u$ \.pls$ \.xpl$ \.ra$ \.rm$ \.rmx$ \.rmj$ \.rms$
\.mnd$\.smi$ \.
mov$



acl download_allowed src 192.168.1.4 192.168.1.10 192.168.1.11
192.168.1.16 192.
168.1.12 192.168.1.7 192.168.10.1 192.168.10.4 192.168.1.2
192.168.1.20 192.168.
1.6 192.168.1.3 192.168.1.1 192.168.1.15 192.168.1.14
http_access allow download_files download_allowed
http_access deny download_files


no_cache deny QUERY
cache_mem 32 MB
cache_dir diskd /var/spool/squid 150 16 256
#Redirector
#redirect_program /usr/local/bin/squidGuard -
c /etc/squid/squidGuard.conf
#redirect_children 10

half_closed_clients off

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320

#ACL
acl Eth0 src 192.168.1.0/255.255.255.0
acl Eth0 src 192.168.10.0/255.255.255.0

#acl Eth0 src 10.0.0.0/255.0.0.0
#acl Eth1 src 202.88.191.0/255.255.255.128

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl ftp port 21
acl Safe_ports port 80 21 443 563 70 210 1025-65535
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

http_access deny ftp
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow Eth0
#http_access allow Eth1

http_access deny all
icp_access allow all
miss_access allow all


# user/group
cache_effective_user squid
cache_effective_group squid
visible_hostname firewall.KITSOL.net

#HTTP_ACCEL options
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
append_domain .KITSOL.net

# customized error pages
err_html_text network@...

memory_pools off

+++++++++++++++++++++++++++++++++++++++++



Should I make any changes for DG to work with existing squid?
Should I make any changes for DG config file?

One important thing my firewall (shorewall) and my squid run on same machine...

Should I make any changes to my firewall settings???

Thank you...May Lord keep all System Admins lives specially nights
happy...


Last edited by nolinuxnollife; 07-01-2005 at 03:40 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Content Filtering using Squid toraghun Red Hat 3 11-10-2005 11:42 PM
Possible to get around content-filtering software? servnov Linux - Security 2 09-27-2005 08:11 AM
Ubuntu & Content Filtering davidbee Linux - Newbie 1 05-22-2005 06:25 PM
iptables and content filtering evan1821 Linux - Security 1 06-09-2004 02:03 PM
I need a Linux Content/Application Filtering Firewall rootking Linux - Networking 1 10-18-2003 08:39 AM


All times are GMT -5. The time now is 04:29 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration