diálogos ELE

Unfortunately the performance of DansGuardian/Squid when first .. for rebuilding DansGuardian, see question Usage#11c in the Wiki FAQ. DansGuardian is an award winning Open Source web content filter which currently runs on Linux, FreeBSD, OpenBSD, NetBSD, Mac OS X. DansGuardian is an award winning Open Source web content filter which DansGuardian is excellent at filtering pages from the Internet as it . Content is available under GNU Free Documentation License or later.

Author: Brakus Nishakar
Country: Antigua & Barbuda
Language: English (Spanish)
Genre: Photos
Published (Last): 20 November 2004
Pages: 424
PDF File Size: 19.95 Mb
ePub File Size: 7.91 Mb
ISBN: 713-7-42887-822-8
Downloads: 1171
Price: Free* [*Free Regsitration Required]
Uploader: Tygolkree

Adding users to specific filter groups. A second possibility is to use a tool supplied by Microsoft possibly one executing on a different computer, which opens up additional security issues. If you find this is ddansguardian happening, increase the parameter to a much larger value thousands or even tens of thousands.

Go directly to the Squid test procedures for the type of auth you are using. You can use symbolic links to expose the documentatiob config file into an ibay for documentatioon access, you must be sure that anyone who edits the file knows to use a unix file format. Using more than one blacklist simultaneously can provide several benefits: Using A “debug” Version.

You can combine using OpenDNS and using local blacklists to improve the depth of your filtering. Restarting dansguardian from the panel affects users differently depending on the button the options are:. You can also use OpenDNS exclusively.

This document attempts to answer the question: It’s common for everything to seem to work, yet all requests always get thrown into the default filter group f1. For further guidance on sharing and consolidating multiple filter group configuration files, see Filter Documentagion Configurations.

Save and close the file if you made any changes.

DansGuardian Documentation Wiki

In DansGuardian blacklists are typically. You’ll notice that none of these factors actually deals with images per se. One last thing before we go on: Once you’ve done both things, your users won’t be able to skip around your DansGuardian system.


You may for example decide that having host names in the DansGuardian log is worth the performance penalty. You can handle this situation a couple different ways: If you have a mixed environment and so can’t use NTLM authentication, use Ident authentication instead.

preventing_skipping_around | DansGuardian Documentation Wiki

For our children’s computers, we must also prevent access to materials that are “harmful to minors”. When this happens you can dive into the inner workings of DansGuardian to tweak how the term weighting is being applied, or you can just explicitly block or allow a partiular web page or even an entire domain. As a result, the three of five potential DansGuardian auth methods that require assistance from the proxy cannot be used.

This is not true; no placeholder blacklist files are necessary. This is where you can force an entire web site to be blocked. NTLM -like other web auth schemes- has resolved the ambiguity by simply not dealing with any group information at all. Use IP authentication at least for the computers that should be treated specially even if not for everyone.

Fire up a laptop on your wireless network and start your favorite web browser. Ddansguardian few important yet highly non-technical users for example a CEO. These include the website URLwords and phrases included in documentwtion page, file type, mime type and more. It’s not clear either that this patch is applicable to the 2. All that’s left is turning these parts on and testing.

downloadable_blacklists | DansGuardian Documentation Wiki

This is no longer necessary with recent releases of DansGuardian. Modify the Squid authentication helper code to handle these computers. This dkcumentation not a solution however; the alternative of completely skipping authentication of users from some source computers has several drawbacks, including:. We’ll start with the master configuration files.

Although the exact configuration of traffic shaping is outside the scope of this document, here’s an example of the relevant lines from documehtation Shorewall tcrules file: A good guideline is to simply turn the …children parameters up until the computer begins to swap heavily, then turn them back down until the computer stops swapping. The disk head contention will be so severe at the worst possible time that overall performance will be that of a very badly documntation system even though the CPU usage is low.


DansGuardian is designed to be completely flexible and allows you to tailor the filtering to your exact needs. Grey lists only stop the URL filtering and allow the normal filtering to work. So you may need to go back and change to your Squid configuration again.

In an all-Windows environment where every user has a login even if they never use ituse NTLM authentication.

The parameter maxchildren should generally be about the same as your peak number of simultaneous users. Language and Encoding Effects on Phrase Matching. Personal tools English Log in. Like the last file, you probably don’t need to edit it now. Usually these things already happen by default or policy, and no explicit setting is needed. Consider each of these items, and where necessary rebalance the item against your other needs.

It seems prudent for each blacklist subscription download script to leave the old version of its blacklists in place until the new version is fully ready downloaded, verified, tagged, etc.

In the interest of simplicity, our example here will just use one level. If possible attend to them all. You can check if dansguardian is running with:. So if you see regular expressions being used to identify particular hosts, investigate using dstdomain instead.