Line 3: |
Line 3: |
| Back to [[:Dansguardian]] wiki page | | Back to [[:Dansguardian]] wiki page |
| | | |
− | ====Filter Groups====
| |
− | The following are rough notes re creating additional files & configuration steps needed for multiple filter groups.
| |
| | | |
− | This section is a work in progress & will be tidied up later.
| |
− |
| |
− | Do not literally use/copy these steps as if they are sme commands as they are not, they are procedural steps to give a brief indication of what is involved.
| |
− |
| |
− | Please note if you wish to authenticate users when opening a browser using pam auth method, then you will need to disable Transparent Proxy as it is not compatible with this method.
| |
− |
| |
− | Issue the following command
| |
− | config setprop squid Transparent no
| |
− | expand-template /etc/squid/squid.conf
| |
− | sv t /service/squid
| |
− |
| |
− | Doing the above will also require you to specify the proxy settings in your browser, so you will need to add the server IP eg 192.168.1.1 and port 8080 for the proxy setting
| |
− |
| |
− | You cannot have both Transparent Proxy and pam auth
| |
− |
| |
− | Then do the following to use filter groups
| |
− |
| |
− | configure pam auth using the db command from howto
| |
− |
| |
− | copy /etc/dansguardian/dansguardianf1.conf to /etc/dansguardian/dansguardianf2.conf
| |
− |
| |
− | and to a f3 version if required also
| |
− |
| |
− |
| |
− | Copy /etc/dansguardian/list/f1 to /etc/dansguardian/list/f2 including all subfolders and files
| |
− |
| |
− | edit /etc/dansguardian/dansguardianf2.conf and change all instances of f1 to f2 in filename locations
| |
− |
| |
− |
| |
− | edit /etc/dansguardian/dansguardian.conf
| |
− |
| |
− | Filter group options
| |
− |
| |
− | filtergroups = 2
| |
− |
| |
− | or however many filter groups you want to have
| |
− |
| |
− |
| |
− | Auth plugins
| |
− |
| |
− | remove # from in front of
| |
− |
| |
− | authplugin = '/etc/dansguardian/authplugins/proxy-basic.conf'
| |
− |
| |
− | leave other possibilities with # at start of line
| |
− |
| |
− |
| |
− | edit /etc/dansguardian/dansguardianf1.conf
| |
− |
| |
− | change Filter group mode
| |
− |
| |
− | leave this unchanged as this group will be the filtered standard users group
| |
− |
| |
− | groupmode = 1
| |
− |
| |
− |
| |
− | Filter group name
| |
− |
| |
− | remove # from front of groupname = ''
| |
− |
| |
− | change to
| |
− |
| |
− | groupname = 'Standard Users'
| |
− |
| |
− |
| |
− | edit /etc/dansguardian/dansguardianf2.conf
| |
− |
| |
− | change Filter group mode
| |
− |
| |
− | change this as this group will be the unfiltered Admin Users group
| |
− |
| |
− | groupmode = 2
| |
− |
| |
− |
| |
− | Filter group name
| |
− |
| |
− | remove # from front of groupname = ''
| |
− |
| |
− | change to
| |
− |
| |
− | groupname = 'Admin Users'
| |
− |
| |
− |
| |
− | Content filtering files location
| |
− |
| |
− | change all these to show f2 in the location path
| |
− |
| |
− | change all other occurrences of f1 to f2 in file paths
| |
− |
| |
− |
| |
− | edit /etc/dansguardian/lists/filtergroupslist
| |
− |
| |
− | add entries for users who are members of filter group2
| |
− |
| |
− | use this format
| |
− |
| |
− | username=filtergroupnumber
| |
− |
| |
− | eg
| |
− |
| |
− | ray=filter2
| |
− |
| |
− |
| |
− | It's not necessary to add all users who are in filter group 1 as everyone is automatically a member of group 1 by default.
| |
− |
| |
− | Filter group 2 settings override filter group 1
| |
− |
| |
− | restart dansguardian for changes to take effect
| |
− |
| |
− | /etc/init.d/dansguardian restart
| |
− |
| |
− | You can create as many groups as you want, using similar steps as above.
| |
− |
| |
− | Each group can have different levels of filtering eg different exceptionlists and naughtyness limits etc etc etc.
| |
− |
| |
− |
| |
− | edit the exception and banned lists in
| |
− |
| |
− | /etc/dansguardian/lists/f3/exceptionsitelist etc etc etc
| |
− |
| |
− | and in each other group list structure eg f1 & f2
| |
− |
| |
− | obviously if f2 is a unfiltered group then setting changes to exception & other lists will have no effect
| |
− |
| |
− |
| |
− | In practice you get asked for a login user & password when you access a web site.
| |
− |
| |
− | Depending on your group membership you get filtered or unfiltered access.
| |
| | | |
| ====Testing access==== | | ====Testing access==== |