Review your favorite Linux distribution.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 03-30-2005, 11:12 PM   #1
Registered: Sep 2004
Location: Malaysia
Posts: 181

Rep: Reputation: 30
Content Filtering in linux?

Any of you guys using content filtering software? I heard DansGuardian will work but we need to setup proxy server before we use DansGuardian. I am looking for content filtering software which can runs without proxy server

I need to filter MSN messenger in my offfice

Anyone has idea, please help...
Thank You....
Old 03-30-2005, 11:25 PM   #2
Registered: Mar 2005
Location: Cascade Mountains WA USA
Distribution: Linux From Scratch (LFS)
Posts: 149

Rep: Reputation: 16
what do you mean you need to filter MSN messenger? is there too much lewd content? as that's what content filtering refers to, it means to filter unwanted content from a wanted connection.

if you want to block MSN communications totaly then you need to disallow network activity on the port in general. this is done using a firewall.

read the documentation on ipchains and iptables
Old 03-31-2005, 02:07 AM   #3
LQ Newbie
Registered: Apr 2004
Location: Earth
Distribution: Slackware 10, FreeBSD 4.10
Posts: 19

Rep: Reputation: 0
#iptables -A INPUT -p tcp --sport <port number> -j DROP
-> the destnation port can be different but the port on the MSN server is always the same, or you can filter traff from behind the firewall;
#iptables -A OUTPUT -p tcp --dport <port number> -j DROP

do the same for udp
Old 07-01-2005, 03:16 PM   #4
Registered User
Registered: Jan 2005
Location: india
Distribution: RedHat and Madrake
Posts: 55
Blog Entries: 1

Rep: Reputation: 15

My dear friend Administrator....
I got the same day I was checking this I got a nice posting ...I am sorry to say that I for got the URL... but I will give you the idea...
If you think its mandatory u can do this by blocking access to the servers the clients login...

hope you got me...
Old 07-01-2005, 03:38 PM   #5
Registered User
Registered: Jan 2005
Location: india
Distribution: RedHat and Madrake
Posts: 55
Blog Entries: 1

Rep: Reputation: 15
Please help me

This is serious issue making my nights mared


I used to have a squidguard as web filter running very well for
thepast four years... to say it was a king in my company's network
Due to some virus activity from bloody Windows clients the squidguard
was abruptly shutting down. I searched for another filtering program
where I found as n alternative.
I know that critical settings are the following lines .... I am into
maintenance only .... i.e not that techie... please suggest me
configuration settings for DG ...

another doubt is whether we should parse DG config file in squid.conf
for squidguard...?


loglevel = 2
logexceptionhits = on
logfileformat = 1

filterip =

filterport = 8080

proxyip =
proxyport = 3128

accessdeniedaddress = 'http://localhost:8444'

I am sure the above settings are giving some problem ...

My public IP is XX.XX.XX.XX (security ... sorry u know it)
my internal gateway is

My Squid settings are


# DO NOT MODIFY THIS FILE! It is updated automatically
http_port 8080

icp_port 0
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
acl download_files urlpath_regex \.exe$ \.zip$ \.tar$ \.mpeg$ \.mpg$
\.mp3$ \.a
vi$ \.cda$ \.com$ \.msi$ \.wip$ \.wav$ \.iso$ \.bin$ \.asf$ \.bz2
\.tar.bz2$ \.
tar$ \.rm$ \.m3u$ \.pls$ \.xpl$ \.ra$ \.rm$ \.rmx$ \.rmj$ \.rms$
\.mnd$\.smi$ \.

acl download_allowed src 192.
168.1.12 192.168.
http_access allow download_files download_allowed
http_access deny download_files

no_cache deny QUERY
cache_mem 32 MB
cache_dir diskd /var/spool/squid 150 16 256
#redirect_program /usr/local/bin/squidGuard -
c /etc/squid/squidGuard.conf
#redirect_children 10

half_closed_clients off

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320

acl Eth0 src
acl Eth0 src

#acl Eth0 src
#acl Eth1 src

acl all src
acl manager proto cache_object
acl localhost src
acl SSL_ports port 443 563
acl ftp port 21
acl Safe_ports port 80 21 443 563 70 210 1025-65535
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http

http_access deny ftp
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow Eth0
#http_access allow Eth1

http_access deny all
icp_access allow all
miss_access allow all

# user/group
cache_effective_user squid
cache_effective_group squid

#HTTP_ACCEL options
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

# customized error pages
err_html_text network@...

memory_pools off


Should I make any changes for DG to work with existing squid?
Should I make any changes for DG config file?

One important thing my firewall (shorewall) and my squid run on same machine...

Should I make any changes to my firewall settings???

Thank you...May Lord keep all System Admins lives specially nights

Last edited by nolinuxnollife; 07-01-2005 at 03:40 PM.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Content Filtering using Squid toraghun Red Hat 3 11-10-2005 11:42 PM
Possible to get around content-filtering software? servnov Linux - Security 2 09-27-2005 08:11 AM
Ubuntu & Content Filtering davidbee Linux - Newbie 1 05-22-2005 06:25 PM
iptables and content filtering evan1821 Linux - Security 1 06-09-2004 02:03 PM
I need a Linux Content/Application Filtering Firewall rootking Linux - Networking 1 10-18-2003 08:39 AM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 11:10 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration