+ Post New Thread
Results 1 to 9 of 9
Internet Related/Filtering/Firewall Thread, Smoothwall Config in Technical; I was wondering if anyone could share with me what sort of changes they have made to their smoothwall system ...
  1. #1

    Join Date
    Nov 2007
    Location
    Rotherham
    Posts
    1,678
    Thank Post
    122
    Thanked 126 Times in 102 Posts
    Rep Power
    46

    Smoothwall Config

    I was wondering if anyone could share with me what sort of changes they have made to their smoothwall system for their school (13-18 age group).

    It seems that the default is causing a few problems. Some sites are just the pupil's complaining but some are actually usefull sites that are blocked, mostly I believe by the adaptave content checking.

    I've just upped the trip limit to "160" but I was wondering if any of the experienced people out there had any suggestions for configuration changes.

  2. #2

    john's Avatar
    Join Date
    Sep 2005
    Location
    London
    Posts
    10,407
    Thank Post
    1,520
    Thanked 1,057 Times in 926 Posts
    Rep Power
    303
    In my setup I have actually got it at 100 for the filtering and don't find it a major issue, I do have a well established allow list for educational sites, especially flash interactive ones which get caught up in the Flash Filter, but have done very little other modifications to the product. I think I've only got 3 or 4 expressions added in and that's just to adjust the weighting of one or two words which are problematic words.

  3. #3


    Join Date
    Dec 2005
    Location
    In the server room, with the lead pipe.
    Posts
    4,684
    Thank Post
    279
    Thanked 784 Times in 611 Posts
    Rep Power
    224
    Yeah - allowing known good sites that we need and moaning at nile_c whenever a particular category is being retarded seems to work for us.

  4. #4

    Join Date
    Nov 2007
    Location
    Rotherham
    Posts
    1,678
    Thank Post
    122
    Thanked 126 Times in 102 Posts
    Rep Power
    46
    OK so I've been playing and whilst I've sort of improved it a bit I've come accross something I couldn't get round.
    "Allowing" news sites to stop them being blocked by the adaptive filtering. This then enables the whole of sky.com including the Skyplayer, which I don't want. But I can't block it as the allow overrides the block.

    If I turn off the allow news then it blocks some news sites (even with the "good content" news fiter turned on) on certain pages.

  5. #5


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,485
    Thank Post
    867
    Thanked 854 Times in 675 Posts
    Rep Power
    197
    Stuart - as pete says - talk to nile on monday, we may be able to tweak your config.
    John - if you could send us any exceptions/mods you have...

    We will be making some big changes to the engine soon, and news sites are one of the areas which will benefit from this.

  6. #6
    DMcCoy's Avatar
    Join Date
    Oct 2005
    Location
    Isle of Wight
    Posts
    3,484
    Thank Post
    10
    Thanked 502 Times in 442 Posts
    Rep Power
    114
    It would be nice to apply custom exception list changes without restarting the proxy. In NTLM auth mode it can take up to 2 minutes for guardian to restart which is a bit too long during the day.

    Oh, testing the new auth module atm and it now works fine with our 2008 R2 native domain (with default domain policies - no reduction in signing etc). I think 3.2m web requests in 2 days was probably a reasonable volume for the test

  7. #7


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,485
    Thank Post
    867
    Thanked 854 Times in 675 Posts
    Rep Power
    197
    Dave - if you are talking about your custom white/black lists, that's one of the core design decisions in the new engine. Some data will be considered volatile - this means it should be able to be changed with no restart at all. Custom URL lists will fall into this category. If you're talking do-not-auth-for these domains, that will certainly see some improvement, as right now, auth is split between squid and guardian, depending on your method, so a change to dnaf means - yep, you guessed it - bumping squid. Yuck. Anyway, new guardian will be taking over all frontend auth duties, which will mean a shorter reload or none at all. I'll ask the devs what the plan is.

    Thanks very much for being one of our testers. Your proximity to the development team there is always re-assuring as we can get bodies on-site in hours if it goes wrong! Sounds like you've had a good chunk of activity through it as well - that's really great news - i have been out of the office a couple of days so haven't been keeping up with newauth recently. Remind me I owe you a beer or 3 next BETT.

  8. #8

    Join Date
    Nov 2007
    Location
    Rotherham
    Posts
    1,678
    Thank Post
    122
    Thanked 126 Times in 102 Posts
    Rep Power
    46
    Tom,
    Did I read somewhere that you would be ably to modify the order in which block/apply rules appear in the list? Will that mean that I could leave my custom block rules near the top and have them always blocked even if the categories are allowed further down?

  9. #9


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,485
    Thank Post
    867
    Thanked 854 Times in 675 Posts
    Rep Power
    197
    @Stuart - presently that isn't an option, that's added with an update in October.
    There options to do what you need however... I'll get Nile on the case.

SHARE:
+ Post New Thread

Similar Threads

  1. Replies: 20
    Last Post: 30th April 2012, 01:26 PM
  2. Cisco Ap1240AG Config
    By LukeC in forum Wireless Networks
    Replies: 4
    Last Post: 5th October 2009, 12:34 PM
  3. config.php
    By Hightower in forum Coding
    Replies: 9
    Last Post: 11th December 2008, 03:48 PM
  4. Using PXES Config
    By adamyoung in forum Thin Client and Virtual Machines
    Replies: 2
    Last Post: 25th May 2006, 09:33 AM
  5. Samba config
    By Dos_Box in forum *nix
    Replies: 7
    Last Post: 19th October 2005, 09:21 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •