|
|
- # e2guardian filter group config file for version 3.0.4
-
-
- # Filter group mode
- # This option determines whether members of this group have their web access
- # unfiltered, filtered, or banned.
- #
- # 0 = banned
- # 1 = filtered
- # 2 = unfiltered (exception)
- #
- # Only filter groups with a mode of 1 need to define phrase, URL, site, extension,
- # mimetype and PICS lists; in other modes, these options are ignored to conserve
- # memory.
- #
- # Defaults to 0 if unspecified.
- # Unauthenticated users are treated as being in the first filter group.
- groupmode = 1
-
- # Filter group name
- # Used to fill in the -FILTERGROUP- placeholder in the HTML template file, and to
- # name the group in the access logs
- # Defaults to empty string
- #groupname = ''
- groupname = ''
-
- # Content filtering files location
- bannedphraselist = 'etc/e2guardian/lists/bannedphraselist'
- weightedphraselist = 'etc/e2guardian/lists/weightedphraselist'
- exceptionphraselist = 'etc/e2guardian/lists/exceptionphraselist'
- bannedsitelist = 'etc/e2guardian/lists/bannedsitelist'
- greysitelist = 'etc/e2guardian/lists/greysitelist'
- bannedsslsitelist = 'etc/e2guardian/lists/bannedsslsitelist'
- greysslsitelist = 'etc/e2guardian/lists/greysslsitelist'
- exceptionsitelist = 'etc/e2guardian/lists/exceptionsitelist'
- bannedurllist = 'etc/e2guardian/lists/bannedurllist'
- greyurllist = 'etc/e2guardian/lists/greyurllist'
- exceptionurllist = 'etc/e2guardian/lists/exceptionurllist'
- exceptionregexpurllist = 'etc/e2guardian/lists/exceptionregexpurllist'
- bannedregexpurllist = 'etc/e2guardian/lists/bannedregexpurllist'
- picsfile = 'etc/e2guardian/lists/pics'
- contentregexplist = 'etc/e2guardian/lists/contentregexplist'
- urlregexplist = 'etc/e2guardian/lists/urlregexplist'
- refererexceptionsitelist = 'etc/e2guardian/lists/refererexceptionsitelist'
- refererexceptionurllist = 'etc/e2guardian/lists/refererexceptionurllist'
- embededreferersitelist = 'etc/e2guardian/lists/embededreferersitelist'
- embededrefererurllist = 'etc/e2guardian/lists/embededrefererurllist'
- urlredirectregexplist = 'etc/e2guardian/lists/urlredirectregexplist'
-
- # local versions of lists (where LOCAL_LISTS enabled)
- #localbannedsitelist = 'etc/e2guardian/lists/localbannedsitelist'
- #localgreysitelist = 'etc/e2guardian/lists/localgreysitelist'
- #localexceptionsitelist = 'etc/e2guardian/lists/localexceptionsitelist'
- #localbannedurllist = 'etc/e2guardian/lists/localbannedurllist'
- #localgreyurllist = 'etc/e2guardian/lists/localgreyurllist'
- #localexceptionurllist = 'etc/e2guardian/lists/localexceptionurllist'
- #localbannedsslsitelist = 'etc/e2guardian/lists/localbannedsslsitelist'
- #localgreysslsitelist = 'etc/e2guardian/lists/localgreysslsitelist'
- #localbannedsearchlist = 'etc/e2guardian/lists/localbannedsearchlist'
-
- !! Not compiled !! authexceptionsitelist = 'etc/e2guardian/lists/authexceptionsitelist'
- !! Not compiled !! authexceptionurllist = 'etc/e2guardian/lists/authexceptionurllist'
-
- # Filetype filtering
- #
- # Allow bannedregexpurllist with grey list mode
- # bannedregexpheaderlist and bannedregexpurllist
- #
- # bannedregexwithblanketblock = off
- #
- # Blanket download blocking
- # If enabled, all files will be blocked, unless they match the
- # exceptionextensionlist or exceptionmimetypelist.
- # These lists do not override virus scanning.
- # Exception lists defined above override all types of filtering, including
- # the blanket download block.
- # Defaults to disabled.
- # (on | off)
- #
- blockdownloads = off
- exceptionextensionlist = 'etc/e2guardian/lists/exceptionextensionlist'
- exceptionmimetypelist = 'etc/e2guardian/lists/exceptionmimetypelist'
- #
- # Use the following lists to block specific kinds of file downloads.
- # The two exception lists above can be used to override these.
- #
- bannedextensionlist = 'etc/e2guardian/lists/bannedextensionlist'
- bannedmimetypelist = 'etc/e2guardian/lists/bannedmimetypelist'
- #
- # In either file filtering mode, the following list can be used to override
- # MIME type & extension blocks for particular domains & URLs (trusted download sites).
- #
- exceptionfilesitelist = 'etc/e2guardian/lists/exceptionfilesitelist'
- exceptionfileurllist = 'etc/e2guardian/lists/exceptionfileurllist'
-
- # POST protection (web upload and forms)
- # does not block forms without any file upload, i.e. this is just for
- # blocking or limiting uploads
- # measured in kibibytes after MIME encoding and header bumph
- # use 0 for a complete block
- # use higher (e.g. 512 = 512Kbytes) for limiting
- # use -1 for no blocking
- #maxuploadsize = 512
- #maxuploadsize = 0
- maxuploadsize = -1
-
- # Categorise without blocking:
- # Supply categorised lists here and the category string shall be logged against
- # matching requests, but matching these lists does not perform any filtering
- # action.
- #logsitelist = 'etc/e2guardian/lists/logsitelist'
- #logurllist = 'etc/e2guardian/lists/logurllist'
- #logregexpurllist = 'etc/e2guardian/lists/logregexpurllist'
-
- # Outgoing HTTP header rules:
- # Optional lists for blocking based on, and modification of, outgoing HTTP
- # request headers. Format for headerregexplist is one modification rule per
- # line, similar to content/URL modifications. Format for
- # bannedregexpheaderlist is one regular expression per line, with matching
- # headers causing a request to be blocked.
- # Headers are matched/replaced on a line-by-line basis, not as a contiguous
- # block.
- # Use for example, to remove cookies or prevent certain user-agents.
- headerregexplist = 'etc/e2guardian/lists/headerregexplist'
- bannedregexpheaderlist = 'etc/e2guardian/lists/bannedregexpheaderlist'
- addheaderregexplist = 'etc/e2guardian/lists/addheaderregexplist'
-
- # Weighted phrase mode
- # Optional; overrides the weightedphrasemode option in e2guardian.conf
- # for this particular group. See documentation for supported values in
- # that file.
- #weightedphrasemode = 0
-
- # Naughtiness limit
- # This the limit over which the page will be blocked. Each weighted phrase is given
- # a value either positive or negative and the values added up. Phrases to do with
- # good subjects will have negative values, and bad subjects will have positive
- # values. See the weightedphraselist file for examples.
- # As a guide:
- # 50 is for young children, 100 for old children, 160 for young adults.
- naughtynesslimit = 50
-
- # Search term blocking
- # Search terms can be extracted from search URLs and filtered using one or
- # both of two different methods.
-
- # Method 1 is that developed by Protex where specific
- # search terms are contained in a bannedsearchlist.
- # (localbannedsearchlist and bannedsearchoveridelist can be used to suppliment
- # and overide this list as required.)
- # These lists contain banned search words combinations on each line.
- # Words are separated by '+' and must be in sorted order within a line.
- # so to block 'sexy girl' then the list must contain the line
- # girl+sexy
- # and this will block both 'sexy girl' and 'girl sexy'
- # To use this method, the searchregexplist must be enabled and the bannedsearchlist(s) defined
-
- # Method 2 is uses the
- # bannedphraselist, weightedphraselist and exceptionphraselist, with a separate
- # threshold for blocking than that used for normal page content.
- # To do this, the searchregexplist must be enabled and searchtermlimit
- # must be grater than 0.
-
- #
- # Search engine regular expression list (need for both options)
- # List of regular expressions for matching search engine URLs. It is assumed
- # that the search terms themselves will be contained in the
- # of output of each expression.
- #searchregexplist = 'etc/e2guardian/lists/searchregexplist'
- #
- # Banned Search Term list(s) for option 1
- #bannedsearchlist = 'etc/e2guardian/lists/bannedsearchlist'
- #bannedsearchoveridelist = 'etc/e2guardian/lists/bannedsearchoveridelist'
-
-
- # Search term limit (for Option 2)
- # The limit over which requests will be blocked for containing search terms
- # which match the weightedphraselist. This should usually be lower than the
- # 'naughtynesslimit' value above, because the amount of text being filtered
- # is only a few words, rather than a whole page.
- # This option must be uncommented if searchregexplist is uncommented.
- # A value of 0 here indicates that search terms should be extracted,
- # but no phrase filtering should be performed on the resulting text.
- #searchtermlimit = 0
- #
- # Search term phrase lists (for Option 2)
- # If the three lines below are uncommented, search term blocking will use
- # the banned, weighted & exception phrases from these lists, instead of using
- # the same phrase lists as for page content. This is optional but recommended,
- # as weights for individual phrases in the "normal" lists may not be
- # appropriate for blocking when those phrases appear in a much smaller block
- # of text.
- # Please note that all or none of the below should be uncommented, not a
- # mixture.
- #bannedsearchtermlist = 'etc/e2guardian/lists/bannedsearchtermlist'
- #weightedsearchtermlist = 'etc/e2guardian/lists/weightedsearchtermlist'
- #exceptionsearchtermlist = 'etc/e2guardian/lists/exceptionsearchtermlist'
-
- # Category display threshold
- # This option only applies to pages blocked by weighted phrase filtering.
- # Defines the minimum score that must be accumulated within a particular
- # category in order for it to show up on the block pages' category list.
- # All categories under which the page scores positively will be logged; those
- # that were not displayed to the user appear in brackets.
- #
- # -1 = display only the highest scoring category
- # 0 = display all categories (default)
- # > 0 = minimum score for a category to be displayed
- categorydisplaythreshold = 0
-
- # Embedded URL weighting
- # When set to something greater than zero, this option causes URLs embedded within a
- # page's HTML (from links, image tags, etc.) to be extracted and checked against the
- # bannedsitelist and bannedurllist. Each link to a banned page causes the amount set
- # here to be added to the page's weighting.
- # The behaviour of this option with regards to multiple occurrences of a site/URL is
- # affected by the weightedphrasemode setting.
- #
- # NB: Currently, this feature uses regular expressions that require the PCRE library.
- # As such, it is only available if you compiled DansGuardian with '--enable-pcre=yes'.
- # You can check compile-time options by running 'e2guardian -v'.
- #
- # Set to 0 to disable.
- # Defaults to 0.
- # WARNING: This option is highly CPU intensive!
- embeddedurlweight = 0
-
- # Enable PICS rating support
- #
- # Defaults to disabled
- # (on | off)
- enablepics = off
-
- # Temporary Denied Page Bypass
- # This provides a link on the denied page to bypass the ban for a few minutes. To be
- # secure it uses a random hashed secret generated at daemon startup. You define the
- # number of seconds the bypass will function for before the deny will appear again.
- # To allow the link on the denied page to appear you will need to edit the template.html
- # or e2guardian.pl file for your language.
- # 300 = enable for 5 minutes
- # 0 = disable ( defaults to 0 )
- # -1 = enable but you require a separate program/CGI to generate a valid link
- bypass = 0
-
- # Temporary Denied Page Bypass Secret Key
- # Rather than generating a random key you can specify one. It must be more than 8 chars.
- # '' = generate a random one (recommended and default)
- # 'Mary had a little lamb.' = an example
- # '76b42abc1cd0fdcaf6e943dcbc93b826' = an example
- bypasskey = ''
-
- # Infection/Scan Error Bypass
- # Similar to the 'bypass' setting, but specifically for bypassing files scanned and found
- # to be infected, or files that trigger scanner errors - for example, archive types with
- # recognised but unsupported compression schemes, or corrupt archives.
- # The option specifies the number of seconds for which the bypass link will be valid.
- # 300 = enable for 5 minutes
- # 0 = disable (default)
- # -1 = enable, but require a separate program/CGI to generate a valid link
- infectionbypass = 0
-
- # Infection/Scan Error Bypass Secret Key
- # Same as the 'bypasskey' option, but used for infection bypass mode.
- infectionbypasskey = ''
-
- # Infection/Scan Error Bypass on Scan Errors Only
- # Enable this option to allow infectionbypass links only when virus scanning fails,
- # not when a file is found to contain a virus.
- # on = enable (default and highly recommended)
- # off = disable
- infectionbypasserrorsonly = on
-
- # Disable content scanning
- # If you enable this option you will disable content scanning for this group.
- # Content scanning primarily is AV scanning (if enabled) but could include
- # other types.
- # (on|off) default = off.
- disablecontentscan = off
-
- # Enable Deep URL Analysis
- # When enabled, DG looks for URLs within URLs, checking against the bannedsitelist and
- # bannedurllist. This can be used, for example, to block images originating from banned
- # sites from appearing in Google Images search results, as the original URLs are
- # embedded in the thumbnail GET requests.
- # (on|off) default = off
- deepurlanalysis = off
-
- # reportinglevel
- #
- # -1 = log, but do not block - Stealth mode
- # 0 = just say 'Access Denied'
- # 1 = report why but not what denied phrase
- # 2 = report fully
- # 3 = use HTML template file (accessdeniedaddress ignored) - recommended
- #
- # If defined, this overrides the global setting in e2guardian.conf for
- # members of this filter group.
- #
- reportinglevel = 3
-
- # accessdeniedaddress is the address of your web server to which the cgi
- # e2guardian reporting script was copied. Only used in reporting levels
- # 1 and 2.
- #
- # This webserver must be either:
- # 1. Non-proxied. Either a machine on the local network, or listed as an
- # exception in your browser's proxy configuration.
- # 2. Added to the exceptionsitelist. Option 1 is preferable; this option is
- # only for users using both transparent proxying and a non-local server
- # to host this script.
- #
- # If defined, this overrides the global setting in e2guardian.conf for
- # members of this filter group.
- #
- #accessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/cgi-bin/e2guardian.pl'
-
- # sslaccessdeniedaddress is the address of your web server to which the static page
- # e2guardian reporting was copied. Only used in reporting levels 3 (avoid blank page)
- # Work only in firefox with ssldeniedrewrite off
-
- # sslaccessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/denyssl.htm'
-
- # Break SSL protocol and redirect to another HTTPS website for denied page (sslaccessdeniedaddress url)
-
- #ssldeniedrewrite = 'on'
-
- # HTML Template override
- # If defined, this specifies a custom HTML template file for members of this
- # filter group, overriding the global setting in e2guardian.conf. This is
- # only used in reporting level 3.
- #
- # The default template file path is <languagedir>/<language>/template.h
- # e.g. share/e2guardian/languages/ukenglish/template.html when using 'ukenglish'
- # language.
- #
- # This option generates a file path of the form:
- # <languagedir>/<language>/<htmltemplate>
- # e.g. share/e2guardian/languages/ukenglish/custom.html
- #
- #htmltemplate = 'custom.html'
-
- # Non standard delimiter (only used with accessdeniedaddress)
- # To help preserve the full banned URL, including parameters, the variables
- # passed into the access denied CGI are separated using non-standard
- # delimiters. This can be useful to ensure correct operation of the filter
- # bypass modes. Parameters are split using "::" in place of "&", and "==" in
- # place of "=".
- # Default is enabled, but to go back to the standard mode, disable it.
-
- #nonstandarddelimiter = off
-
- # Email reporting - original patch by J. Gauthier
-
- # Use SMTP
- # If on, will enable system wide events to be reported by email.
- # need to configure mail program (see 'mailer' in global config)
- # and email recipients
- # default usesmtp = off
- #!! Not compiled !!usesmtp = off
-
- # mailfrom
- # who the email would come from
- # example: mailfrom = 'e2guardian@mycompany.com'
- #!! Not compiled !!mailfrom = ''
-
- # avadmin
- # who the virus emails go to (if notify av is on)
- # example: avadmin = 'admin@mycompany.com'
- #!! Not compiled !!avadmin = ''
-
- # contentdmin
- # who the content emails go to (when thresholds are exceeded)
- # and contentnotify is on
- # example: contentadmin = 'admin@mycompany.com'
- #!! Not compiled !!contentadmin = ''
-
- # avsubject
- # Subject of the email sent when a virus is caught.
- # only applicable if notifyav is on
- # default avsubject = 'e2guardian virus block'
- #!! Not compiled !!avsubject = 'e2guardian virus block'
-
- # content
- # Subject of the email sent when violation thresholds are exceeded
- # default contentsubject = 'e2guardian violation'
- #!! Not compiled !!contentsubject = 'e2guardian violation'
-
- # notifyAV
- # This will send a notification, if usesmtp/notifyav is on, any time an
- # infection is found.
- # Important: If this option is off, viruses will still be recorded like a
- # content infraction.
- #!! Not compiled !!notifyav = off
-
- # notifycontent
- # This will send a notification, if usesmtp is on, based on thresholds
- # below
- #!! Not compiled !!notifycontent = off
-
- # thresholdbyuser
- # results are only predictable with user authenticated configs
- # if enabled the violation/threshold count is kept track of by the user
- #!! Not compiled !!thresholdbyuser = off
-
- #violations
- # number of violations before notification
- # setting to 0 will never trigger a notification
- #!! Not compiled !!violations = 0
-
- #threshold
- # this is in seconds. If 'violations' occur in 'threshold' seconds, then
- # a notification is made.
- # if this is set to 0, then whenever the set number of violations are made a
- # notifaction will be sent.
- #!! Not compiled !!threshold = 0
-
- #SSL certificate checking
- # Check that ssl certificates for servers on https connections are valid
- # and signed by a ca in the configured path
- sslcertcheck = off
-
- #SSL man in the middle
- # Forge ssl certificates for all sites, decrypt the data then re encrypt it
- # using a different private key. Used to filter ssl sites
- sslmitm = off
-
|