Difference between revisions of "WebFilter"
m (Created page with "{{Languages}} === Maintainer === Daniel B.<br/> [http://www.firewall-services.com Firewall Services]<br> mailto:daniel@firewall-services.com === Description ...") |
m |
||
| Line 10: | Line 10: | ||
=== Description === | === Description === | ||
This contrib brings 3 new features for squid proxy, and provides a simple panel to control most of it: | This contrib brings 3 new features for squid proxy, and provides a simple panel to control most of it: | ||
| − | *URL Filtering (with [squidguard squidGuard]) | + | *URL Filtering (with [http://squidguard.org/ squidGuard]) |
Several categories of domain names and URLs are downloaded from the University of Toulouse and updated every night (you can get more informations on these lists [http://dsi.ut-capitole.fr/blacklists/ here), it french). You can then just choose which catagories you want to block. You can enter a list of ip addresses which won't be filtered, and a local blacklist and whitelist. | Several categories of domain names and URLs are downloaded from the University of Toulouse and updated every night (you can get more informations on these lists [http://dsi.ut-capitole.fr/blacklists/ here), it french). You can then just choose which catagories you want to block. You can enter a list of ip addresses which won't be filtered, and a local blacklist and whitelist. | ||
*On the fly antivirus scanning (using ([http://squidclamav.darold.net/ squidclamav]) | *On the fly antivirus scanning (using ([http://squidclamav.darold.net/ squidclamav]) | ||
| Line 24: | Line 24: | ||
*You need to configure both [[Epel]] and [[Fws]] repositories | *You need to configure both [[Epel]] and [[Fws]] repositories | ||
=== Screenshots === | === Screenshots === | ||
| + | |||
| + | [[File:Webfilter_1.png|webfilter panel]] | ||
| + | [[File:Webfilter_2.png|webfilter panel]] | ||
=== Installation === | === Installation === | ||
| Line 40: | Line 43: | ||
db configuration setprop squidguard AutoUpdate disabled | db configuration setprop squidguard AutoUpdate disabled | ||
Then, you'll be able to manage the list the way you want. Remember you need to recompile squidGuard databases if you modify files in a list. | Then, you'll be able to manage the list the way you want. Remember you need to recompile squidGuard databases if you modify files in a list. | ||
| + | |||
| + | ===MySQL logs=== | ||
| + | MySQL loging of clients requests is handled by a independant daemon called squid-db-logd. It monitors squid access log and squidGuard deny log in realtime, parse it and put everything in the database called squid_log. In this database, the table access_log list all the access while the deny_log only list denied pages. This feature may need a lot of space. On a busy server, you can easily reach 3Go/month only for the database (and more for the dump when you backup your server). To lmit the needed space, a cron job rotate and compress the access_log and deny_log tables each month. Old tables are also removed. The default config keeps one year of log. You can change this setting with (value is in day and default is 365) | ||
| + | db configuration setprop squid-db-logd Retention 180 | ||
| + | |||
| + | If you want to completly disable this feature, you can stop this daemon: | ||
| + | db configuration setprop squid-db-logd status disabled | ||
| + | sv d /service/squid-db-logd | ||
Revision as of 22:15, 15 October 2012
Maintainer
Daniel B.
Firewall Services
mailto:daniel@firewall-services.com
Description
This contrib brings 3 new features for squid proxy, and provides a simple panel to control most of it:
- URL Filtering (with squidGuard)
Several categories of domain names and URLs are downloaded from the University of Toulouse and updated every night (you can get more informations on these lists [http://dsi.ut-capitole.fr/blacklists/ here), it french). You can then just choose which catagories you want to block. You can enter a list of ip addresses which won't be filtered, and a local blacklist and whitelist.
- On the fly antivirus scanning (using (squidclamav)
When enabled, all web trafic will be scanned before being sent to the client
- log every requests in a MySQL database
Every request passing through squid is logged in a database, making it easier to analyze squid logs. There's no frontend for this, but you can use your favorite mysql client to see which domains are the most visited, which user eats all your bandwidth, etc...
This contrib can replace dansguardian if you have simple filtering requirement. It's really easy to configure, but is also less powerfull. Dansguardian is a real content scanner (it analyze the content of the pages while squidguard only look at the URLs for example.
Requirements
- SME Server 8 (not tested and not supported on SME 7)
- You need to configure both Epel and Fws repositories
Screenshots
Installation
To install the contrib, simply run the following command:
yum --enablerepo=epel --enablerepo=fws install smeserver-webfilter signal-event http-proxy-update
You can then access the new panel in the server-manager. The first time you access it, you might have an empty category list. Just click the save button at the bottom of the page, wait a few minutes and try again (the list is empty because categories hasn't been downloaded yet). Now, you should be able to enable URL and AV filtering, and choose which categories you want to block. The next settings modification might take a long time (several minutes, you may also have a imeout error displayed). This is expected and id because squidGuard database needs to be compiled. After this, settings change should be fast.
Customize category lists
Category lists are simple text files in /var/lib/squidGuard/blacklists. Each category is a directory, adn each directory may have a file names domains and another named urls. Each directory in /var/lib/squidGuard/blacklists will be displayed in the panel of the server-manager, except if it's listed in the DisabledCategories prop. You can see which categories are disabled with:
db configuration getprop squidguard DisabledCategories
This lets you ignore some useless category, and make the panel for simple. The default config update all the categories each night. This is done in the cron job /etc/cron.daily/squidGuard, which calls /etc/e-smith/events/actions/squidguard-update-databases. If you don't want to auto update those lists, you can disable this feature: db configuration setprop squidguard AutoUpdate disabled Then, you'll be able to manage the list the way you want. Remember you need to recompile squidGuard databases if you modify files in a list.
MySQL logs
MySQL loging of clients requests is handled by a independant daemon called squid-db-logd. It monitors squid access log and squidGuard deny log in realtime, parse it and put everything in the database called squid_log. In this database, the table access_log list all the access while the deny_log only list denied pages. This feature may need a lot of space. On a busy server, you can easily reach 3Go/month only for the database (and more for the dump when you backup your server). To lmit the needed space, a cron job rotate and compress the access_log and deny_log tables each month. Old tables are also removed. The default config keeps one year of log. You can change this setting with (value is in day and default is 365)
db configuration setprop squid-db-logd Retention 180
If you want to completly disable this feature, you can stop this daemon:
db configuration setprop squid-db-logd status disabled sv d /service/squid-db-logd
