I have been using DANSGUARDIAN and SquidGuard for many years and am not complete happy with it. I am looking for a web filter that has corporate strength features and will allow me a lot more flexability then DANSGUARDIAN. This product is good for a SOHO or a for the family but I need something that can handle a small business with 50 plus nodes+. Any suggestions?

Well. I'm using squid and dansguardian too. When I first looked into it I investigated http://www.untangle.com/, but could get it to install on my low end hardware.

Smoothwall has commercial appliances and software that are as powerful at filtering etc.

However, DansGuardian isn't THAT bad. I know of at least one school of 1000+ users that is using it 24/7 as the primary Internet filter (and transparent proxy/bridge, so ALL Internet-bound traffic passes through that single machine without any problems). The PC it runs on is an old server, not that high-spec, and it copes admirably. Granted, you really need a nice GUI on top to manage it properly but when there's only ever really one person or a small team managing something like that, a few shell scripts or a single PHP page can more than comfortably handle the majority of common features. Your situation might be different, however.

Give Smoothwall a call - they were very knowledgeable and helpful last time I spoke to them.

I was hoping to find something for free that competes with it. Thanks

Mainly to OP:

1. What are you not completely happy with? How about a couple of examples to give us a feel for the source of your discontent?
2. In what way(s) does DansGuardian lack flexibility? Again, just 1 or 2 examples would suffice.
3. Thanks, Jay, for the Untangle link -- it's very interesting. Unfortunately, I suspect the advanced, more flexible, features are not free:
   (from http://wiki.untangle.com/index.php/Policy_Management)
   Quote:

   Advanced Policy Management with 'Custom Racks' is currently only available in the Professional Package. You can, however, create 'No Rack' and 'Default Rack' policies in the Open Source version.

4. I presume you are aware of SmoothWall Express, the community (free) version, & do not think it meets your needs.
5. IPCop, which is free in both senses, started out as fork of SmoothWall -- would it work for you?
6. Last time I looked, Dan works for SmoothWall, Ltd.

What I mean is granularity, tracking, particial subnet isolation. Well for example with dansguardian you cannot simply filter certain urls between specific nodes, it is either all or nothing. Let say for example there is a user on subnet 192.168.10.0/27 and you wanted to block streaming, myspace.com and ebay and on another subnet 192.168.9.0/27 you would allow these sites but block out washingtonpost.com, suntimes.com, linuxquestions.com, you cannot simply do that with bannedurllist.conf or bannediplist.conf. It is either all or nothing. What I am saying is I want granularity of isolating certain parts of a subnet or individually. What about a SOHO. You have user1 who is wasting time online shopping and user2 is wasting time on ebay but user1 needs access to ebay to perform her job. Please tell me how I would do this with DANSGUARDIAN. If that is possible then please show me a decent how-to on what I am trying to accomplish. It certainly hasnt been provided by

dansguardian.org

or a google search.

Also reporting would be a nice feature.

IIRC this was tedious to do in earlier DG versions (I would actually run several DGs and have the router take clients to the appropriate instance based on source IP and MAC). It should, however, be pretty straight-forward using the 2.9.x.x branch, as AFAICT it includes an IP authentication plugin which lets you set different filters for different groups.

Thanks for the reply. It seems very tedious. I guess DANSGUARDIAN stands alone for free stuff. I will try running a couple of instances of DANSGUARDIAN and see what happens. I guess what I was looking for was a product that could do all of this from one central location and not have to go through all of these loops. Many thanks

I think you misunderstood my post. I know from experience that it used to be tedious on prior versions. But AFAICT this is not the case anymore with the 2.9.x.x branch. I downloaded a tarball a few minutes ago to have a look and got the impression you could achieve what you want without any major fuss at all.

Ill give it a shot. thanks

I think squid guard might be able to do what you were talking about in your example. Here's a link to its docs talking about limiting based on IP address.

http://www.squidguard.org/Doc/extended.html#sourceIP

I guess you would also need Squid installed but that might offer a speed boost in that it's a web cache.

After using DANSGUARDIAN AND SQUIDGURAD I suggest you should try to use SafeSquid having a multithreaded architcure and having far more better features and benefits .It has a browser based GUI interface which gives much more flexibility in terms of Content Filtering .Its an open source software and i have personally used it i can provide you with the details of it and provide you the link for its installation which is free upto three users and then you can commercially but the product starting from 5 to 1000 users depending upon how many users are there.
You can just type safesquid on your search engine and then the website of SafeSquid will guide you and solve all your constant queries.
I can provide and help you with the installation process of it.

karanb17, after reading your intro, I suspect you're using your LQ privileges for the sole purpose of pushing a software product. I guarantee you that your LQ privileges will be revoked if you continue down this path. You've been warned.