Dansguardian-stats
Maintainer
This contrib has been developed by Jesper Knudsen from SME Optimizer
Description
smeserver-dansguardian-stats provides a web statistics interface to the results of the content filtering provided by Dansguardian. I will on the statistics page present:
- Pages Scanned, Allowed, Blocked and Infected pages and the amount of data scanned (Bytes)
- Top 10 Visited sites
- Top 10 Blocked Sites
- Top 10 Malware/Virus Blocked content (requires ClamAV enabled)
- Top 10 Blocked Categories as reported by Dansguardian
Its a prerequisite that dansguardian and the smeserver-dansguardian contribs have been installed. See http://wiki.contribs.org/Dansguardian for install details.
Installation
in according with the bugzilla:7620 this package is moving to smeContribs repo for SME8 and thus the installation method is changed.
yum install --enablerepo=smecontribs smeserver-dansguardian smeserver-dansguardian-stats
old method
wget http://sme.swerts-knudsen.dk/downloads/Dansguardian-stats/smeserver-dansguardian-stats-1.0.3-1.noarch.rpm yum localinstall smeserver-dansguardian-stats-1.0.3-1.noarch.rpm
Upgrade
yum upgrade --enablerepo=smecontribs smeserver-dansguardian smeserver-dansguardian-stats
old method
wget http://sme.swerts-knudsen.dk/downloads/Dansguardian-stats/smeserver-dansguardian-stats-1.0.3-1.noarch.rpm yum localupdate smeserver-dansguardian-stats-1.0.3-1.noarch.rpm
Uninstall
You can simply remove the package again with the usual yum command.
yum remove smeserver-dansguardian-stats
Configuration
The package requires that the logfileformat for dansguardian is set to format 4 (in /etc/dansguardian/dansguardian.conf).
# Log File Format # 1 = DansGuardian format (space delimited) # 2 = CSV-style format # 3 = Squid Log File Format # 4 = Tab delimited logfileformat = 4
If you ran with a different logfileformat before then, delete the old log file, change the configuration and restart dansguardian.
/etc/init.d/dansguardian stop rm /var/log/dansguardian/access.log /etc/init.d/dansguardian start
When installed, the web interface is is accessible form:
http://your.domain.com/dansguardian
This dansguardian statistics web page can, by default, only be seen from the local network (IP ranges defined in Local Network in the server-manager) but if you want this to be accessible from remote networks (public access) this can be done via (default: yes):
/sbin/e-smith/db configuration setprop dansguardian LocalOnly <no|yes> expand-template /etc/httpd/conf/httpd.conf /etc/rc.d/init.d/httpd-e-smith restart
Unofficial ClamAV signatures
I would also recommend to install the script that downloads all the unofficial ClamAV signatures as these detects not only virus but equally importantly various kinds of malware and spam.
Follow the guide on Virus:Additional Signatures to do that.
Statistics
An additional feature of the Dansguardian statistics is to send the collected statistics to a central statistics central at http://central.swerts-knudsen.dk. The gathering of data is not stressful for the server and the data sent is not sensitive (well in my opinion) and consists of:
- Amount of pages scanned
- Top 10 names of virus/malware infected content (names from ClamAV)
- Top 10 names of Blocked domains and their Dansguardian categories (Proxies, Pornography, etc.)
- The version of SME server used (7.x)
- Public IP address of server (used to plot in Google Maps on central.swerts-knudsen.com)
Should you want to disable this functionality then this can obviously be done:
/sbin/e-smith/db configuration setprop dansguardian statsclient <disabled|enabled>
How do I report a problem or a suggestion?
This contrib has not yet been created in the bugtracker so just send an email to mailto:contribs@swerts-knudsen.dk. Please make sure to be ready to provide your dansguardian log file (/var/log/dansguardian/access.log)