Browse Source

e2guardian: add package

Signed-off-by: Luka Perkov <luka@openwrt.org>
lilik-openwrt-22.03
Luka Perkov 10 years ago
parent
commit
a1438cc5a8
4 changed files with 766 additions and 0 deletions
  1. +78
    -0
      net/e2guardian/Makefile
  2. +70
    -0
      net/e2guardian/files/e2guardian.config
  3. +192
    -0
      net/e2guardian/files/e2guardian.init
  4. +426
    -0
      net/e2guardian/files/e2guardianf1.conf

+ 78
- 0
net/e2guardian/Makefile View File

@ -0,0 +1,78 @@
#
# Copyright (C) 2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=e2guardian
PKG_VERSION:=3.0.4
PKG_RELEASE:=1
PKG_LICENSE:=GPL-2.0
PKG_MAINTAINER:=Luka Perkov <luka@openwrt.org>
PKG_SOURCE:=v$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/e2guardian/e2guardian/archive/
PKG_MD5SUM:=f8ffac7ac4f040b672cc4e62121bf4c5
PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
include $(INCLUDE_DIR)/uclibc++.mk
include $(INCLUDE_DIR)/package.mk
define Package/e2guardian
SECTION:=net
DEPENDS:=+libpthread $(CXX_DEPENDS) +zlib +libpcre
CATEGORY:=Network
SUBMENU:=Web Servers/Proxies
TITLE:=E2Guardian
URL:=http://e2guardian.org/cms/
endef
define Package/e2guardian/conffiles
/etc/e2guardian/e2guardianf1.conf
/etc/config/e2guardian
endef
CONFIGURE_VARS += \
INCLUDES="" \
CXXFLAGS="$$$$CXXFLAGS -fno-rtti" \
LIBS="-lpthread"
CONFIGURE_ARGS += \
--with-sysconfsubdir=e2guardian \
--with-proxyuser=root \
--with-proxygroup=root \
--enable-pcre=yes
define Build/Configure
$(call Build/Configure/Default,$CONFIGURE_ARGS)
endef
define Package/e2guardian/install
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/e2guardian $(1)/usr/sbin/
$(INSTALL_DIR) $(1)/etc
$(CP) $(PKG_INSTALL_DIR)/etc/e2guardian $(1)/etc/
$(INSTALL_CONF) ./files/e2guardianf1.conf $(1)/etc/e2guardian/e2guardianf1.conf
$(INSTALL_DIR) $(1)/etc/config
$(INSTALL_CONF) ./files/e2guardian.config $(1)/etc/config/e2guardian
$(INSTALL_DIR) $(1)/usr/share/e2guardian
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/e2guardian/transparent1x1.gif $(1)/usr/share/e2guardian/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/e2guardian/blockedflash.swf $(1)/usr/share/e2guardian/
$(INSTALL_DIR) $(1)/usr/share/e2guardian/languages/ukenglish
$(CP) $(PKG_INSTALL_DIR)/usr/share/e2guardian/languages/ukenglish/* $(1)/usr/share/e2guardian/languages/ukenglish/
$(INSTALL_DIR) $(1)/etc/init.d/
$(INSTALL_BIN) ./files/e2guardian.init $(1)/etc/init.d/e2guardian
endef
$(eval $(call BuildPackage,e2guardian))

+ 70
- 0
net/e2guardian/files/e2guardian.config View File

@ -0,0 +1,70 @@
config e2guardian 'e2guardian'
option config_file '/etc/e2guardian/e2guardianf1.conf'
option languagedir '/usr/share/e2guardian/languages'
option language 'ukenglish'
option loglevel '2'
option logexceptionhits '2'
option logfileformat '1'
option loglocation '/dev/null'
option maxuploadsize '-1'
option filterip ''
option filterports '8080'
option proxyip '127.0.0.1'
option proxyport '3128'
option proxytimeout '20'
option proxyexchange '20'
option pcontimeout '55'
option accessdeniedaddress 'http://YOURSERVER.YOURDOMAIN/cgi-bin/e2guardian.pl'
option usecustombannedimage 'on'
option custombannedimagefile '/usr/share/e2guardian/transparent1x1.gif'
option usecustombannedflash 'on'
option custombannedflashfile '/usr/share/e2guardian/blockedflash.swf'
option filtergroups '1'
option filtergroupslist '/etc/e2guardian/lists/filtergroupslist'
option bannediplist '/etc/e2guardian/lists/bannediplist'
option exceptioniplist '/etc/e2guardian/lists/exceptioniplist'
option perroomdirectory '/etc/e2guardian/lists/bannedrooms/'
option showweightedfound 'on'
option weightedphrasemode '2'
option urlcachenumber '1000'
option urlcacheage '900'
option scancleancache 'on'
option phrasefiltermode '2'
option preservecase '0'
option hexdecodecontent 'off'
option forcequicksearch 'off'
option reverseaddresslookups 'off'
option reverseclientiplookups 'off'
option logclienthostnames 'off'
option createlistcachefiles 'on'
option prefercachedlists 'off'
option maxcontentfiltersize '256'
option maxcontentramcachescansize '2000'
option maxcontentfilecachescansize '20000'
option filecachedir '/tmp'
option deletedownloadedtempfiles 'on'
option initialtrickledelay '20'
option trickledelay '10'
option downloadmanager '/etc/e2guardian/downloadmanagers/default.conf'
option contentscannertimeout '60'
option contentscanexceptions 'off'
option recheckreplacedurls 'off'
option forwardedfor 'off'
option usexforwardedfor 'off'
option logconnectionhandlingerrors 'on'
option logchildprocesshandling 'off'
option maxchildren '180'
option minchildren '20'
option minsparechildren '16'
option preforkchildren '10'
option maxsparechildren '32'
option maxagechildren '500'
option maxips '0'
option ipcfilename '/tmp/.dguardianipc'
option urlipcfilename '/tmp/.dguardianurlipc'
option ipipcfilename '/tmp/.dguardianipipc'
option nodaemon 'off'
option nologger 'off'
option logadblocks 'off'
option loguseragent 'off'
option softrestart 'off'

+ 192
- 0
net/e2guardian/files/e2guardian.init View File

@ -0,0 +1,192 @@
#!/bin/sh /etc/rc.common
# Copyright (C) 2015 OpenWrt.org
START=90
STOP=10
USE_PROCD=1
PROG=/usr/sbin/e2guardian
CONFIGFILE="/tmp/e2guardian/e2guardian.conf"
validate_e2guardian_section() {
uci_validate_section e2guardian e2guardian "${1}" \
'config_file:string' \
'accessdeniedaddress:string' \
'bannediplist:string' \
'contentscanexceptions:string' \
'contentscannertimeout:uinteger' \
'createlistcachefiles:string' \
'custombannedflashfile:string' \
'custombannedimagefile:string' \
'deletedownloadedtempfiles:string' \
'downloadmanager:string' \
'exceptioniplist:string' \
'filecachedir:string' \
'filtergroups:uinteger' \
'filtergroupslist:string' \
'filterip:ipaddr' \
'filterports:port:8080' \
'forcequicksearch:string' \
'forwardedfor:string' \
'hexdecodecontent:string' \
'initialtrickledelay:uinteger' \
'ipcfilename:string' \
'ipipcfilename:string' \
'languagedir:string' \
'language:string' \
'logadblocks:string' \
'logchildprocesshandling:string' \
'logclienthostnames:string' \
'logconnectionhandlingerrors:string' \
'logexceptionhits:range(0,2)' \
'logfileformat:range(1,6)' \
'loglevel:range(0,3)' \
'loglocation:string' \
'loguseragent:string' \
'maxagechildren:uinteger' \
'maxchildren:uinteger' \
'maxcontentfilecachescansize:uinteger' \
'maxcontentfiltersize:uinteger' \
'maxcontentramcachescansize:uinteger' \
'maxips:uinteger' \
'maxsparechildren:uinteger' \
'maxuploadsize:integer' \
'minchildren:uinteger' \
'minsparechildren:uinteger' \
'nodaemon:string' \
'nologger:string' \
'pcontimeout:range(5,300)' \
'perroomdirectory:string' \
'phrasefiltermode:range(0,3)' \
'prefercachedlists:string' \
'preforkchildren:uinteger' \
'preservecase:range(0,2)' \
'proxyexchange:range(20,300)' \
'proxyip:ipaddr' \
'proxyport:port:3128' \
'proxytimeout:range(5,100)' \
'recheckreplacedurls:string' \
'reverseaddresslookups:string' \
'reverseclientiplookups:string' \
'scancleancache:string' \
'showweightedfound:string' \
'softrestart:string' \
'trickledelay:uinteger' \
'urlcacheage:uinteger' \
'urlcachenumber:uinteger' \
'urlipcfilename:string' \
'usecustombannedflash:string' \
'usecustombannedimage:string' \
'usexforwardedfor:string' \
'weightedphrasemode:range(0,2)'
}
start_service() {
local config_file accessdeniedaddress bannediplist contentscanexceptions contentscannertimeout \
createlistcachefiles custombannedflashfile custombannedimagefile deletedownloadedtempfiles \
downloadmanager exceptioniplist filecachedir loglocation \
filtergroups filtergroupslist filterip filterports forcequicksearch forwardedfor hexdecodecontent \
initialtrickledelay ipcfilename ipipcfilename language languagedir logadblocks logchildprocesshandling \
logclienthostnames logconnectionhandlingerrors logexceptionhits logfileformat loglevel loguseragent \
maxagechildren maxchildren maxcontentfilecachescansize maxcontentfiltersize maxcontentramcachescansize \
maxips maxsparechildren maxuploadsize minchildren minsparechildren nodaemon nologger \
pcontimeout perroomdirectory phrasefiltermode prefercachedlists preforkchildren preservecase proxyexchange \
proxyip proxyport proxytimeout recheckreplacedurls reverseaddresslookups reverseclientiplookups scancleancache \
showweightedfound softrestart trickledelay urlcacheage urlcachenumber urlipcfilename usecustombannedflash \
usecustombannedimage usexforwardedfor weightedphrasemode
validate_e2guardian_section e2guardian || {
echo "validation failed"
return 1
}
mkdir -p $(dirname $CONFIGFILE)
ln -sf $config_file $(dirname $CONFIGFILE)
echo "accessdeniedaddress = " $accessdeniedaddress > $CONFIGFILE
echo "bannediplist = " $bannediplist >> $CONFIGFILE
echo "contentscanexceptions = " $contentscanexceptions >> $CONFIGFILE
echo "contentscannertimeout = " $contentscannertimeout >> $CONFIGFILE
echo "createlistcachefiles = " $createlistcachefiles >> $CONFIGFILE
echo "custombannedflashfile = " $custombannedflashfile >> $CONFIGFILE
echo "custombannedimagefile = " $custombannedimagefile >> $CONFIGFILE
echo "deletedownloadedtempfiles = " $deletedownloadedtempfiles >> $CONFIGFILE
echo "downloadmanager = " $downloadmanager >> $CONFIGFILE
echo "exceptioniplist = " $exceptioniplist >> $CONFIGFILE
echo "filecachedir = " $filecachedir >> $CONFIGFILE
echo "filtergroups = " $filtergroups >> $CONFIGFILE
echo "filtergroupslist = " $filtergroupslist >> $CONFIGFILE
echo "filterip = " $filterip >> $CONFIGFILE
echo "filterports = " $filterports >> $CONFIGFILE
echo "forcequicksearch = " $forcequicksearch >> $CONFIGFILE
echo "forwardedfor = " $forwardedfor >> $CONFIGFILE
echo "hexdecodecontent = " $hexdecodecontent >> $CONFIGFILE
echo "initialtrickledelay = " $initialtrickledelay >> $CONFIGFILE
echo "ipcfilename = " $ipcfilename >> $CONFIGFILE
echo "ipipcfilename = " $ipipcfilename >> $CONFIGFILE
echo "language = " $language >> $CONFIGFILE
echo "languagedir = " $languagedir >> $CONFIGFILE
echo "logadblocks = " $logadblocks >> $CONFIGFILE
echo "logchildprocesshandling = " $logchildprocesshandling >> $CONFIGFILE
echo "logclienthostnames = " $logclienthostnames >> $CONFIGFILE
echo "logconnectionhandlingerrors = " $logconnectionhandlingerrors >> $CONFIGFILE
echo "logexceptionhits = " $logexceptionhits >> $CONFIGFILE
echo "logfileformat = " $logfileformat >> $CONFIGFILE
echo "loglevel = " $loglevel >> $CONFIGFILE
echo "loglocation = " $loglocation >> $CONFIGFILE
echo "loguseragent = " $loguseragent >> $CONFIGFILE
echo "maxagechildren = " $maxagechildren >> $CONFIGFILE
echo "maxchildren = " $maxchildren >> $CONFIGFILE
echo "maxcontentfilecachescansize = " $maxcontentfilecachescansize >> $CONFIGFILE
echo "maxcontentfiltersize = " $maxcontentfiltersize >> $CONFIGFILE
echo "maxcontentramcachescansize = " $maxcontentramcachescansize >> $CONFIGFILE
echo "maxips = " $maxips >> $CONFIGFILE
echo "maxsparechildren = " $maxsparechildren >> $CONFIGFILE
echo "maxuploadsize = " $maxuploadsize >> $CONFIGFILE
echo "minchildren = " $minchildren >> $CONFIGFILE
echo "minsparechildren = " $minsparechildren >> $CONFIGFILE
echo "nodaemon = " $nodaemon >> $CONFIGFILE
echo "nologger = " $nologger >> $CONFIGFILE
echo "pcontimeout = " $pcontimeout >> $CONFIGFILE
echo "perroomdirectory = " $perroomdirectory >> $CONFIGFILE
echo "phrasefiltermode = " $phrasefiltermode >> $CONFIGFILE
echo "prefercachedlists = " $prefercachedlists >> $CONFIGFILE
echo "preforkchildren = " $preforkchildren >> $CONFIGFILE
echo "preservecase = " $preservecase >> $CONFIGFILE
echo "proxyexchange = " $proxyexchange >> $CONFIGFILE
echo "proxyip = " $proxyip >> $CONFIGFILE
echo "proxyport = " $proxyport >> $CONFIGFILE
echo "proxytimeout = " $proxytimeout >> $CONFIGFILE
echo "recheckreplacedurls = " $recheckreplacedurls >> $CONFIGFILE
echo "reverseaddresslookups = " $reverseaddresslookups >> $CONFIGFILE
echo "reverseclientiplookups = " $reverseclientiplookups >> $CONFIGFILE
echo "scancleancache = " $scancleancache >> $CONFIGFILE
echo "showweightedfound = " $showweightedfound >> $CONFIGFILE
echo "softrestart = " $softrestart >> $CONFIGFILE
echo "trickledelay = " $trickledelay >> $CONFIGFILE
echo "urlcacheage = " $urlcacheage >> $CONFIGFILE
echo "urlcachenumber = " $urlcachenumber >> $CONFIGFILE
echo "urlipcfilename = " $urlipcfilename >> $CONFIGFILE
echo "usecustombannedflash = " $usecustombannedflash >> $CONFIGFILE
echo "usecustombannedimage = " $usecustombannedimage >> $CONFIGFILE
echo "usexforwardedfor = " $usexforwardedfor >> $CONFIGFILE
echo "weightedphrasemode = " $weightedphrasemode >> $CONFIGFILE
procd_open_instance
procd_set_param command $PROG -N -c "$CONFIGFILE"
procd_set_param file $CONFIGFILE
procd_set_param respawn
procd_close_instance
}
stop_service()
{
e2guardian -s | awk -F':' '{ print $2}' | xargs kill -9
}
service_triggers()
{
procd_add_reload_trigger "e2guardian"
procd_add_validation validate_e2guardian_section
}

+ 426
- 0
net/e2guardian/files/e2guardianf1.conf View File

@ -0,0 +1,426 @@
# e2guardian filter group config file for version 3.0.4
# Filter group mode
# This option determines whether members of this group have their web access
# unfiltered, filtered, or banned.
#
# 0 = banned
# 1 = filtered
# 2 = unfiltered (exception)
#
# Only filter groups with a mode of 1 need to define phrase, URL, site, extension,
# mimetype and PICS lists; in other modes, these options are ignored to conserve
# memory.
#
# Defaults to 0 if unspecified.
# Unauthenticated users are treated as being in the first filter group.
groupmode = 1
# Filter group name
# Used to fill in the -FILTERGROUP- placeholder in the HTML template file, and to
# name the group in the access logs
# Defaults to empty string
#groupname = ''
groupname = ''
# Content filtering files location
bannedphraselist = 'etc/e2guardian/lists/bannedphraselist'
weightedphraselist = 'etc/e2guardian/lists/weightedphraselist'
exceptionphraselist = 'etc/e2guardian/lists/exceptionphraselist'
bannedsitelist = 'etc/e2guardian/lists/bannedsitelist'
greysitelist = 'etc/e2guardian/lists/greysitelist'
bannedsslsitelist = 'etc/e2guardian/lists/bannedsslsitelist'
greysslsitelist = 'etc/e2guardian/lists/greysslsitelist'
exceptionsitelist = 'etc/e2guardian/lists/exceptionsitelist'
bannedurllist = 'etc/e2guardian/lists/bannedurllist'
greyurllist = 'etc/e2guardian/lists/greyurllist'
exceptionurllist = 'etc/e2guardian/lists/exceptionurllist'
exceptionregexpurllist = 'etc/e2guardian/lists/exceptionregexpurllist'
bannedregexpurllist = 'etc/e2guardian/lists/bannedregexpurllist'
picsfile = 'etc/e2guardian/lists/pics'
contentregexplist = 'etc/e2guardian/lists/contentregexplist'
urlregexplist = 'etc/e2guardian/lists/urlregexplist'
refererexceptionsitelist = 'etc/e2guardian/lists/refererexceptionsitelist'
refererexceptionurllist = 'etc/e2guardian/lists/refererexceptionurllist'
embededreferersitelist = 'etc/e2guardian/lists/embededreferersitelist'
embededrefererurllist = 'etc/e2guardian/lists/embededrefererurllist'
urlredirectregexplist = 'etc/e2guardian/lists/urlredirectregexplist'
# local versions of lists (where LOCAL_LISTS enabled)
#localbannedsitelist = 'etc/e2guardian/lists/localbannedsitelist'
#localgreysitelist = 'etc/e2guardian/lists/localgreysitelist'
#localexceptionsitelist = 'etc/e2guardian/lists/localexceptionsitelist'
#localbannedurllist = 'etc/e2guardian/lists/localbannedurllist'
#localgreyurllist = 'etc/e2guardian/lists/localgreyurllist'
#localexceptionurllist = 'etc/e2guardian/lists/localexceptionurllist'
#localbannedsslsitelist = 'etc/e2guardian/lists/localbannedsslsitelist'
#localgreysslsitelist = 'etc/e2guardian/lists/localgreysslsitelist'
#localbannedsearchlist = 'etc/e2guardian/lists/localbannedsearchlist'
!! Not compiled !! authexceptionsitelist = 'etc/e2guardian/lists/authexceptionsitelist'
!! Not compiled !! authexceptionurllist = 'etc/e2guardian/lists/authexceptionurllist'
# Filetype filtering
#
# Allow bannedregexpurllist with grey list mode
# bannedregexpheaderlist and bannedregexpurllist
#
# bannedregexwithblanketblock = off
#
# Blanket download blocking
# If enabled, all files will be blocked, unless they match the
# exceptionextensionlist or exceptionmimetypelist.
# These lists do not override virus scanning.
# Exception lists defined above override all types of filtering, including
# the blanket download block.
# Defaults to disabled.
# (on | off)
#
blockdownloads = off
exceptionextensionlist = 'etc/e2guardian/lists/exceptionextensionlist'
exceptionmimetypelist = 'etc/e2guardian/lists/exceptionmimetypelist'
#
# Use the following lists to block specific kinds of file downloads.
# The two exception lists above can be used to override these.
#
bannedextensionlist = 'etc/e2guardian/lists/bannedextensionlist'
bannedmimetypelist = 'etc/e2guardian/lists/bannedmimetypelist'
#
# In either file filtering mode, the following list can be used to override
# MIME type & extension blocks for particular domains & URLs (trusted download sites).
#
exceptionfilesitelist = 'etc/e2guardian/lists/exceptionfilesitelist'
exceptionfileurllist = 'etc/e2guardian/lists/exceptionfileurllist'
# POST protection (web upload and forms)
# does not block forms without any file upload, i.e. this is just for
# blocking or limiting uploads
# measured in kibibytes after MIME encoding and header bumph
# use 0 for a complete block
# use higher (e.g. 512 = 512Kbytes) for limiting
# use -1 for no blocking
#maxuploadsize = 512
#maxuploadsize = 0
maxuploadsize = -1
# Categorise without blocking:
# Supply categorised lists here and the category string shall be logged against
# matching requests, but matching these lists does not perform any filtering
# action.
#logsitelist = 'etc/e2guardian/lists/logsitelist'
#logurllist = 'etc/e2guardian/lists/logurllist'
#logregexpurllist = 'etc/e2guardian/lists/logregexpurllist'
# Outgoing HTTP header rules:
# Optional lists for blocking based on, and modification of, outgoing HTTP
# request headers. Format for headerregexplist is one modification rule per
# line, similar to content/URL modifications. Format for
# bannedregexpheaderlist is one regular expression per line, with matching
# headers causing a request to be blocked.
# Headers are matched/replaced on a line-by-line basis, not as a contiguous
# block.
# Use for example, to remove cookies or prevent certain user-agents.
headerregexplist = 'etc/e2guardian/lists/headerregexplist'
bannedregexpheaderlist = 'etc/e2guardian/lists/bannedregexpheaderlist'
addheaderregexplist = 'etc/e2guardian/lists/addheaderregexplist'
# Weighted phrase mode
# Optional; overrides the weightedphrasemode option in e2guardian.conf
# for this particular group. See documentation for supported values in
# that file.
#weightedphrasemode = 0
# Naughtiness limit
# This the limit over which the page will be blocked. Each weighted phrase is given
# a value either positive or negative and the values added up. Phrases to do with
# good subjects will have negative values, and bad subjects will have positive
# values. See the weightedphraselist file for examples.
# As a guide:
# 50 is for young children, 100 for old children, 160 for young adults.
naughtynesslimit = 50
# Search term blocking
# Search terms can be extracted from search URLs and filtered using one or
# both of two different methods.
# Method 1 is that developed by Protex where specific
# search terms are contained in a bannedsearchlist.
# (localbannedsearchlist and bannedsearchoveridelist can be used to suppliment
# and overide this list as required.)
# These lists contain banned search words combinations on each line.
# Words are separated by '+' and must be in sorted order within a line.
# so to block 'sexy girl' then the list must contain the line
# girl+sexy
# and this will block both 'sexy girl' and 'girl sexy'
# To use this method, the searchregexplist must be enabled and the bannedsearchlist(s) defined
# Method 2 is uses the
# bannedphraselist, weightedphraselist and exceptionphraselist, with a separate
# threshold for blocking than that used for normal page content.
# To do this, the searchregexplist must be enabled and searchtermlimit
# must be grater than 0.
#
# Search engine regular expression list (need for both options)
# List of regular expressions for matching search engine URLs. It is assumed
# that the search terms themselves will be contained in the
# of output of each expression.
#searchregexplist = 'etc/e2guardian/lists/searchregexplist'
#
# Banned Search Term list(s) for option 1
#bannedsearchlist = 'etc/e2guardian/lists/bannedsearchlist'
#bannedsearchoveridelist = 'etc/e2guardian/lists/bannedsearchoveridelist'
# Search term limit (for Option 2)
# The limit over which requests will be blocked for containing search terms
# which match the weightedphraselist. This should usually be lower than the
# 'naughtynesslimit' value above, because the amount of text being filtered
# is only a few words, rather than a whole page.
# This option must be uncommented if searchregexplist is uncommented.
# A value of 0 here indicates that search terms should be extracted,
# but no phrase filtering should be performed on the resulting text.
#searchtermlimit = 0
#
# Search term phrase lists (for Option 2)
# If the three lines below are uncommented, search term blocking will use
# the banned, weighted & exception phrases from these lists, instead of using
# the same phrase lists as for page content. This is optional but recommended,
# as weights for individual phrases in the "normal" lists may not be
# appropriate for blocking when those phrases appear in a much smaller block
# of text.
# Please note that all or none of the below should be uncommented, not a
# mixture.
#bannedsearchtermlist = 'etc/e2guardian/lists/bannedsearchtermlist'
#weightedsearchtermlist = 'etc/e2guardian/lists/weightedsearchtermlist'
#exceptionsearchtermlist = 'etc/e2guardian/lists/exceptionsearchtermlist'
# Category display threshold
# This option only applies to pages blocked by weighted phrase filtering.
# Defines the minimum score that must be accumulated within a particular
# category in order for it to show up on the block pages' category list.
# All categories under which the page scores positively will be logged; those
# that were not displayed to the user appear in brackets.
#
# -1 = display only the highest scoring category
# 0 = display all categories (default)
# > 0 = minimum score for a category to be displayed
categorydisplaythreshold = 0
# Embedded URL weighting
# When set to something greater than zero, this option causes URLs embedded within a
# page's HTML (from links, image tags, etc.) to be extracted and checked against the
# bannedsitelist and bannedurllist. Each link to a banned page causes the amount set
# here to be added to the page's weighting.
# The behaviour of this option with regards to multiple occurrences of a site/URL is
# affected by the weightedphrasemode setting.
#
# NB: Currently, this feature uses regular expressions that require the PCRE library.
# As such, it is only available if you compiled DansGuardian with '--enable-pcre=yes'.
# You can check compile-time options by running 'e2guardian -v'.
#
# Set to 0 to disable.
# Defaults to 0.
# WARNING: This option is highly CPU intensive!
embeddedurlweight = 0
# Enable PICS rating support
#
# Defaults to disabled
# (on | off)
enablepics = off
# Temporary Denied Page Bypass
# This provides a link on the denied page to bypass the ban for a few minutes. To be
# secure it uses a random hashed secret generated at daemon startup. You define the
# number of seconds the bypass will function for before the deny will appear again.
# To allow the link on the denied page to appear you will need to edit the template.html
# or e2guardian.pl file for your language.
# 300 = enable for 5 minutes
# 0 = disable ( defaults to 0 )
# -1 = enable but you require a separate program/CGI to generate a valid link
bypass = 0
# Temporary Denied Page Bypass Secret Key
# Rather than generating a random key you can specify one. It must be more than 8 chars.
# '' = generate a random one (recommended and default)
# 'Mary had a little lamb.' = an example
# '76b42abc1cd0fdcaf6e943dcbc93b826' = an example
bypasskey = ''
# Infection/Scan Error Bypass
# Similar to the 'bypass' setting, but specifically for bypassing files scanned and found
# to be infected, or files that trigger scanner errors - for example, archive types with
# recognised but unsupported compression schemes, or corrupt archives.
# The option specifies the number of seconds for which the bypass link will be valid.
# 300 = enable for 5 minutes
# 0 = disable (default)
# -1 = enable, but require a separate program/CGI to generate a valid link
infectionbypass = 0
# Infection/Scan Error Bypass Secret Key
# Same as the 'bypasskey' option, but used for infection bypass mode.
infectionbypasskey = ''
# Infection/Scan Error Bypass on Scan Errors Only
# Enable this option to allow infectionbypass links only when virus scanning fails,
# not when a file is found to contain a virus.
# on = enable (default and highly recommended)
# off = disable
infectionbypasserrorsonly = on
# Disable content scanning
# If you enable this option you will disable content scanning for this group.
# Content scanning primarily is AV scanning (if enabled) but could include
# other types.
# (on|off) default = off.
disablecontentscan = off
# Enable Deep URL Analysis
# When enabled, DG looks for URLs within URLs, checking against the bannedsitelist and
# bannedurllist. This can be used, for example, to block images originating from banned
# sites from appearing in Google Images search results, as the original URLs are
# embedded in the thumbnail GET requests.
# (on|off) default = off
deepurlanalysis = off
# reportinglevel
#
# -1 = log, but do not block - Stealth mode
# 0 = just say 'Access Denied'
# 1 = report why but not what denied phrase
# 2 = report fully
# 3 = use HTML template file (accessdeniedaddress ignored) - recommended
#
# If defined, this overrides the global setting in e2guardian.conf for
# members of this filter group.
#
reportinglevel = 3
# accessdeniedaddress is the address of your web server to which the cgi
# e2guardian reporting script was copied. Only used in reporting levels
# 1 and 2.
#
# This webserver must be either:
# 1. Non-proxied. Either a machine on the local network, or listed as an
# exception in your browser's proxy configuration.
# 2. Added to the exceptionsitelist. Option 1 is preferable; this option is
# only for users using both transparent proxying and a non-local server
# to host this script.
#
# If defined, this overrides the global setting in e2guardian.conf for
# members of this filter group.
#
#accessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/cgi-bin/e2guardian.pl'
# sslaccessdeniedaddress is the address of your web server to which the static page
# e2guardian reporting was copied. Only used in reporting levels 3 (avoid blank page)
# Work only in firefox with ssldeniedrewrite off
# sslaccessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/denyssl.htm'
# Break SSL protocol and redirect to another HTTPS website for denied page (sslaccessdeniedaddress url)
#ssldeniedrewrite = 'on'
# HTML Template override
# If defined, this specifies a custom HTML template file for members of this
# filter group, overriding the global setting in e2guardian.conf. This is
# only used in reporting level 3.
#
# The default template file path is <languagedir>/<language>/template.h
# e.g. share/e2guardian/languages/ukenglish/template.html when using 'ukenglish'
# language.
#
# This option generates a file path of the form:
# <languagedir>/<language>/<htmltemplate>
# e.g. share/e2guardian/languages/ukenglish/custom.html
#
#htmltemplate = 'custom.html'
# Non standard delimiter (only used with accessdeniedaddress)
# To help preserve the full banned URL, including parameters, the variables
# passed into the access denied CGI are separated using non-standard
# delimiters. This can be useful to ensure correct operation of the filter
# bypass modes. Parameters are split using "::" in place of "&", and "==" in
# place of "=".
# Default is enabled, but to go back to the standard mode, disable it.
#nonstandarddelimiter = off
# Email reporting - original patch by J. Gauthier
# Use SMTP
# If on, will enable system wide events to be reported by email.
# need to configure mail program (see 'mailer' in global config)
# and email recipients
# default usesmtp = off
#!! Not compiled !!usesmtp = off
# mailfrom
# who the email would come from
# example: mailfrom = 'e2guardian@mycompany.com'
#!! Not compiled !!mailfrom = ''
# avadmin
# who the virus emails go to (if notify av is on)
# example: avadmin = 'admin@mycompany.com'
#!! Not compiled !!avadmin = ''
# contentdmin
# who the content emails go to (when thresholds are exceeded)
# and contentnotify is on
# example: contentadmin = 'admin@mycompany.com'
#!! Not compiled !!contentadmin = ''
# avsubject
# Subject of the email sent when a virus is caught.
# only applicable if notifyav is on
# default avsubject = 'e2guardian virus block'
#!! Not compiled !!avsubject = 'e2guardian virus block'
# content
# Subject of the email sent when violation thresholds are exceeded
# default contentsubject = 'e2guardian violation'
#!! Not compiled !!contentsubject = 'e2guardian violation'
# notifyAV
# This will send a notification, if usesmtp/notifyav is on, any time an
# infection is found.
# Important: If this option is off, viruses will still be recorded like a
# content infraction.
#!! Not compiled !!notifyav = off
# notifycontent
# This will send a notification, if usesmtp is on, based on thresholds
# below
#!! Not compiled !!notifycontent = off
# thresholdbyuser
# results are only predictable with user authenticated configs
# if enabled the violation/threshold count is kept track of by the user
#!! Not compiled !!thresholdbyuser = off
#violations
# number of violations before notification
# setting to 0 will never trigger a notification
#!! Not compiled !!violations = 0
#threshold
# this is in seconds. If 'violations' occur in 'threshold' seconds, then
# a notification is made.
# if this is set to 0, then whenever the set number of violations are made a
# notifaction will be sent.
#!! Not compiled !!threshold = 0
#SSL certificate checking
# Check that ssl certificates for servers on https connections are valid
# and signed by a ca in the configured path
sslcertcheck = off
#SSL man in the middle
# Forge ssl certificates for all sites, decrypt the data then re encrypt it
# using a different private key. Used to filter ssl sites
sslmitm = off

Loading…
Cancel
Save