Web Filter

[Ric_]

Shh, or I'll grep you!

Promises Promises!

[apeo]

Thanks for all the replies ppl, its been v.useful and i will naturally have a look at all the elements discussed. Going back to the first post Geoff, err answer would be.. er all of the above would be nice (told you Im a nix Newb ).

[SpuffMonkey]

Have you thought of going over to the VMWare Site - d/l a (free) copy of VMWare Player, then have a browse through their free appliances list (VMWare Appliances) - there is a Squid/Dansguard one - d/l it, load it up in Player and Bob's yer uncle - jobs a goodun - well nearly....

So Geoff - how do you point Squid via the RBC proxy? Haven'y quite worked that out yet.

Oh - and there are some fab Network Monitoring appliances - even an Online Learning Suite and a setup for secure diskless Internet Cafe PCs amongst hundreds - its a great resource.

[NetworkGeezer]

Look in the squid.conf file for the cache_peer tag you need to set it to something like

Code:

cache_peer proxy.yourisp.com parent 3128 3130
prefer_direct off

[Geoff]

prefer_direct isn't sufficent, plus your cache_peer syntax is wrong. Consider the following:

Code:

#Define upstream proxy

cache_peer proxy.lancsngfl.ac.uk parent 8080 7 no-query default

#Local LEA
acl local_external dstdomain lancsngfl.ac.uk

#Local domain
acl local_servers dstdomain st-michaels-ce23.lancsngfl.ac.uk

#LAN IP Range
acl local_ip_range dst 10.81.104.0/255.255.255.0

# Don't go via another proxy for these addresses
always_direct allow local_external
always_direct allow local_servers
always_direct allow local_ip_range
never_direct allow all

[apeo]

Sorry to dig this up again after such a long time but i finally got some time to read up on/learn Ubuntu. Didnt really get far but making slow progress.. Anyway heres my problem, I've added my Ubuntu box to the domain but the annoying thing is that when I do a find computer in AD Users and Computers it finds it but it shows its machine role as Domain Controller. I then checked it by looking at its properties and its role there is Workstation or Server.

Any ideas why there is a conflict? Here is whats in my smb.conf file (note most of the config are default settings):

[global]
workgroup = MY
realm = MY.DOMAIN
server string = %h server (Samba, Ubuntu)
security = ADS
obey pam restrictions = Yes
passdb backend = tdbsam
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
dns proxy = No
panic action = /usr/share/samba/panic-action %d
invalid users = root

[printers]
comment = All Printers
path = /tmp
create mask = 0700
printable = Yes
browseable = No

[print$]
comment = Printer Drivers
path = /var/lib/samba/printers

[ChrisH]

Its normal that it shows up like that in AD users and computers. I wouldnt worry about ti.

[apeo]

Oh right.. just wanted to make sure. Thanks for the input, gonna plod along and do some more configuring now.

[mitcheln]

just for information about hardware really: i run a shorewall/dansguardian/squid setup on debian stable on a 733 P3 with 256MB of RAM and a 20GB hdd. Its a small site - 60 PCs - but it runs very happily.

[apeo]

Ok I think ive set it all up now and appears to be working properly. I just need to sort out the blacklist and praselist, exactly how do i do this? Can someone tell me what the command to find out what the versions of the different packages/software eg if i wanted to find out what version of dansguardian, how would i do it? Also I installed dansguardian from the universe/multiverse list, does this mean that if i do an apt-get upgrade it will upgrade dansguardian?

[Geoff]

Also I installed dansguardian from the universe/multiverse list, does this mean that if i do an apt-get upgrade it will upgrade dansguardian?

Yes, apt will keep dansguardian up to date.

Ok I think ive set it all up now and appears to be working properly. I just need to sort out the blacklist and praselist, exactly how do i do this?

You can get phraselist updates from The Phrase Master for free.

http://contentfilter.futuragts.com/phraselists/

You can get regular updates for your blacklists from urlblacklist.com for not very much money.

http://urlblacklist.com/

URLBlacklist also has a auto update script you can download and use as a cron job if you wish.

Can someone tell me what the command to find out what the versions of the different packages/software eg if i wanted to find out what version of dansguardian, how would i do it?

Code:

root@proxy:~# dansguardian -v
DansGuardian 2.9.7.5

Built with: '--enable-clamav' '--enable-email' '--enable-ntlm' '--enable-clamd'

[HodgeHi]

i installed censornet onto an old box and found it to be pretty simple (i'm not that great with linux, see the many threads...) to configure and run. It lets you pull the users from the ad and also scan the network for machines or import a dhcp file.

There is the web-based system that lets you gather reports on usage and you can also restrict PCs or users in certain groups.

All in all pretty good really, and authentication is through AD as well.

[apeo]

Thanks for your input, appreciate it. Ok extracted the blacklist and phraselists into the dansguardian directory now all i have to do is restart dansguardian right? i dont have to make any config changes for it to pick up the lists.. While im at it if i want to add my own list be it blacklist or phraselist how do i do it? which file do i edit? E.g. i want to ban foo.bar.com or ban the word 'NaughtyWord', how would i add it in?

[Geoff]

now all i have to do is restart dansguardian right?

Code:

/etc/init.d/dansguardian restart

Does the job but there are more gentle ways to do it (Doesn't disconnect existing client sessions).

Code:

dansguardian -g

i dont have to make any config changes for it to pick up the lists.. While im at it if i want to add my own list be it blacklist or phraselist how do i do it? which file do i edit? E.g. i want to ban foo.bar.com or ban the word 'NaughtyWord', how would i add it in?

Depends. There are several files in the lists folder to control differing things. You will need to edit some to make your phrase lists/black lists function.

Ban Lists

bannedextensionlist - File type extension bans. Here you can ban .exe, .mp3 etc.

bannedmimetypelist - File mime type extension bans. Here you can ban text/plain, application/executable, etc.

bannedregexpurllist - URL regular expression bans. Here you can ban parts of sites with urls matching certain words or phrases. eg

Code:

(images.google){1,}.*(\.jpg|\.wmv|\.mpg|\.mpeg|\.gif|\.mov)

blocks google video/images. Additionally you'll want to include the 'expressions' blacklists in this file like so:

Code:

.Include</etc/dansguardian/lists/blacklists/adult/expressions>

bannedurllist - URL Ban list. When you only need to ban part of a site. So for example you with to allow www.somesite.com but not www.somesite.com/forums you'd add the forums url here. You'll also want to include the 'urls' list from your downloaded blacklists in this file too:

Code:

.Include</etc/dansguardian/blacklists/adult/urls>

bannediplist - IP Ban list. This prevents CLIENT machines with the listed IP's from using the proxy. So if you have a machine on ip 10.0.0.5 infested with spyware and you want to stop it from sending spam via some webform you can list its ip here and deny it internet access.

bannedphraselist - List of weighted phrases for the phrase match filtering. You need to include your downloaded phraselists here too:

Code:

.Include</etc/dansguardian/lists/phraselists/pornography/banned>

bannedsitelist - List of banned domains. eg google.com. You need to include your blacklists 'domain' files here:

Code:

.Include</etc/dansguardian/blacklists/adult/domains>

[apeo]

Ah ok.. right. Just one more question, you have given examples of code which im not entirely sure what to do with (bearing in mind that im a complete nix newb). ops: