Any of you guys using content filtering software? I heard DansGuardian will work but we need to setup proxy server before we use DansGuardian. I am looking for content filtering software which can runs without proxy server

I need to filter MSN messenger in my offfice

Anyone has idea, please help...
Thank You....

what do you mean you need to filter MSN messenger? is there too much lewd content? as that's what content filtering refers to, it means to filter unwanted content from a wanted connection.

if you want to block MSN communications totaly then you need to disallow network activity on the port in general. this is done using a firewall.

read the documentation on ipchains and iptables

#iptables -A INPUT -p tcp --sport <port number> -j DROP
-> the destnation port can be different but the port on the MSN server is always the same, or you can filter traff from behind the firewall;
#iptables -A OUTPUT -p tcp --dport <port number> -j DROP

do the same for udp

Hey,

My dear friend Administrator....
I got the same doubt...one day I was checking this I got a nice posting ...I am sorry to say that I for got the URL... but I will give you the idea...
If you think its mandatory u can do this by blocking access to the servers the clients login...


hope you got me...

This is serious issue making my nights mared


Hi,

I used to have a squidguard as web filter running very well for
thepast four years... to say it was a king in my company's network
room.
Due to some virus activity from bloody Windows clients the squidguard
was abruptly shutting down. I searched for another filtering program
where I found as n alternative.
I know that critical settings are the following lines .... I am into
maintenance only .... i.e not that techie... please suggest me
configuration settings for DG ...

another doubt is whether we should parse DG config file in squid.conf
for squidguard...?


**************************

loglevel = 2
logexceptionhits = on
logfileformat = 1

filterip =

filterport = 8080

proxyip = 192.168.1.9
proxyport = 3128

accessdeniedaddress = 'http://localhost:8444'


**************************
I am sure the above settings are giving some problem ...

My public IP is XX.XX.XX.XX (security ... sorry u know it)
my internal gateway is 192.168.1.9

My Squid settings are



+++++++++++++++++++++++++++++++++


#-----------------------------------------------------
# DO NOT MODIFY THIS FILE! It is updated automatically
#-----------------------------------------------------
http_port 8080

icp_port 0
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
acl download_files urlpath_regex \.exe$ \.zip$ \.tar$ \.mpeg$ \.mpg$
\.mp3$ \.a
vi$ \.cda$ \.com$ \.msi$ \.wip$ \.wav$ \.iso$ \.bin$ \.asf$ \.bz2
\.tar.bz2$ \.
tar$ \.rm$ \.m3u$ \.pls$ \.xpl$ \.ra$ \.rm$ \.rmx$ \.rmj$ \.rms$
\.mnd$\.smi$ \.
mov$



acl download_allowed src 192.168.1.4 192.168.1.10 192.168.1.11
192.168.1.16 192.
168.1.12 192.168.1.7 192.168.10.1 192.168.10.4 192.168.1.2
192.168.1.20 192.168.
1.6 192.168.1.3 192.168.1.1 192.168.1.15 192.168.1.14
http_access allow download_files download_allowed
http_access deny download_files


no_cache deny QUERY
cache_mem 32 MB
cache_dir diskd /var/spool/squid 150 16 256
#Redirector
#redirect_program /usr/local/bin/squidGuard -
c /etc/squid/squidGuard.conf
#redirect_children 10

half_closed_clients off

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320

#ACL
acl Eth0 src 192.168.1.0/255.255.255.0
acl Eth0 src 192.168.10.0/255.255.255.0

#acl Eth0 src 10.0.0.0/255.0.0.0
#acl Eth1 src 202.88.191.0/255.255.255.128

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl ftp port 21
acl Safe_ports port 80 21 443 563 70 210 1025-65535
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

http_access deny ftp
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow Eth0
#http_access allow Eth1

http_access deny all
icp_access allow all
miss_access allow all


# user/group
cache_effective_user squid
cache_effective_group squid
visible_hostname firewall.KITSOL.net

#HTTP_ACCEL options
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
append_domain .KITSOL.net

# customized error pages
err_html_text network@...

memory_pools off

+++++++++++++++++++++++++++++++++++++++++



Should I make any changes for DG to work with existing squid?
Should I make any changes for DG config file?

One important thing my firewall (shorewall) and my squid run on same machine...

Should I make any changes to my firewall settings???

Thank you...May Lord keep all System Admins lives specially nights
happy...