Signed-off-by: Luka Perkov <luka@openwrt.org>lilik-openwrt-22.03
@ -0,0 +1,78 @@ | |||
# | |||
# Copyright (C) 2008-2015 OpenWrt.org | |||
# | |||
# This is free software, licensed under the GNU General Public License v2. | |||
# See /LICENSE for more information. | |||
# | |||
include $(TOPDIR)/rules.mk | |||
PKG_NAME:=dansguardian | |||
PKG_VERSION:=2.12.0.3 | |||
PKG_RELEASE:=1 | |||
PKG_LICENSE:=GPL-2.0 | |||
PKG_MAINTAINER:=Luka Perkov <luka@openwrt.org> | |||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 | |||
PKG_SOURCE_URL:=@SF/dansguardian | |||
PKG_MD5SUM:=2a88d0392cd28eaec02b7ee727b2e253 | |||
PKG_BUILD_PARALLEL:=1 | |||
PKG_INSTALL:=1 | |||
include $(INCLUDE_DIR)/uclibc++.mk | |||
include $(INCLUDE_DIR)/package.mk | |||
define Package/dansguardian | |||
SECTION:=net | |||
DEPENDS:=+libpthread $(CXX_DEPENDS) +zlib | |||
CATEGORY:=Network | |||
SUBMENU:=Web Servers/Proxies | |||
TITLE:=DansGuardian | |||
URL:=http://dansguardian.org | |||
endef | |||
define Package/dansguardian/conffiles | |||
/etc/dansguardian/dansguardianf1.conf | |||
/etc/config/dansguardian | |||
endef | |||
CONFIGURE_VARS += \ | |||
INCLUDES="" \ | |||
CXXFLAGS="$$$$CXXFLAGS -fno-rtti" \ | |||
LIBS="-lpthread" \ | |||
define Build/Configure | |||
$(call Build/Configure/Default,\ | |||
--disable-clamav \ | |||
--with-sysconfsubdir=dansguardian \ | |||
--with-proxyuser=root \ | |||
--with-proxygroup=root \ | |||
--disable-pcre \ | |||
) | |||
endef | |||
define Package/dansguardian/install | |||
$(INSTALL_DIR) $(1)/usr/sbin | |||
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/dansguardian $(1)/usr/sbin/ | |||
$(INSTALL_DIR) $(1)/etc | |||
$(CP) $(PKG_INSTALL_DIR)/etc/dansguardian $(1)/etc/ | |||
$(INSTALL_CONF) ./files/dansguardianf1.conf $(1)/etc/dansguardian/dansguardianf1.conf | |||
$(INSTALL_DIR) $(1)/etc/config | |||
$(INSTALL_CONF) ./files/dansguardian.config $(1)/etc/config/dansguardian | |||
$(INSTALL_DIR) $(1)/usr/share/dansguardian | |||
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/dansguardian/transparent1x1.gif $(1)/usr/share/dansguardian/ | |||
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/dansguardian/blockedflash.swf $(1)/usr/share/dansguardian/ | |||
$(INSTALL_DIR) $(1)/usr/share/dansguardian/languages/ukenglish | |||
$(CP) $(PKG_INSTALL_DIR)/usr/share/dansguardian/languages/ukenglish/* $(1)/usr/share/dansguardian/languages/ukenglish/ | |||
$(INSTALL_DIR) $(1)/etc/init.d/ | |||
$(INSTALL_BIN) ./files/dansguardian.init $(1)/etc/init.d/dansguardian | |||
endef | |||
$(eval $(call BuildPackage,dansguardian)) |
@ -0,0 +1,71 @@ | |||
config dansguardian 'dansguardian' | |||
option config_file '/etc/dansguardian/dansguardianf1.conf' | |||
option accessdeniedaddress 'http://YOURSERVER.YOURDOMAIN/cgi-bin/dansguardian.pl' | |||
option bannediplist '/etc/dansguardian/lists/bannediplist' | |||
option contentscanexceptions 'off' | |||
option contentscannertimeout '60' | |||
option createlistcachefiles 'on' | |||
option custombannedflashfile '/usr/share/dansguardian/blockedflash.swf' | |||
option custombannedimagefile '/usr/share/dansguardian/transparent1x1.gif' | |||
option deletedownloadedtempfiles 'on' | |||
option downloadmanager '/etc/dansguardian/downloadmanagers/default.conf' | |||
option exceptioniplist '/etc/dansguardian/lists/exceptioniplist' | |||
option filecachedir '/tmp' | |||
option filtergroups '1' | |||
option filtergroupslist '/etc/dansguardian/lists/filtergroupslist' | |||
option filterip '' | |||
option filterports '8080' | |||
option forcequicksearch 'off' | |||
option forwardedfor 'off' | |||
option hexdecodecontent 'off' | |||
option initialtrickledelay '20' | |||
option ipcfilename '/tmp/.dguardianipc' | |||
option ipipcfilename '/tmp/.dguardianipipc' | |||
option languagedir '/usr/share/dansguardian/languages' | |||
option language 'ukenglish' | |||
option logadblocks 'off' | |||
option logchildprocesshandling 'off' | |||
option logclienthostnames 'off' | |||
option logconnectionhandlingerrors 'on' | |||
option logexceptionhits '2' | |||
option logfileformat '1' | |||
option loglevel '2' | |||
option loglocation '/dev/null' | |||
option logsyslog 'on' | |||
option loguseragent 'off' | |||
option maxagechildren '500' | |||
option maxchildren '120' | |||
option maxcontentfilecachescansize '20000' | |||
option maxcontentfiltersize '256' | |||
option maxcontentramcachescansize '2000' | |||
option maxips '0' | |||
option maxsparechildren '32' | |||
option maxuploadsize '-1' | |||
option minchildren '8' | |||
option minsparechildren '4' | |||
option nodaemon 'off' | |||
option nologger 'off' | |||
option nonstandarddelimiter 'on' | |||
option perroomblockingdirectory '/etc/dansguardian/lists/bannedrooms/' | |||
option phrasefiltermode '2' | |||
option prefercachedlists 'off' | |||
option preforkchildren '6' | |||
option preservecase '0' | |||
option proxyip '127.0.0.1' | |||
option proxyport '3128' | |||
option proxytimeout '20' | |||
option recheckreplacedurls 'off' | |||
option reportinglevel '3' | |||
option reverseaddresslookups 'off' | |||
option reverseclientiplookups 'off' | |||
option scancleancache 'on' | |||
option showweightedfound 'on' | |||
option softrestart 'off' | |||
option trickledelay '10' | |||
option urlcacheage '900' | |||
option urlcachenumber '1000' | |||
option urlipcfilename '/tmp/.dguardianurlipc' | |||
option usecustombannedflash 'on' | |||
option usecustombannedimage 'on' | |||
option usexforwardedfor 'off' | |||
option weightedphrasemode '2' |
@ -0,0 +1,190 @@ | |||
#!/bin/sh /etc/rc.common | |||
# Copyright (C) 2015 OpenWrt.org | |||
START=90 | |||
STOP=10 | |||
USE_PROCD=1 | |||
PROG=/usr/sbin/dansguardian | |||
CONFIGFILE="/tmp/dansguardian/dansguardian.conf" | |||
validate_dansguardian_section() { | |||
uci_validate_section dansguardian dansguardian "${1}" \ | |||
'config_file:string' \ | |||
'accessdeniedaddress:string' \ | |||
'bannediplist:string' \ | |||
'contentscanexceptions:string' \ | |||
'contentscannertimeout:uinteger' \ | |||
'createlistcachefiles:string' \ | |||
'custombannedflashfile:string' \ | |||
'custombannedimagefile:string' \ | |||
'deletedownloadedtempfiles:string' \ | |||
'downloadmanager:string' \ | |||
'exceptioniplist:string' \ | |||
'filecachedir:string' \ | |||
'filtergroups:uinteger' \ | |||
'filtergroupslist:string' \ | |||
'filterip:ipaddr' \ | |||
'filterports:port:8080' \ | |||
'forcequicksearch:string' \ | |||
'forwardedfor:string' \ | |||
'hexdecodecontent:string' \ | |||
'initialtrickledelay:uinteger' \ | |||
'ipcfilename:string' \ | |||
'ipipcfilename:string' \ | |||
'languagedir:string' \ | |||
'language:string' \ | |||
'logadblocks:string' \ | |||
'logchildprocesshandling:string' \ | |||
'logclienthostnames:string' \ | |||
'logconnectionhandlingerrors:string' \ | |||
'logexceptionhits:range(0,2)' \ | |||
'logfileformat:range(1,4)' \ | |||
'loglevel:range(0,3)' \ | |||
'loglocation:string' \ | |||
'loguseragent:string' \ | |||
'maxagechildren:uinteger' \ | |||
'maxchildren:uinteger' \ | |||
'maxcontentfilecachescansize:uinteger' \ | |||
'maxcontentfiltersize:uinteger' \ | |||
'maxcontentramcachescansize:uinteger' \ | |||
'maxips:uinteger' \ | |||
'maxsparechildren:uinteger' \ | |||
'maxuploadsize:integer' \ | |||
'minchildren:uinteger' \ | |||
'minsparechildren:uinteger' \ | |||
'nodaemon:string' \ | |||
'nologger:string' \ | |||
'nonstandarddelimiter:string' \ | |||
'perroomblockingdirectory:string' \ | |||
'phrasefiltermode:range(0,3)' \ | |||
'prefercachedlists:string' \ | |||
'preforkchildren:uinteger' \ | |||
'preservecase:range(0,2)' \ | |||
'proxyip:ipaddr' \ | |||
'proxyport:port:3128' \ | |||
'proxytimeout:range(20,30)' \ | |||
'recheckreplacedurls:string' \ | |||
'reportinglevel:range(-1,3)' \ | |||
'reverseaddresslookups:string' \ | |||
'reverseclientiplookups:string' \ | |||
'scancleancache:string' \ | |||
'showweightedfound:string' \ | |||
'softrestart:string' \ | |||
'trickledelay:uinteger' \ | |||
'urlcacheage:uinteger' \ | |||
'urlcachenumber:uinteger' \ | |||
'urlipcfilename:string' \ | |||
'usecustombannedflash:string' \ | |||
'usecustombannedimage:string' \ | |||
'usexforwardedfor:string' \ | |||
'weightedphrasemode:range(0,2)' | |||
} | |||
start_service() { | |||
local config_file accessdeniedaddress bannediplist contentscanexceptions contentscannertimeout \ | |||
createlistcachefiles custombannedflashfile custombannedimagefile deletedownloadedtempfiles \ | |||
downloadmanager exceptioniplist filecachedir filtergroups filtergroupslist filterip filterports \ | |||
forcequicksearch forwardedfor hexdecodecontent initialtrickledelay ipcfilename ipipcfilename \ | |||
language languagedir logadblocks logchildprocesshandling logclienthostnames logconnectionhandlingerrors \ | |||
logexceptionhits logfileformat loglevel loguseragent maxagechildren maxchildren maxcontentfilecachescansize \ | |||
maxcontentfiltersize maxcontentramcachescansize maxips maxsparechildren maxuploadsize minchildren minsparechildren \ | |||
nodaemon nologger nonstandarddelimiter perroomblockingdirectory phrasefiltermode prefercachedlists preforkchildren \ | |||
preservecase proxyip proxyport proxytimeout recheckreplacedurls reportinglevel reverseaddresslookups \ | |||
reverseclientiplookups scancleancache showweightedfound softrestart trickledelay urlcacheage urlcachenumber \ | |||
urlipcfilename usecustombannedflash usecustombannedimage usexforwardedfor weightedphrasemode | |||
validate_dansguardian_section dansguardian || { | |||
echo "validation failed" | |||
return 1 | |||
} | |||
mkdir -p $(dirname $CONFIGFILE) | |||
ln -sf $config_file $(dirname $CONFIGFILE) | |||
echo "accessdeniedaddress = " $accessdeniedaddress >> $CONFIGFILE | |||
echo "bannediplist = " $bannediplist >> $CONFIGFILE | |||
echo "contentscanexceptions = " $contentscanexceptions >> $CONFIGFILE | |||
echo "contentscannertimeout = " $contentscannertimeout >> $CONFIGFILE | |||
echo "createlistcachefiles = " $createlistcachefiles >> $CONFIGFILE | |||
echo "custombannedflashfile = " $custombannedflashfile >> $CONFIGFILE | |||
echo "custombannedimagefile = " $custombannedimagefile >> $CONFIGFILE | |||
echo "deletedownloadedtempfiles = " $deletedownloadedtempfiles >> $CONFIGFILE | |||
echo "downloadmanager = " $downloadmanager >> $CONFIGFILE | |||
echo "exceptioniplist = " $exceptioniplist >> $CONFIGFILE | |||
echo "filecachedir = " $filecachedir >> $CONFIGFILE | |||
echo "filtergroups = " $filtergroups >> $CONFIGFILE | |||
echo "filtergroupslist = " $filtergroupslist >> $CONFIGFILE | |||
echo "filterip = " $filterip >> $CONFIGFILE | |||
echo "filterports = " $filterports >> $CONFIGFILE | |||
echo "forcequicksearch = " $forcequicksearch >> $CONFIGFILE | |||
echo "forwardedfor = " $forwardedfor >> $CONFIGFILE | |||
echo "hexdecodecontent = " $hexdecodecontent >> $CONFIGFILE | |||
echo "initialtrickledelay = " $initialtrickledelay >> $CONFIGFILE | |||
echo "ipcfilename = " $ipcfilename >> $CONFIGFILE | |||
echo "ipipcfilename = " $ipipcfilename >> $CONFIGFILE | |||
echo "language = " $language >> $CONFIGFILE | |||
echo "languagedir = " $languagedir >> $CONFIGFILE | |||
echo "logadblocks = " $logadblocks >> $CONFIGFILE | |||
echo "logchildprocesshandling = " $logchildprocesshandling >> $CONFIGFILE | |||
echo "logclienthostnames = " $logclienthostnames >> $CONFIGFILE | |||
echo "logconnectionhandlingerrors = " $logconnectionhandlingerrors >> $CONFIGFILE | |||
echo "logexceptionhits = " $logexceptionhits >> $CONFIGFILE | |||
echo "logfileformat = " $logfileformat >> $CONFIGFILE | |||
echo "loglevel = " $loglevel >> $CONFIGFILE | |||
echo "loglocation = " $loglocation >> $CONFIGFILE | |||
echo "loguseragent = " $loguseragent >> $CONFIGFILE | |||
echo "maxagechildren = " $maxagechildren >> $CONFIGFILE | |||
echo "maxchildren = " $maxchildren >> $CONFIGFILE | |||
echo "maxcontentfilecachescansize = " $maxcontentfilecachescansize >> $CONFIGFILE | |||
echo "maxcontentfiltersize = " $maxcontentfiltersize >> $CONFIGFILE | |||
echo "maxcontentramcachescansize = " $maxcontentramcachescansize >> $CONFIGFILE | |||
echo "maxips = " $maxips >> $CONFIGFILE | |||
echo "maxsparechildren = " $maxsparechildren >> $CONFIGFILE | |||
echo "maxuploadsize = " $maxuploadsize >> $CONFIGFILE | |||
echo "minchildren = " $minchildren >> $CONFIGFILE | |||
echo "minsparechildren = " $minsparechildren >> $CONFIGFILE | |||
echo "nodaemon = " $nodaemon >> $CONFIGFILE | |||
echo "nologger = " $nologger >> $CONFIGFILE | |||
echo "nonstandarddelimiter = " $nonstandarddelimiter >> $CONFIGFILE | |||
echo "perroomblockingdirectory = " $perroomblockingdirectory >> $CONFIGFILE | |||
echo "phrasefiltermode = " $phrasefiltermode >> $CONFIGFILE | |||
echo "prefercachedlists = " $prefercachedlists >> $CONFIGFILE | |||
echo "preforkchildren = " $preforkchildren >> $CONFIGFILE | |||
echo "preservecase = " $preservecase >> $CONFIGFILE | |||
echo "proxyip = " $proxyip >> $CONFIGFILE | |||
echo "proxyport = " $proxyport >> $CONFIGFILE | |||
echo "proxytimeout = " $proxytimeout >> $CONFIGFILE | |||
echo "recheckreplacedurls = " $recheckreplacedurls >> $CONFIGFILE | |||
echo "reportinglevel = " $reportinglevel >> $CONFIGFILE | |||
echo "reverseaddresslookups = " $reverseaddresslookups >> $CONFIGFILE | |||
echo "reverseclientiplookups = " $reverseclientiplookups >> $CONFIGFILE | |||
echo "scancleancache = " $scancleancache >> $CONFIGFILE | |||
echo "showweightedfound = " $showweightedfound >> $CONFIGFILE | |||
echo "softrestart = " $softrestart >> $CONFIGFILE | |||
echo "trickledelay = " $trickledelay >> $CONFIGFILE | |||
echo "urlcacheage = " $urlcacheage >> $CONFIGFILE | |||
echo "urlcachenumber = " $urlcachenumber >> $CONFIGFILE | |||
echo "urlipcfilename = " $urlipcfilename >> $CONFIGFILE | |||
echo "usecustombannedflash = " $usecustombannedflash >> $CONFIGFILE | |||
echo "usecustombannedimage = " $usecustombannedimage >> $CONFIGFILE | |||
echo "usexforwardedfor = " $usexforwardedfor >> $CONFIGFILE | |||
echo "weightedphrasemode = " $weightedphrasemode >> $CONFIGFILE | |||
procd_open_instance | |||
procd_set_param command $PROG -N -c "$CONFIGFILE" | |||
procd_set_param file $CONFIGFILE | |||
procd_set_param respawn | |||
procd_close_instance | |||
} | |||
stop_service() | |||
{ | |||
dansguardian -s | awk -F':' '{ print $2}' | xargs kill -9 | |||
} | |||
service_triggers() | |||
{ | |||
procd_add_reload_trigger "dansguardian" | |||
procd_add_validation validate_dansguardian_section | |||
} |
@ -0,0 +1,348 @@ | |||
# DansGuardian filter group config file for version 2.12.0.0 | |||
# Filter group mode | |||
# This option determines whether members of this group have their web access | |||
# unfiltered, filtered, or banned. This mechanism replaces the "banneduserlist" | |||
# and "exceptionuserlist" files from previous versions. | |||
# | |||
# 0 = banned | |||
# 1 = filtered | |||
# 2 = unfiltered (exception) | |||
# | |||
# Only filter groups with a mode of 1 need to define phrase, URL, site, extension, | |||
# mimetype and PICS lists; in other modes, these options are ignored to conserve | |||
# memory. | |||
# | |||
# Defaults to 0 if unspecified. | |||
# Unauthenticated users are treated as being in the first filter group. | |||
groupmode = 1 | |||
# Filter group name | |||
# Used to fill in the -FILTERGROUP- placeholder in the HTML template file, and to | |||
# name the group in the access logs | |||
# Defaults to empty string | |||
#groupname = '' | |||
# Content filtering files location | |||
bannedphraselist = '/etc/dansguardian/lists/bannedphraselist' | |||
weightedphraselist = '/etc/dansguardian/lists/weightedphraselist' | |||
exceptionphraselist = '/etc/dansguardian/lists/exceptionphraselist' | |||
bannedsitelist = '/etc/dansguardian/lists/bannedsitelist' | |||
greysitelist = '/etc/dansguardian/lists/greysitelist' | |||
exceptionsitelist = '/etc/dansguardian/lists/exceptionsitelist' | |||
bannedurllist = '/etc/dansguardian/lists/bannedurllist' | |||
greyurllist = '/etc/dansguardian/lists/greyurllist' | |||
exceptionurllist = '/etc/dansguardian/lists/exceptionurllist' | |||
exceptionregexpurllist = '/etc/dansguardian/lists/exceptionregexpurllist' | |||
bannedregexpurllist = '/etc/dansguardian/lists/bannedregexpurllist' | |||
picsfile = '/etc/dansguardian/lists/pics' | |||
contentregexplist = '/etc/dansguardian/lists/contentregexplist' | |||
urlregexplist = '/etc/dansguardian/lists/urlregexplist' | |||
# Filetype filtering | |||
# | |||
# Blanket download blocking | |||
# If enabled, all files will be blocked, unless they match the | |||
# exceptionextensionlist or exceptionmimetypelist. | |||
# These lists do not override virus scanning. | |||
# Exception lists defined above override all types of filtering, including | |||
# the blanket download block. | |||
# Defaults to disabled. | |||
# (on | off) | |||
# | |||
blockdownloads = off | |||
exceptionextensionlist = '/etc/dansguardian/lists/exceptionextensionlist' | |||
exceptionmimetypelist = '/etc/dansguardian/lists/exceptionmimetypelist' | |||
# | |||
# Use the following lists to block specific kinds of file downloads. | |||
# The two exception lists above can be used to override these. | |||
# | |||
bannedextensionlist = '/etc/dansguardian/lists/bannedextensionlist' | |||
bannedmimetypelist = '/etc/dansguardian/lists/bannedmimetypelist' | |||
# | |||
# In either file filtering mode, the following list can be used to override | |||
# MIME type & extension blocks for particular domains & URLs (trusted download sites). | |||
# | |||
exceptionfilesitelist = '/etc/dansguardian/lists/exceptionfilesitelist' | |||
exceptionfileurllist = '/etc/dansguardian/lists/exceptionfileurllist' | |||
# Categorise without blocking: | |||
# Supply categorised lists here and the category string shall be logged against | |||
# matching requests, but matching these lists does not perform any filtering | |||
# action. | |||
#logsitelist = '/etc/dansguardian/lists/logsitelist' | |||
#logurllist = '/etc/dansguardian/lists/logurllist' | |||
#logregexpurllist = '/etc/dansguardian/lists/logregexpurllist' | |||
# Outgoing HTTP header rules: | |||
# Optional lists for blocking based on, and modification of, outgoing HTTP | |||
# request headers. Format for headerregexplist is one modification rule per | |||
# line, similar to content/URL modifications. Format for | |||
# bannedregexpheaderlist is one regular expression per line, with matching | |||
# headers causing a request to be blocked. | |||
# Headers are matched/replaced on a line-by-line basis, not as a contiguous | |||
# block. | |||
# Use for example, to remove cookies or prevent certain user-agents. | |||
headerregexplist = '/etc/dansguardian/lists/headerregexplist' | |||
bannedregexpheaderlist = '/etc/dansguardian/lists/bannedregexpheaderlist' | |||
# Weighted phrase mode | |||
# Optional; overrides the weightedphrasemode option in dansguardian.conf | |||
# for this particular group. See documentation for supported values in | |||
# that file. | |||
#weightedphrasemode = 0 | |||
# Naughtiness limit | |||
# This the limit over which the page will be blocked. Each weighted phrase is given | |||
# a value either positive or negative and the values added up. Phrases to do with | |||
# good subjects will have negative values, and bad subjects will have positive | |||
# values. See the weightedphraselist file for examples. | |||
# As a guide: | |||
# 50 is for young children, 100 for old children, 160 for young adults. | |||
naughtynesslimit = 50 | |||
# Search term blocking | |||
# Search terms can be extracted from search URLs and filtered using the | |||
# bannedphraselist, weightedphraselist and exceptionphraselist, with a separate | |||
# threshold for blocking than that used for normal page content. | |||
# To do this, the first two options below must be enabled. | |||
# | |||
# Search engine regular expression list | |||
# List of regular expressions for matching search engine URLs. It is assumed | |||
# that the search terms themselves will be contained within the first submatch | |||
# of each expression. | |||
#searchengineregexplist = '/etc/dansguardian/lists/searchengineregexplist' | |||
# | |||
# Search term limit | |||
# The limit over which requests will be blocked for containing search terms | |||
# which match the weightedphraselist. This should usually be lower than the | |||
# 'naughtynesslimit' value above, because the amount of text being filtered | |||
# is only a few words, rather than a whole page. | |||
# This option must be uncommented if searchengineregexplist is uncommented. | |||
# A value of 0 here indicates that search terms should be extracted, | |||
# for logging/reporting purposes, but no filtering should be performed | |||
# on the resulting text. | |||
#searchtermlimit = 30 | |||
# | |||
# Search term lists | |||
# If the three lines below are uncommented, search term blocking will use | |||
# the banned, weighted & exception phrases from these lists, instead of using | |||
# the same phrase lists as for page content. This is optional but recommended, | |||
# as weights for individual phrases in the "normal" lists may not be | |||
# appropriate for blocking when those phrases appear in a much smaller block | |||
# of text. | |||
# Please note that all or none of the below should be uncommented, not a | |||
# mixture. | |||
#bannedsearchtermlist = '/etc/dansguardian/lists/bannedsearchtermlist' | |||
#weightedsearchtermlist = '/etc/dansguardian/lists/weightedsearchtermlist' | |||
#exceptionsearchtermlist = '/etc/dansguardian/lists/exceptionsearchtermlist' | |||
# Category display threshold | |||
# This option only applies to pages blocked by weighted phrase filtering. | |||
# Defines the minimum score that must be accumulated within a particular | |||
# category in order for it to show up on the block pages' category list. | |||
# All categories under which the page scores positively will be logged; those | |||
# that were not displayed to the user appear in brackets. | |||
# | |||
# -1 = display only the highest scoring category | |||
# 0 = display all categories (default) | |||
# > 0 = minimum score for a category to be displayed | |||
categorydisplaythreshold = 0 | |||
# Embedded URL weighting | |||
# When set to something greater than zero, this option causes URLs embedded within a | |||
# page's HTML (from links, image tags, etc.) to be extracted and checked against the | |||
# bannedsitelist and bannedurllist. Each link to a banned page causes the amount set | |||
# here to be added to the page's weighting. | |||
# The behaviour of this option with regards to multiple occurrences of a site/URL is | |||
# affected by the weightedphrasemode setting. | |||
# | |||
# NB: Currently, this feature uses regular expressions that require the PCRE library. | |||
# As such, it is only available if you compiled DansGuardian with '--enable-pcre=yes'. | |||
# You can check compile-time options by running 'dansguardian -v'. | |||
# | |||
# Set to 0 to disable. | |||
# Defaults to 0. | |||
# WARNING: This option is highly CPU intensive! | |||
embeddedurlweight = 0 | |||
# Enable PICS rating support | |||
# | |||
# Defaults to disabled | |||
# (on | off) | |||
enablepics = off | |||
# Temporary Denied Page Bypass | |||
# This provides a link on the denied page to bypass the ban for a few minutes. To be | |||
# secure it uses a random hashed secret generated at daemon startup. You define the | |||
# number of seconds the bypass will function for before the deny will appear again. | |||
# To allow the link on the denied page to appear you will need to edit the template.html | |||
# or dansguardian.pl file for your language. | |||
# 300 = enable for 5 minutes | |||
# 0 = disable ( defaults to 0 ) | |||
# -1 = enable but you require a separate program/CGI to generate a valid link | |||
bypass = 0 | |||
# Temporary Denied Page Bypass Secret Key | |||
# Rather than generating a random key you can specify one. It must be more than 8 chars. | |||
# '' = generate a random one (recommended and default) | |||
# 'Mary had a little lamb.' = an example | |||
# '76b42abc1cd0fdcaf6e943dcbc93b826' = an example | |||
bypasskey = '' | |||
# Infection/Scan Error Bypass | |||
# Similar to the 'bypass' setting, but specifically for bypassing files scanned and found | |||
# to be infected, or files that trigger scanner errors - for example, archive types with | |||
# recognised but unsupported compression schemes, or corrupt archives. | |||
# The option specifies the number of seconds for which the bypass link will be valid. | |||
# 300 = enable for 5 minutes | |||
# 0 = disable (default) | |||
# -1 = enable, but require a separate program/CGI to generate a valid link | |||
infectionbypass = 0 | |||
# Infection/Scan Error Bypass Secret Key | |||
# Same as the 'bypasskey' option, but used for infection bypass mode. | |||
infectionbypasskey = '' | |||
# Infection/Scan Error Bypass on Scan Errors Only | |||
# Enable this option to allow infectionbypass links only when virus scanning fails, | |||
# not when a file is found to contain a virus. | |||
# on = enable (default and highly recommended) | |||
# off = disable | |||
infectionbypasserrorsonly = on | |||
# Disable content scanning | |||
# If you enable this option you will disable content scanning for this group. | |||
# Content scanning primarily is AV scanning (if enabled) but could include | |||
# other types. | |||
# (on|off) default = off. | |||
disablecontentscan = off | |||
# Enable Deep URL Analysis | |||
# When enabled, DG looks for URLs within URLs, checking against the bannedsitelist and | |||
# bannedurllist. This can be used, for example, to block images originating from banned | |||
# sites from appearing in Google Images search results, as the original URLs are | |||
# embedded in the thumbnail GET requests. | |||
# (on|off) default = off | |||
deepurlanalysis = off | |||
# reportinglevel | |||
# | |||
# -1 = log, but do not block - Stealth mode | |||
# 0 = just say 'Access Denied' | |||
# 1 = report why but not what denied phrase | |||
# 2 = report fully | |||
# 3 = use HTML template file (accessdeniedaddress ignored) - recommended | |||
# | |||
# If defined, this overrides the global setting in dansguardian.conf for | |||
# members of this filter group. | |||
# | |||
#reportinglevel = 3 | |||
# accessdeniedaddress is the address of your web server to which the cgi | |||
# dansguardian reporting script was copied. Only used in reporting levels | |||
# 1 and 2. | |||
# | |||
# This webserver must be either: | |||
# 1. Non-proxied. Either a machine on the local network, or listed as an | |||
# exception in your browser's proxy configuration. | |||
# 2. Added to the exceptionsitelist. Option 1 is preferable; this option is | |||
# only for users using both transparent proxying and a non-local server | |||
# to host this script. | |||
# | |||
# If defined, this overrides the global setting in dansguardian.conf for | |||
# members of this filter group. | |||
# | |||
#accessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/cgi-bin/dansguardian.pl' | |||
# HTML Template override | |||
# If defined, this specifies a custom HTML template file for members of this | |||
# filter group, overriding the global setting in dansguardian.conf. This is | |||
# only used in reporting level 3. | |||
# | |||
# The default template file path is <languagedir>/<language>/template.html | |||
# e.g. /usr/share/dansguardian/languages/ukenglish/template.html when using 'ukenglish' | |||
# language. | |||
# | |||
# This option generates a file path of the form: | |||
# <languagedir>/<language>/<htmltemplate> | |||
# e.g. /usr/share/dansguardian/languages/ukenglish/custom.html | |||
# | |||
#htmltemplate = 'custom.html' | |||
# Email reporting - original patch by J. Gauthier | |||
# Use SMTP | |||
# If on, will enable system wide events to be reported by email. | |||
# need to configure mail program (see 'mailer' in global config) | |||
# and email recipients | |||
# default usesmtp = off | |||
#!! Not compiled !!usesmtp = off | |||
# mailfrom | |||
# who the email would come from | |||
# example: mailfrom = 'dansguardian@mycompany.com' | |||
#!! Not compiled !!mailfrom = '' | |||
# avadmin | |||
# who the virus emails go to (if notify av is on) | |||
# example: avadmin = 'admin@mycompany.com' | |||
#!! Not compiled !!avadmin = '' | |||
# contentdmin | |||
# who the content emails go to (when thresholds are exceeded) | |||
# and contentnotify is on | |||
# example: contentadmin = 'admin@mycompany.com' | |||
#!! Not compiled !!contentadmin = '' | |||
# avsubject | |||
# Subject of the email sent when a virus is caught. | |||
# only applicable if notifyav is on | |||
# default avsubject = 'dansguardian virus block' | |||
#!! Not compiled !!avsubject = 'dansguardian virus block' | |||
# content | |||
# Subject of the email sent when violation thresholds are exceeded | |||
# default contentsubject = 'dansguardian violation' | |||
#!! Not compiled !!contentsubject = 'dansguardian violation' | |||
# notifyAV | |||
# This will send a notification, if usesmtp/notifyav is on, any time an | |||
# infection is found. | |||
# Important: If this option is off, viruses will still be recorded like a | |||
# content infraction. | |||
#!! Not compiled !!notifyav = off | |||
# notifycontent | |||
# This will send a notification, if usesmtp is on, based on thresholds | |||
# below | |||
#!! Not compiled !!notifycontent = off | |||
# thresholdbyuser | |||
# results are only predictable with user authenticated configs | |||
# if enabled the violation/threshold count is kept track of by the user | |||
#!! Not compiled !!thresholdbyuser = off | |||
#violations | |||
# number of violations before notification | |||
# setting to 0 will never trigger a notification | |||
#!! Not compiled !!violations = 0 | |||
#threshold | |||
# this is in seconds. If 'violations' occur in 'threshold' seconds, then | |||
# a notification is made. | |||
# if this is set to 0, then whenever the set number of violations are made a | |||
# notifaction will be sent. | |||
#!! Not compiled !!threshold = 0 | |||
#SSL certificate checking | |||
# Check that ssl certificates for servers on https connections are valid | |||
# and signed by a ca in the configured path | |||
sslcertcheck = off | |||
#SSL man in the middle | |||
# Forge ssl certificates for all sites, decrypt the data then re encrypt it | |||
# using a different private key. Used to filter ssl sites | |||
sslmitm = off | |||
@ -0,0 +1,29 @@ | |||
--- a/configure | |||
+++ b/configure | |||
@@ -827,7 +827,7 @@ sysconfdir='${prefix}/etc' | |||
sharedstatedir='${prefix}/com' | |||
localstatedir='${prefix}/var' | |||
includedir='${prefix}/include' | |||
-oldincludedir='/usr/include' | |||
+oldincludedir='${prefix}/usr/include' | |||
docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' | |||
infodir='${datarootdir}/info' | |||
htmldir='${docdir}' | |||
@@ -5265,7 +5265,7 @@ $as_echo_n "checking for zlib... " >&6; | |||
# Check whether --with-zlib was given. | |||
if test "${with_zlib+set}" = set; then : | |||
withval=$with_zlib; # check for header & func (in library) in given prefix | |||
- CPPFLAGS="${CPPFLAGS} -I${withval}/include" | |||
+ CPPFLAGS="${CPPFLAGS}" | |||
if test "x$staticzlib" = "xtrue"; then | |||
LIBS="-Bstatic -L${withval} -lz -Bdynamic ${LIBS}" | |||
else | |||
@@ -7095,7 +7095,7 @@ $as_echo "#define ENABLE_NTLM /**/" >>co | |||
if test "${with_libiconv+set}" = set; then : | |||
withval=$with_libiconv; # check for header & func (in library) in given prefix | |||
if test "x$withval" != "x"; then | |||
- CPPFLAGS="${CPPFLAGS} -I${withval}/include" | |||
+ CPPFLAGS="${CPPFLAGS}" | |||
LIBS="-L${withval}/lib -liconv ${LIBS}" | |||
else | |||
LIBS="-liconv ${LIBS}" |