Browse Source
e2guardian: add package
Signed-off-by: Luka Perkov <luka@openwrt.org>lilik-openwrt-22.03
Luka Perkov
10 years ago
4 changed files with 766 additions and 0 deletions
Unified View
Diff Options
-
+78 -0net/e2guardian/Makefile
-
+70 -0net/e2guardian/files/e2guardian.config
-
+192 -0net/e2guardian/files/e2guardian.init
-
+426 -0net/e2guardian/files/e2guardianf1.conf
+ 78
- 0
net/e2guardian/Makefile
View File
| @ -0,0 +1,78 @@ | |||||
| # | |||||
| # Copyright (C) 2015 OpenWrt.org | |||||
| # | |||||
| # This is free software, licensed under the GNU General Public License v2. | |||||
| # See /LICENSE for more information. | |||||
| # | |||||
| include $(TOPDIR)/rules.mk | |||||
| PKG_NAME:=e2guardian | |||||
| PKG_VERSION:=3.0.4 | |||||
| PKG_RELEASE:=1 | |||||
| PKG_LICENSE:=GPL-2.0 | |||||
| PKG_MAINTAINER:=Luka Perkov <luka@openwrt.org> | |||||
| PKG_SOURCE:=v$(PKG_VERSION).tar.gz | |||||
| PKG_SOURCE_URL:=https://github.com/e2guardian/e2guardian/archive/ | |||||
| PKG_MD5SUM:=f8ffac7ac4f040b672cc4e62121bf4c5 | |||||
| PKG_BUILD_PARALLEL:=1 | |||||
| PKG_INSTALL:=1 | |||||
| include $(INCLUDE_DIR)/uclibc++.mk | |||||
| include $(INCLUDE_DIR)/package.mk | |||||
| define Package/e2guardian | |||||
| SECTION:=net | |||||
| DEPENDS:=+libpthread $(CXX_DEPENDS) +zlib +libpcre | |||||
| CATEGORY:=Network | |||||
| SUBMENU:=Web Servers/Proxies | |||||
| TITLE:=E2Guardian | |||||
| URL:=http://e2guardian.org/cms/ | |||||
| endef | |||||
| define Package/e2guardian/conffiles | |||||
| /etc/e2guardian/e2guardianf1.conf | |||||
| /etc/config/e2guardian | |||||
| endef | |||||
| CONFIGURE_VARS += \ | |||||
| INCLUDES="" \ | |||||
| CXXFLAGS="$$$$CXXFLAGS -fno-rtti" \ | |||||
| LIBS="-lpthread" | |||||
| CONFIGURE_ARGS += \ | |||||
| --with-sysconfsubdir=e2guardian \ | |||||
| --with-proxyuser=root \ | |||||
| --with-proxygroup=root \ | |||||
| --enable-pcre=yes | |||||
| define Build/Configure | |||||
| $(call Build/Configure/Default,$CONFIGURE_ARGS) | |||||
| endef | |||||
| define Package/e2guardian/install | |||||
| $(INSTALL_DIR) $(1)/usr/sbin | |||||
| $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/e2guardian $(1)/usr/sbin/ | |||||
| $(INSTALL_DIR) $(1)/etc | |||||
| $(CP) $(PKG_INSTALL_DIR)/etc/e2guardian $(1)/etc/ | |||||
| $(INSTALL_CONF) ./files/e2guardianf1.conf $(1)/etc/e2guardian/e2guardianf1.conf | |||||
| $(INSTALL_DIR) $(1)/etc/config | |||||
| $(INSTALL_CONF) ./files/e2guardian.config $(1)/etc/config/e2guardian | |||||
| $(INSTALL_DIR) $(1)/usr/share/e2guardian | |||||
| $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/e2guardian/transparent1x1.gif $(1)/usr/share/e2guardian/ | |||||
| $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/e2guardian/blockedflash.swf $(1)/usr/share/e2guardian/ | |||||
| $(INSTALL_DIR) $(1)/usr/share/e2guardian/languages/ukenglish | |||||
| $(CP) $(PKG_INSTALL_DIR)/usr/share/e2guardian/languages/ukenglish/* $(1)/usr/share/e2guardian/languages/ukenglish/ | |||||
| $(INSTALL_DIR) $(1)/etc/init.d/ | |||||
| $(INSTALL_BIN) ./files/e2guardian.init $(1)/etc/init.d/e2guardian | |||||
| endef | |||||
| $(eval $(call BuildPackage,e2guardian)) | |||||
+ 70
- 0
net/e2guardian/files/e2guardian.config
View File
| @ -0,0 +1,70 @@ | |||||
| config e2guardian 'e2guardian' | |||||
| option config_file '/etc/e2guardian/e2guardianf1.conf' | |||||
| option languagedir '/usr/share/e2guardian/languages' | |||||
| option language 'ukenglish' | |||||
| option loglevel '2' | |||||
| option logexceptionhits '2' | |||||
| option logfileformat '1' | |||||
| option loglocation '/dev/null' | |||||
| option maxuploadsize '-1' | |||||
| option filterip '' | |||||
| option filterports '8080' | |||||
| option proxyip '127.0.0.1' | |||||
| option proxyport '3128' | |||||
| option proxytimeout '20' | |||||
| option proxyexchange '20' | |||||
| option pcontimeout '55' | |||||
| option accessdeniedaddress 'http://YOURSERVER.YOURDOMAIN/cgi-bin/e2guardian.pl' | |||||
| option usecustombannedimage 'on' | |||||
| option custombannedimagefile '/usr/share/e2guardian/transparent1x1.gif' | |||||
| option usecustombannedflash 'on' | |||||
| option custombannedflashfile '/usr/share/e2guardian/blockedflash.swf' | |||||
| option filtergroups '1' | |||||
| option filtergroupslist '/etc/e2guardian/lists/filtergroupslist' | |||||
| option bannediplist '/etc/e2guardian/lists/bannediplist' | |||||
| option exceptioniplist '/etc/e2guardian/lists/exceptioniplist' | |||||
| option perroomdirectory '/etc/e2guardian/lists/bannedrooms/' | |||||
| option showweightedfound 'on' | |||||
| option weightedphrasemode '2' | |||||
| option urlcachenumber '1000' | |||||
| option urlcacheage '900' | |||||
| option scancleancache 'on' | |||||
| option phrasefiltermode '2' | |||||
| option preservecase '0' | |||||
| option hexdecodecontent 'off' | |||||
| option forcequicksearch 'off' | |||||
| option reverseaddresslookups 'off' | |||||
| option reverseclientiplookups 'off' | |||||
| option logclienthostnames 'off' | |||||
| option createlistcachefiles 'on' | |||||
| option prefercachedlists 'off' | |||||
| option maxcontentfiltersize '256' | |||||
| option maxcontentramcachescansize '2000' | |||||
| option maxcontentfilecachescansize '20000' | |||||
| option filecachedir '/tmp' | |||||
| option deletedownloadedtempfiles 'on' | |||||
| option initialtrickledelay '20' | |||||
| option trickledelay '10' | |||||
| option downloadmanager '/etc/e2guardian/downloadmanagers/default.conf' | |||||
| option contentscannertimeout '60' | |||||
| option contentscanexceptions 'off' | |||||
| option recheckreplacedurls 'off' | |||||
| option forwardedfor 'off' | |||||
| option usexforwardedfor 'off' | |||||
| option logconnectionhandlingerrors 'on' | |||||
| option logchildprocesshandling 'off' | |||||
| option maxchildren '180' | |||||
| option minchildren '20' | |||||
| option minsparechildren '16' | |||||
| option preforkchildren '10' | |||||
| option maxsparechildren '32' | |||||
| option maxagechildren '500' | |||||
| option maxips '0' | |||||
| option ipcfilename '/tmp/.dguardianipc' | |||||
| option urlipcfilename '/tmp/.dguardianurlipc' | |||||
| option ipipcfilename '/tmp/.dguardianipipc' | |||||
| option nodaemon 'off' | |||||
| option nologger 'off' | |||||
| option logadblocks 'off' | |||||
| option loguseragent 'off' | |||||
| option softrestart 'off' | |||||
+ 192
- 0
net/e2guardian/files/e2guardian.init
View File
| @ -0,0 +1,192 @@ | |||||
| #!/bin/sh /etc/rc.common | |||||
| # Copyright (C) 2015 OpenWrt.org | |||||
| START=90 | |||||
| STOP=10 | |||||
| USE_PROCD=1 | |||||
| PROG=/usr/sbin/e2guardian | |||||
| CONFIGFILE="/tmp/e2guardian/e2guardian.conf" | |||||
| validate_e2guardian_section() { | |||||
| uci_validate_section e2guardian e2guardian "${1}" \ | |||||
| 'config_file:string' \ | |||||
| 'accessdeniedaddress:string' \ | |||||
| 'bannediplist:string' \ | |||||
| 'contentscanexceptions:string' \ | |||||
| 'contentscannertimeout:uinteger' \ | |||||
| 'createlistcachefiles:string' \ | |||||
| 'custombannedflashfile:string' \ | |||||
| 'custombannedimagefile:string' \ | |||||
| 'deletedownloadedtempfiles:string' \ | |||||
| 'downloadmanager:string' \ | |||||
| 'exceptioniplist:string' \ | |||||
| 'filecachedir:string' \ | |||||
| 'filtergroups:uinteger' \ | |||||
| 'filtergroupslist:string' \ | |||||
| 'filterip:ipaddr' \ | |||||
| 'filterports:port:8080' \ | |||||
| 'forcequicksearch:string' \ | |||||
| 'forwardedfor:string' \ | |||||
| 'hexdecodecontent:string' \ | |||||
| 'initialtrickledelay:uinteger' \ | |||||
| 'ipcfilename:string' \ | |||||
| 'ipipcfilename:string' \ | |||||
| 'languagedir:string' \ | |||||
| 'language:string' \ | |||||
| 'logadblocks:string' \ | |||||
| 'logchildprocesshandling:string' \ | |||||
| 'logclienthostnames:string' \ | |||||
| 'logconnectionhandlingerrors:string' \ | |||||
| 'logexceptionhits:range(0,2)' \ | |||||
| 'logfileformat:range(1,6)' \ | |||||
| 'loglevel:range(0,3)' \ | |||||
| 'loglocation:string' \ | |||||
| 'loguseragent:string' \ | |||||
| 'maxagechildren:uinteger' \ | |||||
| 'maxchildren:uinteger' \ | |||||
| 'maxcontentfilecachescansize:uinteger' \ | |||||
| 'maxcontentfiltersize:uinteger' \ | |||||
| 'maxcontentramcachescansize:uinteger' \ | |||||
| 'maxips:uinteger' \ | |||||
| 'maxsparechildren:uinteger' \ | |||||
| 'maxuploadsize:integer' \ | |||||
| 'minchildren:uinteger' \ | |||||
| 'minsparechildren:uinteger' \ | |||||
| 'nodaemon:string' \ | |||||
| 'nologger:string' \ | |||||
| 'pcontimeout:range(5,300)' \ | |||||
| 'perroomdirectory:string' \ | |||||
| 'phrasefiltermode:range(0,3)' \ | |||||
| 'prefercachedlists:string' \ | |||||
| 'preforkchildren:uinteger' \ | |||||
| 'preservecase:range(0,2)' \ | |||||
| 'proxyexchange:range(20,300)' \ | |||||
| 'proxyip:ipaddr' \ | |||||
| 'proxyport:port:3128' \ | |||||
| 'proxytimeout:range(5,100)' \ | |||||
| 'recheckreplacedurls:string' \ | |||||
| 'reverseaddresslookups:string' \ | |||||
| 'reverseclientiplookups:string' \ | |||||
| 'scancleancache:string' \ | |||||
| 'showweightedfound:string' \ | |||||
| 'softrestart:string' \ | |||||
| 'trickledelay:uinteger' \ | |||||
| 'urlcacheage:uinteger' \ | |||||
| 'urlcachenumber:uinteger' \ | |||||
| 'urlipcfilename:string' \ | |||||
| 'usecustombannedflash:string' \ | |||||
| 'usecustombannedimage:string' \ | |||||
| 'usexforwardedfor:string' \ | |||||
| 'weightedphrasemode:range(0,2)' | |||||
| } | |||||
| start_service() { | |||||
| local config_file accessdeniedaddress bannediplist contentscanexceptions contentscannertimeout \ | |||||
| createlistcachefiles custombannedflashfile custombannedimagefile deletedownloadedtempfiles \ | |||||
| downloadmanager exceptioniplist filecachedir loglocation \ | |||||
| filtergroups filtergroupslist filterip filterports forcequicksearch forwardedfor hexdecodecontent \ | |||||
| initialtrickledelay ipcfilename ipipcfilename language languagedir logadblocks logchildprocesshandling \ | |||||
| logclienthostnames logconnectionhandlingerrors logexceptionhits logfileformat loglevel loguseragent \ | |||||
| maxagechildren maxchildren maxcontentfilecachescansize maxcontentfiltersize maxcontentramcachescansize \ | |||||
| maxips maxsparechildren maxuploadsize minchildren minsparechildren nodaemon nologger \ | |||||
| pcontimeout perroomdirectory phrasefiltermode prefercachedlists preforkchildren preservecase proxyexchange \ | |||||
| proxyip proxyport proxytimeout recheckreplacedurls reverseaddresslookups reverseclientiplookups scancleancache \ | |||||
| showweightedfound softrestart trickledelay urlcacheage urlcachenumber urlipcfilename usecustombannedflash \ | |||||
| usecustombannedimage usexforwardedfor weightedphrasemode | |||||
| validate_e2guardian_section e2guardian || { | |||||
| echo "validation failed" | |||||
| return 1 | |||||
| } | |||||
| mkdir -p $(dirname $CONFIGFILE) | |||||
| ln -sf $config_file $(dirname $CONFIGFILE) | |||||
| echo "accessdeniedaddress = " $accessdeniedaddress > $CONFIGFILE | |||||
| echo "bannediplist = " $bannediplist >> $CONFIGFILE | |||||
| echo "contentscanexceptions = " $contentscanexceptions >> $CONFIGFILE | |||||
| echo "contentscannertimeout = " $contentscannertimeout >> $CONFIGFILE | |||||
| echo "createlistcachefiles = " $createlistcachefiles >> $CONFIGFILE | |||||
| echo "custombannedflashfile = " $custombannedflashfile >> $CONFIGFILE | |||||
| echo "custombannedimagefile = " $custombannedimagefile >> $CONFIGFILE | |||||
| echo "deletedownloadedtempfiles = " $deletedownloadedtempfiles >> $CONFIGFILE | |||||
| echo "downloadmanager = " $downloadmanager >> $CONFIGFILE | |||||
| echo "exceptioniplist = " $exceptioniplist >> $CONFIGFILE | |||||
| echo "filecachedir = " $filecachedir >> $CONFIGFILE | |||||
| echo "filtergroups = " $filtergroups >> $CONFIGFILE | |||||
| echo "filtergroupslist = " $filtergroupslist >> $CONFIGFILE | |||||
| echo "filterip = " $filterip >> $CONFIGFILE | |||||
| echo "filterports = " $filterports >> $CONFIGFILE | |||||
| echo "forcequicksearch = " $forcequicksearch >> $CONFIGFILE | |||||
| echo "forwardedfor = " $forwardedfor >> $CONFIGFILE | |||||
| echo "hexdecodecontent = " $hexdecodecontent >> $CONFIGFILE | |||||
| echo "initialtrickledelay = " $initialtrickledelay >> $CONFIGFILE | |||||
| echo "ipcfilename = " $ipcfilename >> $CONFIGFILE | |||||
| echo "ipipcfilename = " $ipipcfilename >> $CONFIGFILE | |||||
| echo "language = " $language >> $CONFIGFILE | |||||
| echo "languagedir = " $languagedir >> $CONFIGFILE | |||||
| echo "logadblocks = " $logadblocks >> $CONFIGFILE | |||||
| echo "logchildprocesshandling = " $logchildprocesshandling >> $CONFIGFILE | |||||
| echo "logclienthostnames = " $logclienthostnames >> $CONFIGFILE | |||||
| echo "logconnectionhandlingerrors = " $logconnectionhandlingerrors >> $CONFIGFILE | |||||
| echo "logexceptionhits = " $logexceptionhits >> $CONFIGFILE | |||||
| echo "logfileformat = " $logfileformat >> $CONFIGFILE | |||||
| echo "loglevel = " $loglevel >> $CONFIGFILE | |||||
| echo "loglocation = " $loglocation >> $CONFIGFILE | |||||
| echo "loguseragent = " $loguseragent >> $CONFIGFILE | |||||
| echo "maxagechildren = " $maxagechildren >> $CONFIGFILE | |||||
| echo "maxchildren = " $maxchildren >> $CONFIGFILE | |||||
| echo "maxcontentfilecachescansize = " $maxcontentfilecachescansize >> $CONFIGFILE | |||||
| echo "maxcontentfiltersize = " $maxcontentfiltersize >> $CONFIGFILE | |||||
| echo "maxcontentramcachescansize = " $maxcontentramcachescansize >> $CONFIGFILE | |||||
| echo "maxips = " $maxips >> $CONFIGFILE | |||||
| echo "maxsparechildren = " $maxsparechildren >> $CONFIGFILE | |||||
| echo "maxuploadsize = " $maxuploadsize >> $CONFIGFILE | |||||
| echo "minchildren = " $minchildren >> $CONFIGFILE | |||||
| echo "minsparechildren = " $minsparechildren >> $CONFIGFILE | |||||
| echo "nodaemon = " $nodaemon >> $CONFIGFILE | |||||
| echo "nologger = " $nologger >> $CONFIGFILE | |||||
| echo "pcontimeout = " $pcontimeout >> $CONFIGFILE | |||||
| echo "perroomdirectory = " $perroomdirectory >> $CONFIGFILE | |||||
| echo "phrasefiltermode = " $phrasefiltermode >> $CONFIGFILE | |||||
| echo "prefercachedlists = " $prefercachedlists >> $CONFIGFILE | |||||
| echo "preforkchildren = " $preforkchildren >> $CONFIGFILE | |||||
| echo "preservecase = " $preservecase >> $CONFIGFILE | |||||
| echo "proxyexchange = " $proxyexchange >> $CONFIGFILE | |||||
| echo "proxyip = " $proxyip >> $CONFIGFILE | |||||
| echo "proxyport = " $proxyport >> $CONFIGFILE | |||||
| echo "proxytimeout = " $proxytimeout >> $CONFIGFILE | |||||
| echo "recheckreplacedurls = " $recheckreplacedurls >> $CONFIGFILE | |||||
| echo "reverseaddresslookups = " $reverseaddresslookups >> $CONFIGFILE | |||||
| echo "reverseclientiplookups = " $reverseclientiplookups >> $CONFIGFILE | |||||
| echo "scancleancache = " $scancleancache >> $CONFIGFILE | |||||
| echo "showweightedfound = " $showweightedfound >> $CONFIGFILE | |||||
| echo "softrestart = " $softrestart >> $CONFIGFILE | |||||
| echo "trickledelay = " $trickledelay >> $CONFIGFILE | |||||
| echo "urlcacheage = " $urlcacheage >> $CONFIGFILE | |||||
| echo "urlcachenumber = " $urlcachenumber >> $CONFIGFILE | |||||
| echo "urlipcfilename = " $urlipcfilename >> $CONFIGFILE | |||||
| echo "usecustombannedflash = " $usecustombannedflash >> $CONFIGFILE | |||||
| echo "usecustombannedimage = " $usecustombannedimage >> $CONFIGFILE | |||||
| echo "usexforwardedfor = " $usexforwardedfor >> $CONFIGFILE | |||||
| echo "weightedphrasemode = " $weightedphrasemode >> $CONFIGFILE | |||||
| procd_open_instance | |||||
| procd_set_param command $PROG -N -c "$CONFIGFILE" | |||||
| procd_set_param file $CONFIGFILE | |||||
| procd_set_param respawn | |||||
| procd_close_instance | |||||
| } | |||||
| stop_service() | |||||
| { | |||||
| e2guardian -s | awk -F':' '{ print $2}' | xargs kill -9 | |||||
| } | |||||
| service_triggers() | |||||
| { | |||||
| procd_add_reload_trigger "e2guardian" | |||||
| procd_add_validation validate_e2guardian_section | |||||
| } | |||||
+ 426
- 0
net/e2guardian/files/e2guardianf1.conf
View File
| @ -0,0 +1,426 @@ | |||||
| # e2guardian filter group config file for version 3.0.4 | |||||
| # Filter group mode | |||||
| # This option determines whether members of this group have their web access | |||||
| # unfiltered, filtered, or banned. | |||||
| # | |||||
| # 0 = banned | |||||
| # 1 = filtered | |||||
| # 2 = unfiltered (exception) | |||||
| # | |||||
| # Only filter groups with a mode of 1 need to define phrase, URL, site, extension, | |||||
| # mimetype and PICS lists; in other modes, these options are ignored to conserve | |||||
| # memory. | |||||
| # | |||||
| # Defaults to 0 if unspecified. | |||||
| # Unauthenticated users are treated as being in the first filter group. | |||||
| groupmode = 1 | |||||
| # Filter group name | |||||
| # Used to fill in the -FILTERGROUP- placeholder in the HTML template file, and to | |||||
| # name the group in the access logs | |||||
| # Defaults to empty string | |||||
| #groupname = '' | |||||
| groupname = '' | |||||
| # Content filtering files location | |||||
| bannedphraselist = 'etc/e2guardian/lists/bannedphraselist' | |||||
| weightedphraselist = 'etc/e2guardian/lists/weightedphraselist' | |||||
| exceptionphraselist = 'etc/e2guardian/lists/exceptionphraselist' | |||||
| bannedsitelist = 'etc/e2guardian/lists/bannedsitelist' | |||||
| greysitelist = 'etc/e2guardian/lists/greysitelist' | |||||
| bannedsslsitelist = 'etc/e2guardian/lists/bannedsslsitelist' | |||||
| greysslsitelist = 'etc/e2guardian/lists/greysslsitelist' | |||||
| exceptionsitelist = 'etc/e2guardian/lists/exceptionsitelist' | |||||
| bannedurllist = 'etc/e2guardian/lists/bannedurllist' | |||||
| greyurllist = 'etc/e2guardian/lists/greyurllist' | |||||
| exceptionurllist = 'etc/e2guardian/lists/exceptionurllist' | |||||
| exceptionregexpurllist = 'etc/e2guardian/lists/exceptionregexpurllist' | |||||
| bannedregexpurllist = 'etc/e2guardian/lists/bannedregexpurllist' | |||||
| picsfile = 'etc/e2guardian/lists/pics' | |||||
| contentregexplist = 'etc/e2guardian/lists/contentregexplist' | |||||
| urlregexplist = 'etc/e2guardian/lists/urlregexplist' | |||||
| refererexceptionsitelist = 'etc/e2guardian/lists/refererexceptionsitelist' | |||||
| refererexceptionurllist = 'etc/e2guardian/lists/refererexceptionurllist' | |||||
| embededreferersitelist = 'etc/e2guardian/lists/embededreferersitelist' | |||||
| embededrefererurllist = 'etc/e2guardian/lists/embededrefererurllist' | |||||
| urlredirectregexplist = 'etc/e2guardian/lists/urlredirectregexplist' | |||||
| # local versions of lists (where LOCAL_LISTS enabled) | |||||
| #localbannedsitelist = 'etc/e2guardian/lists/localbannedsitelist' | |||||
| #localgreysitelist = 'etc/e2guardian/lists/localgreysitelist' | |||||
| #localexceptionsitelist = 'etc/e2guardian/lists/localexceptionsitelist' | |||||
| #localbannedurllist = 'etc/e2guardian/lists/localbannedurllist' | |||||
| #localgreyurllist = 'etc/e2guardian/lists/localgreyurllist' | |||||
| #localexceptionurllist = 'etc/e2guardian/lists/localexceptionurllist' | |||||
| #localbannedsslsitelist = 'etc/e2guardian/lists/localbannedsslsitelist' | |||||
| #localgreysslsitelist = 'etc/e2guardian/lists/localgreysslsitelist' | |||||
| #localbannedsearchlist = 'etc/e2guardian/lists/localbannedsearchlist' | |||||
| !! Not compiled !! authexceptionsitelist = 'etc/e2guardian/lists/authexceptionsitelist' | |||||
| !! Not compiled !! authexceptionurllist = 'etc/e2guardian/lists/authexceptionurllist' | |||||
| # Filetype filtering | |||||
| # | |||||
| # Allow bannedregexpurllist with grey list mode | |||||
| # bannedregexpheaderlist and bannedregexpurllist | |||||
| # | |||||
| # bannedregexwithblanketblock = off | |||||
| # | |||||
| # Blanket download blocking | |||||
| # If enabled, all files will be blocked, unless they match the | |||||
| # exceptionextensionlist or exceptionmimetypelist. | |||||
| # These lists do not override virus scanning. | |||||
| # Exception lists defined above override all types of filtering, including | |||||
| # the blanket download block. | |||||
| # Defaults to disabled. | |||||
| # (on | off) | |||||
| # | |||||
| blockdownloads = off | |||||
| exceptionextensionlist = 'etc/e2guardian/lists/exceptionextensionlist' | |||||
| exceptionmimetypelist = 'etc/e2guardian/lists/exceptionmimetypelist' | |||||
| # | |||||
| # Use the following lists to block specific kinds of file downloads. | |||||
| # The two exception lists above can be used to override these. | |||||
| # | |||||
| bannedextensionlist = 'etc/e2guardian/lists/bannedextensionlist' | |||||
| bannedmimetypelist = 'etc/e2guardian/lists/bannedmimetypelist' | |||||
| # | |||||
| # In either file filtering mode, the following list can be used to override | |||||
| # MIME type & extension blocks for particular domains & URLs (trusted download sites). | |||||
| # | |||||
| exceptionfilesitelist = 'etc/e2guardian/lists/exceptionfilesitelist' | |||||
| exceptionfileurllist = 'etc/e2guardian/lists/exceptionfileurllist' | |||||
| # POST protection (web upload and forms) | |||||
| # does not block forms without any file upload, i.e. this is just for | |||||
| # blocking or limiting uploads | |||||
| # measured in kibibytes after MIME encoding and header bumph | |||||
| # use 0 for a complete block | |||||
| # use higher (e.g. 512 = 512Kbytes) for limiting | |||||
| # use -1 for no blocking | |||||
| #maxuploadsize = 512 | |||||
| #maxuploadsize = 0 | |||||
| maxuploadsize = -1 | |||||
| # Categorise without blocking: | |||||
| # Supply categorised lists here and the category string shall be logged against | |||||
| # matching requests, but matching these lists does not perform any filtering | |||||
| # action. | |||||
| #logsitelist = 'etc/e2guardian/lists/logsitelist' | |||||
| #logurllist = 'etc/e2guardian/lists/logurllist' | |||||
| #logregexpurllist = 'etc/e2guardian/lists/logregexpurllist' | |||||
| # Outgoing HTTP header rules: | |||||
| # Optional lists for blocking based on, and modification of, outgoing HTTP | |||||
| # request headers. Format for headerregexplist is one modification rule per | |||||
| # line, similar to content/URL modifications. Format for | |||||
| # bannedregexpheaderlist is one regular expression per line, with matching | |||||
| # headers causing a request to be blocked. | |||||
| # Headers are matched/replaced on a line-by-line basis, not as a contiguous | |||||
| # block. | |||||
| # Use for example, to remove cookies or prevent certain user-agents. | |||||
| headerregexplist = 'etc/e2guardian/lists/headerregexplist' | |||||
| bannedregexpheaderlist = 'etc/e2guardian/lists/bannedregexpheaderlist' | |||||
| addheaderregexplist = 'etc/e2guardian/lists/addheaderregexplist' | |||||
| # Weighted phrase mode | |||||
| # Optional; overrides the weightedphrasemode option in e2guardian.conf | |||||
| # for this particular group. See documentation for supported values in | |||||
| # that file. | |||||
| #weightedphrasemode = 0 | |||||
| # Naughtiness limit | |||||
| # This the limit over which the page will be blocked. Each weighted phrase is given | |||||
| # a value either positive or negative and the values added up. Phrases to do with | |||||
| # good subjects will have negative values, and bad subjects will have positive | |||||
| # values. See the weightedphraselist file for examples. | |||||
| # As a guide: | |||||
| # 50 is for young children, 100 for old children, 160 for young adults. | |||||
| naughtynesslimit = 50 | |||||
| # Search term blocking | |||||
| # Search terms can be extracted from search URLs and filtered using one or | |||||
| # both of two different methods. | |||||
| # Method 1 is that developed by Protex where specific | |||||
| # search terms are contained in a bannedsearchlist. | |||||
| # (localbannedsearchlist and bannedsearchoveridelist can be used to suppliment | |||||
| # and overide this list as required.) | |||||
| # These lists contain banned search words combinations on each line. | |||||
| # Words are separated by '+' and must be in sorted order within a line. | |||||
| # so to block 'sexy girl' then the list must contain the line | |||||
| # girl+sexy | |||||
| # and this will block both 'sexy girl' and 'girl sexy' | |||||
| # To use this method, the searchregexplist must be enabled and the bannedsearchlist(s) defined | |||||
| # Method 2 is uses the | |||||
| # bannedphraselist, weightedphraselist and exceptionphraselist, with a separate | |||||
| # threshold for blocking than that used for normal page content. | |||||
| # To do this, the searchregexplist must be enabled and searchtermlimit | |||||
| # must be grater than 0. | |||||
| # | |||||
| # Search engine regular expression list (need for both options) | |||||
| # List of regular expressions for matching search engine URLs. It is assumed | |||||
| # that the search terms themselves will be contained in the | |||||
| # of output of each expression. | |||||
| #searchregexplist = 'etc/e2guardian/lists/searchregexplist' | |||||
| # | |||||
| # Banned Search Term list(s) for option 1 | |||||
| #bannedsearchlist = 'etc/e2guardian/lists/bannedsearchlist' | |||||
| #bannedsearchoveridelist = 'etc/e2guardian/lists/bannedsearchoveridelist' | |||||
| # Search term limit (for Option 2) | |||||
| # The limit over which requests will be blocked for containing search terms | |||||
| # which match the weightedphraselist. This should usually be lower than the | |||||
| # 'naughtynesslimit' value above, because the amount of text being filtered | |||||
| # is only a few words, rather than a whole page. | |||||
| # This option must be uncommented if searchregexplist is uncommented. | |||||
| # A value of 0 here indicates that search terms should be extracted, | |||||
| # but no phrase filtering should be performed on the resulting text. | |||||
| #searchtermlimit = 0 | |||||
| # | |||||
| # Search term phrase lists (for Option 2) | |||||
| # If the three lines below are uncommented, search term blocking will use | |||||
| # the banned, weighted & exception phrases from these lists, instead of using | |||||
| # the same phrase lists as for page content. This is optional but recommended, | |||||
| # as weights for individual phrases in the "normal" lists may not be | |||||
| # appropriate for blocking when those phrases appear in a much smaller block | |||||
| # of text. | |||||
| # Please note that all or none of the below should be uncommented, not a | |||||
| # mixture. | |||||
| #bannedsearchtermlist = 'etc/e2guardian/lists/bannedsearchtermlist' | |||||
| #weightedsearchtermlist = 'etc/e2guardian/lists/weightedsearchtermlist' | |||||
| #exceptionsearchtermlist = 'etc/e2guardian/lists/exceptionsearchtermlist' | |||||
| # Category display threshold | |||||
| # This option only applies to pages blocked by weighted phrase filtering. | |||||
| # Defines the minimum score that must be accumulated within a particular | |||||
| # category in order for it to show up on the block pages' category list. | |||||
| # All categories under which the page scores positively will be logged; those | |||||
| # that were not displayed to the user appear in brackets. | |||||
| # | |||||
| # -1 = display only the highest scoring category | |||||
| # 0 = display all categories (default) | |||||
| # > 0 = minimum score for a category to be displayed | |||||
| categorydisplaythreshold = 0 | |||||
| # Embedded URL weighting | |||||
| # When set to something greater than zero, this option causes URLs embedded within a | |||||
| # page's HTML (from links, image tags, etc.) to be extracted and checked against the | |||||
| # bannedsitelist and bannedurllist. Each link to a banned page causes the amount set | |||||
| # here to be added to the page's weighting. | |||||
| # The behaviour of this option with regards to multiple occurrences of a site/URL is | |||||
| # affected by the weightedphrasemode setting. | |||||
| # | |||||
| # NB: Currently, this feature uses regular expressions that require the PCRE library. | |||||
| # As such, it is only available if you compiled DansGuardian with '--enable-pcre=yes'. | |||||
| # You can check compile-time options by running 'e2guardian -v'. | |||||
| # | |||||
| # Set to 0 to disable. | |||||
| # Defaults to 0. | |||||
| # WARNING: This option is highly CPU intensive! | |||||
| embeddedurlweight = 0 | |||||
| # Enable PICS rating support | |||||
| # | |||||
| # Defaults to disabled | |||||
| # (on | off) | |||||
| enablepics = off | |||||
| # Temporary Denied Page Bypass | |||||
| # This provides a link on the denied page to bypass the ban for a few minutes. To be | |||||
| # secure it uses a random hashed secret generated at daemon startup. You define the | |||||
| # number of seconds the bypass will function for before the deny will appear again. | |||||
| # To allow the link on the denied page to appear you will need to edit the template.html | |||||
| # or e2guardian.pl file for your language. | |||||
| # 300 = enable for 5 minutes | |||||
| # 0 = disable ( defaults to 0 ) | |||||
| # -1 = enable but you require a separate program/CGI to generate a valid link | |||||
| bypass = 0 | |||||
| # Temporary Denied Page Bypass Secret Key | |||||
| # Rather than generating a random key you can specify one. It must be more than 8 chars. | |||||
| # '' = generate a random one (recommended and default) | |||||
| # 'Mary had a little lamb.' = an example | |||||
| # '76b42abc1cd0fdcaf6e943dcbc93b826' = an example | |||||
| bypasskey = '' | |||||
| # Infection/Scan Error Bypass | |||||
| # Similar to the 'bypass' setting, but specifically for bypassing files scanned and found | |||||
| # to be infected, or files that trigger scanner errors - for example, archive types with | |||||
| # recognised but unsupported compression schemes, or corrupt archives. | |||||
| # The option specifies the number of seconds for which the bypass link will be valid. | |||||
| # 300 = enable for 5 minutes | |||||
| # 0 = disable (default) | |||||
| # -1 = enable, but require a separate program/CGI to generate a valid link | |||||
| infectionbypass = 0 | |||||
| # Infection/Scan Error Bypass Secret Key | |||||
| # Same as the 'bypasskey' option, but used for infection bypass mode. | |||||
| infectionbypasskey = '' | |||||
| # Infection/Scan Error Bypass on Scan Errors Only | |||||
| # Enable this option to allow infectionbypass links only when virus scanning fails, | |||||
| # not when a file is found to contain a virus. | |||||
| # on = enable (default and highly recommended) | |||||
| # off = disable | |||||
| infectionbypasserrorsonly = on | |||||
| # Disable content scanning | |||||
| # If you enable this option you will disable content scanning for this group. | |||||
| # Content scanning primarily is AV scanning (if enabled) but could include | |||||
| # other types. | |||||
| # (on|off) default = off. | |||||
| disablecontentscan = off | |||||
| # Enable Deep URL Analysis | |||||
| # When enabled, DG looks for URLs within URLs, checking against the bannedsitelist and | |||||
| # bannedurllist. This can be used, for example, to block images originating from banned | |||||
| # sites from appearing in Google Images search results, as the original URLs are | |||||
| # embedded in the thumbnail GET requests. | |||||
| # (on|off) default = off | |||||
| deepurlanalysis = off | |||||
| # reportinglevel | |||||
| # | |||||
| # -1 = log, but do not block - Stealth mode | |||||
| # 0 = just say 'Access Denied' | |||||
| # 1 = report why but not what denied phrase | |||||
| # 2 = report fully | |||||
| # 3 = use HTML template file (accessdeniedaddress ignored) - recommended | |||||
| # | |||||
| # If defined, this overrides the global setting in e2guardian.conf for | |||||
| # members of this filter group. | |||||
| # | |||||
| reportinglevel = 3 | |||||
| # accessdeniedaddress is the address of your web server to which the cgi | |||||
| # e2guardian reporting script was copied. Only used in reporting levels | |||||
| # 1 and 2. | |||||
| # | |||||
| # This webserver must be either: | |||||
| # 1. Non-proxied. Either a machine on the local network, or listed as an | |||||
| # exception in your browser's proxy configuration. | |||||
| # 2. Added to the exceptionsitelist. Option 1 is preferable; this option is | |||||
| # only for users using both transparent proxying and a non-local server | |||||
| # to host this script. | |||||
| # | |||||
| # If defined, this overrides the global setting in e2guardian.conf for | |||||
| # members of this filter group. | |||||
| # | |||||
| #accessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/cgi-bin/e2guardian.pl' | |||||
| # sslaccessdeniedaddress is the address of your web server to which the static page | |||||
| # e2guardian reporting was copied. Only used in reporting levels 3 (avoid blank page) | |||||
| # Work only in firefox with ssldeniedrewrite off | |||||
| # sslaccessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/denyssl.htm' | |||||
| # Break SSL protocol and redirect to another HTTPS website for denied page (sslaccessdeniedaddress url) | |||||
| #ssldeniedrewrite = 'on' | |||||
| # HTML Template override | |||||
| # If defined, this specifies a custom HTML template file for members of this | |||||
| # filter group, overriding the global setting in e2guardian.conf. This is | |||||
| # only used in reporting level 3. | |||||
| # | |||||
| # The default template file path is <languagedir>/<language>/template.h | |||||
| # e.g. share/e2guardian/languages/ukenglish/template.html when using 'ukenglish' | |||||
| # language. | |||||
| # | |||||
| # This option generates a file path of the form: | |||||
| # <languagedir>/<language>/<htmltemplate> | |||||
| # e.g. share/e2guardian/languages/ukenglish/custom.html | |||||
| # | |||||
| #htmltemplate = 'custom.html' | |||||
| # Non standard delimiter (only used with accessdeniedaddress) | |||||
| # To help preserve the full banned URL, including parameters, the variables | |||||
| # passed into the access denied CGI are separated using non-standard | |||||
| # delimiters. This can be useful to ensure correct operation of the filter | |||||
| # bypass modes. Parameters are split using "::" in place of "&", and "==" in | |||||
| # place of "=". | |||||
| # Default is enabled, but to go back to the standard mode, disable it. | |||||
| #nonstandarddelimiter = off | |||||
| # Email reporting - original patch by J. Gauthier | |||||
| # Use SMTP | |||||
| # If on, will enable system wide events to be reported by email. | |||||
| # need to configure mail program (see 'mailer' in global config) | |||||
| # and email recipients | |||||
| # default usesmtp = off | |||||
| #!! Not compiled !!usesmtp = off | |||||
| # mailfrom | |||||
| # who the email would come from | |||||
| # example: mailfrom = 'e2guardian@mycompany.com' | |||||
| #!! Not compiled !!mailfrom = '' | |||||
| # avadmin | |||||
| # who the virus emails go to (if notify av is on) | |||||
| # example: avadmin = 'admin@mycompany.com' | |||||
| #!! Not compiled !!avadmin = '' | |||||
| # contentdmin | |||||
| # who the content emails go to (when thresholds are exceeded) | |||||
| # and contentnotify is on | |||||
| # example: contentadmin = 'admin@mycompany.com' | |||||
| #!! Not compiled !!contentadmin = '' | |||||
| # avsubject | |||||
| # Subject of the email sent when a virus is caught. | |||||
| # only applicable if notifyav is on | |||||
| # default avsubject = 'e2guardian virus block' | |||||
| #!! Not compiled !!avsubject = 'e2guardian virus block' | |||||
| # content | |||||
| # Subject of the email sent when violation thresholds are exceeded | |||||
| # default contentsubject = 'e2guardian violation' | |||||
| #!! Not compiled !!contentsubject = 'e2guardian violation' | |||||
| # notifyAV | |||||
| # This will send a notification, if usesmtp/notifyav is on, any time an | |||||
| # infection is found. | |||||
| # Important: If this option is off, viruses will still be recorded like a | |||||
| # content infraction. | |||||
| #!! Not compiled !!notifyav = off | |||||
| # notifycontent | |||||
| # This will send a notification, if usesmtp is on, based on thresholds | |||||
| # below | |||||
| #!! Not compiled !!notifycontent = off | |||||
| # thresholdbyuser | |||||
| # results are only predictable with user authenticated configs | |||||
| # if enabled the violation/threshold count is kept track of by the user | |||||
| #!! Not compiled !!thresholdbyuser = off | |||||
| #violations | |||||
| # number of violations before notification | |||||
| # setting to 0 will never trigger a notification | |||||
| #!! Not compiled !!violations = 0 | |||||
| #threshold | |||||
| # this is in seconds. If 'violations' occur in 'threshold' seconds, then | |||||
| # a notification is made. | |||||
| # if this is set to 0, then whenever the set number of violations are made a | |||||
| # notifaction will be sent. | |||||
| #!! Not compiled !!threshold = 0 | |||||
| #SSL certificate checking | |||||
| # Check that ssl certificates for servers on https connections are valid | |||||
| # and signed by a ca in the configured path | |||||
| sslcertcheck = off | |||||
| #SSL man in the middle | |||||
| # Forge ssl certificates for all sites, decrypt the data then re encrypt it | |||||
| # using a different private key. Used to filter ssl sites | |||||
| sslmitm = off | |||||