Dansguardian-stats

From SME Server
Revision as of 00:39, 10 February 2017 by Unnilennium (talk | contribs) (→‎Bugs)
Jump to navigation Jump to search
PythonIcon.png Skill level: Easy
The instructions on this page can be followed by a beginner.


Version

smeserver-dansguardian-stats
The latest version of smeserver-dansguardian-stats is available in the SME repository, click on the version number(s) for more information.



Maintainer

This contrib has been developed by Jesper Knudsen from SME Optimizer

Description

smeserver-dansguardian-stats provides a web statistics interface to the results of the content filtering provided by Dansguardian. I will on the statistics page present:

  • Pages Scanned, Allowed, Blocked and Infected pages and the amount of data scanned (Bytes)
  • Top 10 Visited sites
  • Top 10 Blocked Sites
  • Top 10 Malware/Virus Blocked content (requires ClamAV enabled)
  • Top 10 Blocked Categories as reported by Dansguardian

Its a prerequisite that dansguardian and the smeserver-dansguardian contribs have been installed. See http://wiki.contribs.org/Dansguardian for install details.

 

Installation

yum install --enablerepo=smecontribs smeserver-dansguardian smeserver-dansguardian-stats
signal-event dansguardian-save


When installed, the web interface is is accessible form ( you need to wait for cron script to run):

http://your.domain.com/dansguardian

Upgrade

yum upgrade --enablerepo=smecontribs smeserver-dansguardian smeserver-dansguardian-stats
signal-event dansguardian-save


Uninstall

You can simply remove the package again with the usual yum command.

yum remove smeserver-dansguardian-stats

Configuration

Dansguardian Log file Format

The package requires that the logfileformat for dansguardian is set to format 4 (in /etc/dansguardian/dansguardian.conf). You have to edit the file. If you have smeserver-dansguardian-panel installed, you can set this in the server-manager.

# Log File Format
# 1 = DansGuardian format (space delimited)
# 2 = CSV-style format
# 3 = Squid Log File Format
# 4 = Tab delimited
logfileformat = 4

If you ran with a different logfileformat before then, delete the old log file, change the configuration and restart dansguardian.

/etc/init.d/dansguardian stop
rm /var/log/dansguardian/access.log
/etc/init.d/dansguardian start

Dansguardian Anti-virus filtering

For the scanned and infected graph to display you will have to activate dansguardian clamscan plugin, see https://wiki.contribs.org/Dansguardian#ClamAV_support


Unofficial ClamAV signatures

I would also recommend to install the script that downloads all the unofficial ClamAV signatures as these detects not only virus but equally importantly various kinds of malware and spam.

Follow the guide on Virus:Additional Signatures to do that.


db configuration

config setprop dansguardian \
  1. webstats <YES|NO> # by default (YES), gather and display webstat
  2. localonly <YES|NO> # by default (YES), only be seen from the local network (IP ranges defined in Local Network in the server-manager) , set to NO to see from outside
  3. statsclient <disabled|enabled> # default is enabled. See Dansguardian-stats#External Statistics

then

signal event dansguardian-save


External Statistics

An additional feature of the Dansguardian statistics is to send the collected statistics to a central statistics central at http://central.swerts-knudsen.dk. The gathering of data is not stressful for the server and the data sent is not sensitive (well in my opinion) and consists of:

  • Amount of pages scanned
  • Top 10 names of virus/malware infected content (names from ClamAV)
  • Top 10 names of Blocked domains and their Dansguardian categories (Proxies, Pornography, etc.)
  • The version of SME server used (7.x)
  • Public IP address of server (used to plot in Google Maps on central.swerts-knudsen.com)

Should you want to disable this functionality then this can obviously be done:

/sbin/e-smith/db configuration setprop dansguardian statsclient <disabled|enabled>

Bugs

This contrib has been created in the bugtracker so just raise a bug by following this link . Please make sure to be ready to provide your dansguardian log file (/var/log/dansguardian/access.log)

"No open bugs found."

Changelog

Only versions released in smecontrib are listed here.