Browse Source

dansguardian: import from old-packages

Signed-off-by: Luka Perkov <luka@openwrt.org>
lilik-openwrt-22.03
Luka Perkov 10 years ago
parent
commit
0fbe9331a9
5 changed files with 716 additions and 0 deletions
  1. +78
    -0
      net/dansguardian/Makefile
  2. +71
    -0
      net/dansguardian/files/dansguardian.config
  3. +190
    -0
      net/dansguardian/files/dansguardian.init
  4. +348
    -0
      net/dansguardian/files/dansguardianf1.conf
  5. +29
    -0
      net/dansguardian/patches/001-compile.patch

+ 78
- 0
net/dansguardian/Makefile View File

@ -0,0 +1,78 @@
#
# Copyright (C) 2008-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=dansguardian
PKG_VERSION:=2.12.0.3
PKG_RELEASE:=1
PKG_LICENSE:=GPL-2.0
PKG_MAINTAINER:=Luka Perkov <luka@openwrt.org>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=@SF/dansguardian
PKG_MD5SUM:=2a88d0392cd28eaec02b7ee727b2e253
PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
include $(INCLUDE_DIR)/uclibc++.mk
include $(INCLUDE_DIR)/package.mk
define Package/dansguardian
SECTION:=net
DEPENDS:=+libpthread $(CXX_DEPENDS) +zlib
CATEGORY:=Network
SUBMENU:=Web Servers/Proxies
TITLE:=DansGuardian
URL:=http://dansguardian.org
endef
define Package/dansguardian/conffiles
/etc/dansguardian/dansguardianf1.conf
/etc/config/dansguardian
endef
CONFIGURE_VARS += \
INCLUDES="" \
CXXFLAGS="$$$$CXXFLAGS -fno-rtti" \
LIBS="-lpthread" \
define Build/Configure
$(call Build/Configure/Default,\
--disable-clamav \
--with-sysconfsubdir=dansguardian \
--with-proxyuser=root \
--with-proxygroup=root \
--disable-pcre \
)
endef
define Package/dansguardian/install
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/dansguardian $(1)/usr/sbin/
$(INSTALL_DIR) $(1)/etc
$(CP) $(PKG_INSTALL_DIR)/etc/dansguardian $(1)/etc/
$(INSTALL_CONF) ./files/dansguardianf1.conf $(1)/etc/dansguardian/dansguardianf1.conf
$(INSTALL_DIR) $(1)/etc/config
$(INSTALL_CONF) ./files/dansguardian.config $(1)/etc/config/dansguardian
$(INSTALL_DIR) $(1)/usr/share/dansguardian
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/dansguardian/transparent1x1.gif $(1)/usr/share/dansguardian/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/dansguardian/blockedflash.swf $(1)/usr/share/dansguardian/
$(INSTALL_DIR) $(1)/usr/share/dansguardian/languages/ukenglish
$(CP) $(PKG_INSTALL_DIR)/usr/share/dansguardian/languages/ukenglish/* $(1)/usr/share/dansguardian/languages/ukenglish/
$(INSTALL_DIR) $(1)/etc/init.d/
$(INSTALL_BIN) ./files/dansguardian.init $(1)/etc/init.d/dansguardian
endef
$(eval $(call BuildPackage,dansguardian))

+ 71
- 0
net/dansguardian/files/dansguardian.config View File

@ -0,0 +1,71 @@
config dansguardian 'dansguardian'
option config_file '/etc/dansguardian/dansguardianf1.conf'
option accessdeniedaddress 'http://YOURSERVER.YOURDOMAIN/cgi-bin/dansguardian.pl'
option bannediplist '/etc/dansguardian/lists/bannediplist'
option contentscanexceptions 'off'
option contentscannertimeout '60'
option createlistcachefiles 'on'
option custombannedflashfile '/usr/share/dansguardian/blockedflash.swf'
option custombannedimagefile '/usr/share/dansguardian/transparent1x1.gif'
option deletedownloadedtempfiles 'on'
option downloadmanager '/etc/dansguardian/downloadmanagers/default.conf'
option exceptioniplist '/etc/dansguardian/lists/exceptioniplist'
option filecachedir '/tmp'
option filtergroups '1'
option filtergroupslist '/etc/dansguardian/lists/filtergroupslist'
option filterip ''
option filterports '8080'
option forcequicksearch 'off'
option forwardedfor 'off'
option hexdecodecontent 'off'
option initialtrickledelay '20'
option ipcfilename '/tmp/.dguardianipc'
option ipipcfilename '/tmp/.dguardianipipc'
option languagedir '/usr/share/dansguardian/languages'
option language 'ukenglish'
option logadblocks 'off'
option logchildprocesshandling 'off'
option logclienthostnames 'off'
option logconnectionhandlingerrors 'on'
option logexceptionhits '2'
option logfileformat '1'
option loglevel '2'
option loglocation '/dev/null'
option logsyslog 'on'
option loguseragent 'off'
option maxagechildren '500'
option maxchildren '120'
option maxcontentfilecachescansize '20000'
option maxcontentfiltersize '256'
option maxcontentramcachescansize '2000'
option maxips '0'
option maxsparechildren '32'
option maxuploadsize '-1'
option minchildren '8'
option minsparechildren '4'
option nodaemon 'off'
option nologger 'off'
option nonstandarddelimiter 'on'
option perroomblockingdirectory '/etc/dansguardian/lists/bannedrooms/'
option phrasefiltermode '2'
option prefercachedlists 'off'
option preforkchildren '6'
option preservecase '0'
option proxyip '127.0.0.1'
option proxyport '3128'
option proxytimeout '20'
option recheckreplacedurls 'off'
option reportinglevel '3'
option reverseaddresslookups 'off'
option reverseclientiplookups 'off'
option scancleancache 'on'
option showweightedfound 'on'
option softrestart 'off'
option trickledelay '10'
option urlcacheage '900'
option urlcachenumber '1000'
option urlipcfilename '/tmp/.dguardianurlipc'
option usecustombannedflash 'on'
option usecustombannedimage 'on'
option usexforwardedfor 'off'
option weightedphrasemode '2'

+ 190
- 0
net/dansguardian/files/dansguardian.init View File

@ -0,0 +1,190 @@
#!/bin/sh /etc/rc.common
# Copyright (C) 2015 OpenWrt.org
START=90
STOP=10
USE_PROCD=1
PROG=/usr/sbin/dansguardian
CONFIGFILE="/tmp/dansguardian/dansguardian.conf"
validate_dansguardian_section() {
uci_validate_section dansguardian dansguardian "${1}" \
'config_file:string' \
'accessdeniedaddress:string' \
'bannediplist:string' \
'contentscanexceptions:string' \
'contentscannertimeout:uinteger' \
'createlistcachefiles:string' \
'custombannedflashfile:string' \
'custombannedimagefile:string' \
'deletedownloadedtempfiles:string' \
'downloadmanager:string' \
'exceptioniplist:string' \
'filecachedir:string' \
'filtergroups:uinteger' \
'filtergroupslist:string' \
'filterip:ipaddr' \
'filterports:port:8080' \
'forcequicksearch:string' \
'forwardedfor:string' \
'hexdecodecontent:string' \
'initialtrickledelay:uinteger' \
'ipcfilename:string' \
'ipipcfilename:string' \
'languagedir:string' \
'language:string' \
'logadblocks:string' \
'logchildprocesshandling:string' \
'logclienthostnames:string' \
'logconnectionhandlingerrors:string' \
'logexceptionhits:range(0,2)' \
'logfileformat:range(1,4)' \
'loglevel:range(0,3)' \
'loglocation:string' \
'loguseragent:string' \
'maxagechildren:uinteger' \
'maxchildren:uinteger' \
'maxcontentfilecachescansize:uinteger' \
'maxcontentfiltersize:uinteger' \
'maxcontentramcachescansize:uinteger' \
'maxips:uinteger' \
'maxsparechildren:uinteger' \
'maxuploadsize:integer' \
'minchildren:uinteger' \
'minsparechildren:uinteger' \
'nodaemon:string' \
'nologger:string' \
'nonstandarddelimiter:string' \
'perroomblockingdirectory:string' \
'phrasefiltermode:range(0,3)' \
'prefercachedlists:string' \
'preforkchildren:uinteger' \
'preservecase:range(0,2)' \
'proxyip:ipaddr' \
'proxyport:port:3128' \
'proxytimeout:range(20,30)' \
'recheckreplacedurls:string' \
'reportinglevel:range(-1,3)' \
'reverseaddresslookups:string' \
'reverseclientiplookups:string' \
'scancleancache:string' \
'showweightedfound:string' \
'softrestart:string' \
'trickledelay:uinteger' \
'urlcacheage:uinteger' \
'urlcachenumber:uinteger' \
'urlipcfilename:string' \
'usecustombannedflash:string' \
'usecustombannedimage:string' \
'usexforwardedfor:string' \
'weightedphrasemode:range(0,2)'
}
start_service() {
local config_file accessdeniedaddress bannediplist contentscanexceptions contentscannertimeout \
createlistcachefiles custombannedflashfile custombannedimagefile deletedownloadedtempfiles \
downloadmanager exceptioniplist filecachedir filtergroups filtergroupslist filterip filterports \
forcequicksearch forwardedfor hexdecodecontent initialtrickledelay ipcfilename ipipcfilename \
language languagedir logadblocks logchildprocesshandling logclienthostnames logconnectionhandlingerrors \
logexceptionhits logfileformat loglevel loguseragent maxagechildren maxchildren maxcontentfilecachescansize \
maxcontentfiltersize maxcontentramcachescansize maxips maxsparechildren maxuploadsize minchildren minsparechildren \
nodaemon nologger nonstandarddelimiter perroomblockingdirectory phrasefiltermode prefercachedlists preforkchildren \
preservecase proxyip proxyport proxytimeout recheckreplacedurls reportinglevel reverseaddresslookups \
reverseclientiplookups scancleancache showweightedfound softrestart trickledelay urlcacheage urlcachenumber \
urlipcfilename usecustombannedflash usecustombannedimage usexforwardedfor weightedphrasemode
validate_dansguardian_section dansguardian || {
echo "validation failed"
return 1
}
mkdir -p $(dirname $CONFIGFILE)
ln -sf $config_file $(dirname $CONFIGFILE)
echo "accessdeniedaddress = " $accessdeniedaddress >> $CONFIGFILE
echo "bannediplist = " $bannediplist >> $CONFIGFILE
echo "contentscanexceptions = " $contentscanexceptions >> $CONFIGFILE
echo "contentscannertimeout = " $contentscannertimeout >> $CONFIGFILE
echo "createlistcachefiles = " $createlistcachefiles >> $CONFIGFILE
echo "custombannedflashfile = " $custombannedflashfile >> $CONFIGFILE
echo "custombannedimagefile = " $custombannedimagefile >> $CONFIGFILE
echo "deletedownloadedtempfiles = " $deletedownloadedtempfiles >> $CONFIGFILE
echo "downloadmanager = " $downloadmanager >> $CONFIGFILE
echo "exceptioniplist = " $exceptioniplist >> $CONFIGFILE
echo "filecachedir = " $filecachedir >> $CONFIGFILE
echo "filtergroups = " $filtergroups >> $CONFIGFILE
echo "filtergroupslist = " $filtergroupslist >> $CONFIGFILE
echo "filterip = " $filterip >> $CONFIGFILE
echo "filterports = " $filterports >> $CONFIGFILE
echo "forcequicksearch = " $forcequicksearch >> $CONFIGFILE
echo "forwardedfor = " $forwardedfor >> $CONFIGFILE
echo "hexdecodecontent = " $hexdecodecontent >> $CONFIGFILE
echo "initialtrickledelay = " $initialtrickledelay >> $CONFIGFILE
echo "ipcfilename = " $ipcfilename >> $CONFIGFILE
echo "ipipcfilename = " $ipipcfilename >> $CONFIGFILE
echo "language = " $language >> $CONFIGFILE
echo "languagedir = " $languagedir >> $CONFIGFILE
echo "logadblocks = " $logadblocks >> $CONFIGFILE
echo "logchildprocesshandling = " $logchildprocesshandling >> $CONFIGFILE
echo "logclienthostnames = " $logclienthostnames >> $CONFIGFILE
echo "logconnectionhandlingerrors = " $logconnectionhandlingerrors >> $CONFIGFILE
echo "logexceptionhits = " $logexceptionhits >> $CONFIGFILE
echo "logfileformat = " $logfileformat >> $CONFIGFILE
echo "loglevel = " $loglevel >> $CONFIGFILE
echo "loglocation = " $loglocation >> $CONFIGFILE
echo "loguseragent = " $loguseragent >> $CONFIGFILE
echo "maxagechildren = " $maxagechildren >> $CONFIGFILE
echo "maxchildren = " $maxchildren >> $CONFIGFILE
echo "maxcontentfilecachescansize = " $maxcontentfilecachescansize >> $CONFIGFILE
echo "maxcontentfiltersize = " $maxcontentfiltersize >> $CONFIGFILE
echo "maxcontentramcachescansize = " $maxcontentramcachescansize >> $CONFIGFILE
echo "maxips = " $maxips >> $CONFIGFILE
echo "maxsparechildren = " $maxsparechildren >> $CONFIGFILE
echo "maxuploadsize = " $maxuploadsize >> $CONFIGFILE
echo "minchildren = " $minchildren >> $CONFIGFILE
echo "minsparechildren = " $minsparechildren >> $CONFIGFILE
echo "nodaemon = " $nodaemon >> $CONFIGFILE
echo "nologger = " $nologger >> $CONFIGFILE
echo "nonstandarddelimiter = " $nonstandarddelimiter >> $CONFIGFILE
echo "perroomblockingdirectory = " $perroomblockingdirectory >> $CONFIGFILE
echo "phrasefiltermode = " $phrasefiltermode >> $CONFIGFILE
echo "prefercachedlists = " $prefercachedlists >> $CONFIGFILE
echo "preforkchildren = " $preforkchildren >> $CONFIGFILE
echo "preservecase = " $preservecase >> $CONFIGFILE
echo "proxyip = " $proxyip >> $CONFIGFILE
echo "proxyport = " $proxyport >> $CONFIGFILE
echo "proxytimeout = " $proxytimeout >> $CONFIGFILE
echo "recheckreplacedurls = " $recheckreplacedurls >> $CONFIGFILE
echo "reportinglevel = " $reportinglevel >> $CONFIGFILE
echo "reverseaddresslookups = " $reverseaddresslookups >> $CONFIGFILE
echo "reverseclientiplookups = " $reverseclientiplookups >> $CONFIGFILE
echo "scancleancache = " $scancleancache >> $CONFIGFILE
echo "showweightedfound = " $showweightedfound >> $CONFIGFILE
echo "softrestart = " $softrestart >> $CONFIGFILE
echo "trickledelay = " $trickledelay >> $CONFIGFILE
echo "urlcacheage = " $urlcacheage >> $CONFIGFILE
echo "urlcachenumber = " $urlcachenumber >> $CONFIGFILE
echo "urlipcfilename = " $urlipcfilename >> $CONFIGFILE
echo "usecustombannedflash = " $usecustombannedflash >> $CONFIGFILE
echo "usecustombannedimage = " $usecustombannedimage >> $CONFIGFILE
echo "usexforwardedfor = " $usexforwardedfor >> $CONFIGFILE
echo "weightedphrasemode = " $weightedphrasemode >> $CONFIGFILE
procd_open_instance
procd_set_param command $PROG -N -c "$CONFIGFILE"
procd_set_param file $CONFIGFILE
procd_set_param respawn
procd_close_instance
}
stop_service()
{
dansguardian -s | awk -F':' '{ print $2}' | xargs kill -9
}
service_triggers()
{
procd_add_reload_trigger "dansguardian"
procd_add_validation validate_dansguardian_section
}

+ 348
- 0
net/dansguardian/files/dansguardianf1.conf View File

@ -0,0 +1,348 @@
# DansGuardian filter group config file for version 2.12.0.0
# Filter group mode
# This option determines whether members of this group have their web access
# unfiltered, filtered, or banned. This mechanism replaces the "banneduserlist"
# and "exceptionuserlist" files from previous versions.
#
# 0 = banned
# 1 = filtered
# 2 = unfiltered (exception)
#
# Only filter groups with a mode of 1 need to define phrase, URL, site, extension,
# mimetype and PICS lists; in other modes, these options are ignored to conserve
# memory.
#
# Defaults to 0 if unspecified.
# Unauthenticated users are treated as being in the first filter group.
groupmode = 1
# Filter group name
# Used to fill in the -FILTERGROUP- placeholder in the HTML template file, and to
# name the group in the access logs
# Defaults to empty string
#groupname = ''
# Content filtering files location
bannedphraselist = '/etc/dansguardian/lists/bannedphraselist'
weightedphraselist = '/etc/dansguardian/lists/weightedphraselist'
exceptionphraselist = '/etc/dansguardian/lists/exceptionphraselist'
bannedsitelist = '/etc/dansguardian/lists/bannedsitelist'
greysitelist = '/etc/dansguardian/lists/greysitelist'
exceptionsitelist = '/etc/dansguardian/lists/exceptionsitelist'
bannedurllist = '/etc/dansguardian/lists/bannedurllist'
greyurllist = '/etc/dansguardian/lists/greyurllist'
exceptionurllist = '/etc/dansguardian/lists/exceptionurllist'
exceptionregexpurllist = '/etc/dansguardian/lists/exceptionregexpurllist'
bannedregexpurllist = '/etc/dansguardian/lists/bannedregexpurllist'
picsfile = '/etc/dansguardian/lists/pics'
contentregexplist = '/etc/dansguardian/lists/contentregexplist'
urlregexplist = '/etc/dansguardian/lists/urlregexplist'
# Filetype filtering
#
# Blanket download blocking
# If enabled, all files will be blocked, unless they match the
# exceptionextensionlist or exceptionmimetypelist.
# These lists do not override virus scanning.
# Exception lists defined above override all types of filtering, including
# the blanket download block.
# Defaults to disabled.
# (on | off)
#
blockdownloads = off
exceptionextensionlist = '/etc/dansguardian/lists/exceptionextensionlist'
exceptionmimetypelist = '/etc/dansguardian/lists/exceptionmimetypelist'
#
# Use the following lists to block specific kinds of file downloads.
# The two exception lists above can be used to override these.
#
bannedextensionlist = '/etc/dansguardian/lists/bannedextensionlist'
bannedmimetypelist = '/etc/dansguardian/lists/bannedmimetypelist'
#
# In either file filtering mode, the following list can be used to override
# MIME type & extension blocks for particular domains & URLs (trusted download sites).
#
exceptionfilesitelist = '/etc/dansguardian/lists/exceptionfilesitelist'
exceptionfileurllist = '/etc/dansguardian/lists/exceptionfileurllist'
# Categorise without blocking:
# Supply categorised lists here and the category string shall be logged against
# matching requests, but matching these lists does not perform any filtering
# action.
#logsitelist = '/etc/dansguardian/lists/logsitelist'
#logurllist = '/etc/dansguardian/lists/logurllist'
#logregexpurllist = '/etc/dansguardian/lists/logregexpurllist'
# Outgoing HTTP header rules:
# Optional lists for blocking based on, and modification of, outgoing HTTP
# request headers. Format for headerregexplist is one modification rule per
# line, similar to content/URL modifications. Format for
# bannedregexpheaderlist is one regular expression per line, with matching
# headers causing a request to be blocked.
# Headers are matched/replaced on a line-by-line basis, not as a contiguous
# block.
# Use for example, to remove cookies or prevent certain user-agents.
headerregexplist = '/etc/dansguardian/lists/headerregexplist'
bannedregexpheaderlist = '/etc/dansguardian/lists/bannedregexpheaderlist'
# Weighted phrase mode
# Optional; overrides the weightedphrasemode option in dansguardian.conf
# for this particular group. See documentation for supported values in
# that file.
#weightedphrasemode = 0
# Naughtiness limit
# This the limit over which the page will be blocked. Each weighted phrase is given
# a value either positive or negative and the values added up. Phrases to do with
# good subjects will have negative values, and bad subjects will have positive
# values. See the weightedphraselist file for examples.
# As a guide:
# 50 is for young children, 100 for old children, 160 for young adults.
naughtynesslimit = 50
# Search term blocking
# Search terms can be extracted from search URLs and filtered using the
# bannedphraselist, weightedphraselist and exceptionphraselist, with a separate
# threshold for blocking than that used for normal page content.
# To do this, the first two options below must be enabled.
#
# Search engine regular expression list
# List of regular expressions for matching search engine URLs. It is assumed
# that the search terms themselves will be contained within the first submatch
# of each expression.
#searchengineregexplist = '/etc/dansguardian/lists/searchengineregexplist'
#
# Search term limit
# The limit over which requests will be blocked for containing search terms
# which match the weightedphraselist. This should usually be lower than the
# 'naughtynesslimit' value above, because the amount of text being filtered
# is only a few words, rather than a whole page.
# This option must be uncommented if searchengineregexplist is uncommented.
# A value of 0 here indicates that search terms should be extracted,
# for logging/reporting purposes, but no filtering should be performed
# on the resulting text.
#searchtermlimit = 30
#
# Search term lists
# If the three lines below are uncommented, search term blocking will use
# the banned, weighted & exception phrases from these lists, instead of using
# the same phrase lists as for page content. This is optional but recommended,
# as weights for individual phrases in the "normal" lists may not be
# appropriate for blocking when those phrases appear in a much smaller block
# of text.
# Please note that all or none of the below should be uncommented, not a
# mixture.
#bannedsearchtermlist = '/etc/dansguardian/lists/bannedsearchtermlist'
#weightedsearchtermlist = '/etc/dansguardian/lists/weightedsearchtermlist'
#exceptionsearchtermlist = '/etc/dansguardian/lists/exceptionsearchtermlist'
# Category display threshold
# This option only applies to pages blocked by weighted phrase filtering.
# Defines the minimum score that must be accumulated within a particular
# category in order for it to show up on the block pages' category list.
# All categories under which the page scores positively will be logged; those
# that were not displayed to the user appear in brackets.
#
# -1 = display only the highest scoring category
# 0 = display all categories (default)
# > 0 = minimum score for a category to be displayed
categorydisplaythreshold = 0
# Embedded URL weighting
# When set to something greater than zero, this option causes URLs embedded within a
# page's HTML (from links, image tags, etc.) to be extracted and checked against the
# bannedsitelist and bannedurllist. Each link to a banned page causes the amount set
# here to be added to the page's weighting.
# The behaviour of this option with regards to multiple occurrences of a site/URL is
# affected by the weightedphrasemode setting.
#
# NB: Currently, this feature uses regular expressions that require the PCRE library.
# As such, it is only available if you compiled DansGuardian with '--enable-pcre=yes'.
# You can check compile-time options by running 'dansguardian -v'.
#
# Set to 0 to disable.
# Defaults to 0.
# WARNING: This option is highly CPU intensive!
embeddedurlweight = 0
# Enable PICS rating support
#
# Defaults to disabled
# (on | off)
enablepics = off
# Temporary Denied Page Bypass
# This provides a link on the denied page to bypass the ban for a few minutes. To be
# secure it uses a random hashed secret generated at daemon startup. You define the
# number of seconds the bypass will function for before the deny will appear again.
# To allow the link on the denied page to appear you will need to edit the template.html
# or dansguardian.pl file for your language.
# 300 = enable for 5 minutes
# 0 = disable ( defaults to 0 )
# -1 = enable but you require a separate program/CGI to generate a valid link
bypass = 0
# Temporary Denied Page Bypass Secret Key
# Rather than generating a random key you can specify one. It must be more than 8 chars.
# '' = generate a random one (recommended and default)
# 'Mary had a little lamb.' = an example
# '76b42abc1cd0fdcaf6e943dcbc93b826' = an example
bypasskey = ''
# Infection/Scan Error Bypass
# Similar to the 'bypass' setting, but specifically for bypassing files scanned and found
# to be infected, or files that trigger scanner errors - for example, archive types with
# recognised but unsupported compression schemes, or corrupt archives.
# The option specifies the number of seconds for which the bypass link will be valid.
# 300 = enable for 5 minutes
# 0 = disable (default)
# -1 = enable, but require a separate program/CGI to generate a valid link
infectionbypass = 0
# Infection/Scan Error Bypass Secret Key
# Same as the 'bypasskey' option, but used for infection bypass mode.
infectionbypasskey = ''
# Infection/Scan Error Bypass on Scan Errors Only
# Enable this option to allow infectionbypass links only when virus scanning fails,
# not when a file is found to contain a virus.
# on = enable (default and highly recommended)
# off = disable
infectionbypasserrorsonly = on
# Disable content scanning
# If you enable this option you will disable content scanning for this group.
# Content scanning primarily is AV scanning (if enabled) but could include
# other types.
# (on|off) default = off.
disablecontentscan = off
# Enable Deep URL Analysis
# When enabled, DG looks for URLs within URLs, checking against the bannedsitelist and
# bannedurllist. This can be used, for example, to block images originating from banned
# sites from appearing in Google Images search results, as the original URLs are
# embedded in the thumbnail GET requests.
# (on|off) default = off
deepurlanalysis = off
# reportinglevel
#
# -1 = log, but do not block - Stealth mode
# 0 = just say 'Access Denied'
# 1 = report why but not what denied phrase
# 2 = report fully
# 3 = use HTML template file (accessdeniedaddress ignored) - recommended
#
# If defined, this overrides the global setting in dansguardian.conf for
# members of this filter group.
#
#reportinglevel = 3
# accessdeniedaddress is the address of your web server to which the cgi
# dansguardian reporting script was copied. Only used in reporting levels
# 1 and 2.
#
# This webserver must be either:
# 1. Non-proxied. Either a machine on the local network, or listed as an
# exception in your browser's proxy configuration.
# 2. Added to the exceptionsitelist. Option 1 is preferable; this option is
# only for users using both transparent proxying and a non-local server
# to host this script.
#
# If defined, this overrides the global setting in dansguardian.conf for
# members of this filter group.
#
#accessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/cgi-bin/dansguardian.pl'
# HTML Template override
# If defined, this specifies a custom HTML template file for members of this
# filter group, overriding the global setting in dansguardian.conf. This is
# only used in reporting level 3.
#
# The default template file path is <languagedir>/<language>/template.html
# e.g. /usr/share/dansguardian/languages/ukenglish/template.html when using 'ukenglish'
# language.
#
# This option generates a file path of the form:
# <languagedir>/<language>/<htmltemplate>
# e.g. /usr/share/dansguardian/languages/ukenglish/custom.html
#
#htmltemplate = 'custom.html'
# Email reporting - original patch by J. Gauthier
# Use SMTP
# If on, will enable system wide events to be reported by email.
# need to configure mail program (see 'mailer' in global config)
# and email recipients
# default usesmtp = off
#!! Not compiled !!usesmtp = off
# mailfrom
# who the email would come from
# example: mailfrom = 'dansguardian@mycompany.com'
#!! Not compiled !!mailfrom = ''
# avadmin
# who the virus emails go to (if notify av is on)
# example: avadmin = 'admin@mycompany.com'
#!! Not compiled !!avadmin = ''
# contentdmin
# who the content emails go to (when thresholds are exceeded)
# and contentnotify is on
# example: contentadmin = 'admin@mycompany.com'
#!! Not compiled !!contentadmin = ''
# avsubject
# Subject of the email sent when a virus is caught.
# only applicable if notifyav is on
# default avsubject = 'dansguardian virus block'
#!! Not compiled !!avsubject = 'dansguardian virus block'
# content
# Subject of the email sent when violation thresholds are exceeded
# default contentsubject = 'dansguardian violation'
#!! Not compiled !!contentsubject = 'dansguardian violation'
# notifyAV
# This will send a notification, if usesmtp/notifyav is on, any time an
# infection is found.
# Important: If this option is off, viruses will still be recorded like a
# content infraction.
#!! Not compiled !!notifyav = off
# notifycontent
# This will send a notification, if usesmtp is on, based on thresholds
# below
#!! Not compiled !!notifycontent = off
# thresholdbyuser
# results are only predictable with user authenticated configs
# if enabled the violation/threshold count is kept track of by the user
#!! Not compiled !!thresholdbyuser = off
#violations
# number of violations before notification
# setting to 0 will never trigger a notification
#!! Not compiled !!violations = 0
#threshold
# this is in seconds. If 'violations' occur in 'threshold' seconds, then
# a notification is made.
# if this is set to 0, then whenever the set number of violations are made a
# notifaction will be sent.
#!! Not compiled !!threshold = 0
#SSL certificate checking
# Check that ssl certificates for servers on https connections are valid
# and signed by a ca in the configured path
sslcertcheck = off
#SSL man in the middle
# Forge ssl certificates for all sites, decrypt the data then re encrypt it
# using a different private key. Used to filter ssl sites
sslmitm = off

+ 29
- 0
net/dansguardian/patches/001-compile.patch View File

@ -0,0 +1,29 @@
--- a/configure
+++ b/configure
@@ -827,7 +827,7 @@ sysconfdir='${prefix}/etc'
sharedstatedir='${prefix}/com'
localstatedir='${prefix}/var'
includedir='${prefix}/include'
-oldincludedir='/usr/include'
+oldincludedir='${prefix}/usr/include'
docdir='${datarootdir}/doc/${PACKAGE_TARNAME}'
infodir='${datarootdir}/info'
htmldir='${docdir}'
@@ -5265,7 +5265,7 @@ $as_echo_n "checking for zlib... " >&6;
# Check whether --with-zlib was given.
if test "${with_zlib+set}" = set; then :
withval=$with_zlib; # check for header & func (in library) in given prefix
- CPPFLAGS="${CPPFLAGS} -I${withval}/include"
+ CPPFLAGS="${CPPFLAGS}"
if test "x$staticzlib" = "xtrue"; then
LIBS="-Bstatic -L${withval} -lz -Bdynamic ${LIBS}"
else
@@ -7095,7 +7095,7 @@ $as_echo "#define ENABLE_NTLM /**/" >>co
if test "${with_libiconv+set}" = set; then :
withval=$with_libiconv; # check for header & func (in library) in given prefix
if test "x$withval" != "x"; then
- CPPFLAGS="${CPPFLAGS} -I${withval}/include"
+ CPPFLAGS="${CPPFLAGS}"
LIBS="-L${withval}/lib -liconv ${LIBS}"
else
LIBS="-liconv ${LIBS}"

Loading…
Cancel
Save