[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: dansguardian

El día 13 de junio de 2011 17:26, López Denazis Santiago
<vampireofsengir@gmail.com> escribió:
> Buenas noches rickygm! Que tal si nos haces un pastebin de tu
> dansguardian.conf completo? Quiza alli encontremos el problema. Saludos,

ok lo envio , les comento que todos los archivos estan /etc/dansguardian/


# DansGuardian config file for version 2.8.0

# **NOTE** as of version 2.7.5 most of the list files are now in dansguardianf1.conf

# Web Access Denied Reporting (does not affect logging)
# -1 = log, but do not block - Stealth mode
#  0 = just say 'Access Denied'
#  1 = report why but not what denied phrase
#  2 = report fully
#  3 = use HTML template file (accessdeniedaddress ignored) - recommended
reportinglevel = 3

# Language dir where languages are stored for internationalisation.
# The HTML template within this dir is only used when reportinglevel
# is set to 3. When used, DansGuardian will display the HTML file instead of
# using the perl cgi script.  This option is faster, cleaner
# and easier to customise the access denied page.
# The language file is used no matter what setting however.
languagedir = '/etc/dansguardian/languages'

# language to use from languagedir.
language = 'spanish'

# Logging Settings
# 0 = none  1 = just denied  2 = all text based  3 = all requests
loglevel = 2

# Log Exception Hits
# Log if an exception (user, ip, URL, phrase) is matched and so
# the page gets let through.  Can be useful for diagnosing
# why a site gets through the filter.  on | off
logexceptionhits = on

# Log File Format
# 1 = DansGuardian format        2 = CSV-style format
# 3 = Squid Log File Format      4 = Tab delimited
logfileformat = 3

# Log file location
# Defines the log directory and filename.
loglocation = '/var/log/dansguardian/access.log'

# Network Settings
# the IP that DansGuardian listens on.  If left blank DansGuardian will
# listen on all IPs.  That would include all NICs, loopback, modem, etc.
# Normally you would have your firewall protecting this, but if you want
# you can limit it to only 1 IP.  Yes only one.
filterip =  

# the port that DansGuardian listens to.
filterport = 8080

# the ip of the proxy (default is the loopback - i.e. this server)
proxyip = 

# the port DansGuardian connects to proxy on
proxyport = 3128 
#proxyport = 8090 

# accessdeniedaddress is the address of your web server to which the cgi
# dansguardian reporting script was copied
# Do NOT change from the default if you are not using the cgi.
accessdeniedaddress = 'http://proxyf/cgi-bin/dansguardian.pl'

# Non standard delimiter (only used with accessdeniedaddress)
# Default is enabled but to go back to the original standard mode dissable it.
nonstandarddelimiter = on

# Banned image replacement
# Images that are banned due to domain/url/etc reasons including those
# in the adverts blacklists can be replaced by an image.  This will,
# for example, hide images from advert sites and remove broken image
# icons from banned domains.
# 0 = off
# 1 = on (default)
usecustombannedimage = 1
custombannedimagefile = '/etc/dansguardian/transparent1x1.gif'

# Filter groups options
# filtergroups sets the number of filter groups. A filter group is a set of content
# filtering options you can apply to a group of users.  The value must be 1 or more.
# DansGuardian will automatically look for dansguardianfN.conf where N is the filter
# group.  To assign users to groups use the filtergroupslist option.  All users default
# to filter group 1.  You must have some sort of authentication to be able to map users
# to a group.  The more filter groups the more copies of the lists will be in RAM so
# use as few as possible.
filtergroups = 1
filtergroupslist = '/etc/dansguardian/filtergroupslist'

# Authentication files location
bannediplist = '/etc/dansguardian/bannediplist'
exceptioniplist = '/etc/dansguardian/exceptioniplist'
banneduserlist = '/etc/dansguardian/banneduserlist'
exceptionuserlist = '/etc/dansguardian/exceptionuserlist'

# Show weighted phrases found
# If enabled then the phrases found that made up the total which excedes
# the naughtyness limit will be logged and, if the reporting level is
# high enough, reported. on | off
showweightedfound = on

# Weighted phrase mode
# There are 3 possible modes of operation:
# 0 = off = do not use the weighted phrase feature.
# 1 = on, normal = normal weighted phrase operation.
# 2 = on, singular = each weighted phrase found only counts once on a page.
weightedphrasemode = 2 

# Positive result caching for text URLs
# Caches good pages so they don't need to be scanned again
# 0 = off (recommended for ISPs with users with disimilar browsing)
# 1000 = recommended for most users
# 5000 = suggested max upper limit
urlcachenumber = 5000
# Age before they are stale and should be ignored in seconds
# 0 = never
# 900 = recommended = 15 mins
urlcacheage = 900

# Smart and Raw phrase content filtering options
# Smart is where the multiple spaces and HTML are removed before phrase filtering
# Raw is where the raw HTML including meta tags are phrase filtered
# CPU usage can be effectively halved by using setting 0 or 1
# 0 = raw only
# 1 = smart only
# 2 = both (default)
phrasefiltermode = 2

# Lower casing options
# When a document is scanned the uppercase letters are converted to lower case
# in order to compare them with the phrases.  However this can break Big5 and
# other 16-bit texts.  If needed preserve the case.  As of version 2.7.0 accented
# characters are supported.
# 0 = force lower case (default)
# 1 = do not change case
preservecase = 0

# Hex decoding options
# When a document is scanned it can optionally convert %XX to chars.
# If you find documents are getting past the phrase filtering due to encoding
# then enable.  However this can break Big5 and other 16-bit texts.
# 0 = disabled (default)
# 1 = enabled
hexdecodecontent = 0

# Force Quick Search rather than DFA search algorithm
# The current DFA implementation is not totally 16-bit character compatible
# but is used by default as it handles large phrase lists much faster.
# If you wish to use a large number of 16-bit character phrases then
# enable this option.
# 0 = off (default)
# 1 = on (Big5 compatible)
forcequicksearch = 0

# Reverse lookups for banned site and URLs.
# If set to on, DansGuardian will look up the forward DNS for an IP URL
# address and search for both in the banned site and URL lists.  This would
# prevent a user from simply entering the IP for a banned address.
# It will reduce searching speed somewhat so unless you have a local caching
# DNS server, leave it off and use the Blanket IP Block option in the
# bannedsitelist file instead.
reverseaddresslookups = off

# Reverse lookups for banned and exception IP lists.
# If set to on, DansGuardian will look up the forward DNS for the IP
# of the connecting computer.  This means you can put in hostnames in
# the exceptioniplist and bannediplist.
# It will reduce searching speed somewhat so unless you have a local DNS server, 
# leave it off.
reverseclientiplookups = off

# Build bannedsitelist and bannedurllist cache files.
# This will compare the date stamp of the list file with the date stamp of
# the cache file and will recreate as needed.
# If a bsl or bul .processed file exists, then that will be used instead.
# It will increase process start speed by 300%.  On slow computers this will
# be significant.  Fast computers do not need this option. on | off
createlistcachefiles = on

# POST protection (web upload and forms)
# does not block forms without any file upload, i.e. this is just for
# blocking or limiting uploads
# measured in kibibytes after MIME encoding and header bumph
# use 0 for a complete block
# use higher (e.g. 512 = 512Kbytes) for limiting
# use -1 for no blocking
#maxuploadsize = 512
#maxuploadsize = 0
maxuploadsize = -1

# Max content filter page size
# Sometimes web servers label binary files as text which can be very
# large which causes a huge drain on memory and cpu resources.
# To counter this, you can limit the size of the document to be
# filtered and get it to just pass it straight through.
# This setting also applies to content regular expression modification.
# The size is in Kibibytes - eg 2048 = 2Mb
# use 0 for no limit
maxcontentfiltersize = 256

# Username identification methods (used in logging)
# You can have as many methods as you want and not just one.  The first one
# will be used then if no username is found, the next will be used.
# * proxyauth is for when basic proxy authentication is used (no good for
#   transparent proxying).
# * ntlm is for when the proxy supports the MS NTLM authentication
#   protocol.  (Only works with IE5.5 sp1 and later).  **NOT IMPLEMENTED**
# * ident is for when the others don't work.  It will contact the computer
#   that the connection came from and try to connect to an identd server
#   and query it for the user owner of the connection.
usernameidmethodproxyauth = on
usernameidmethodntlm = off # **NOT IMPLEMENTED**
usernameidmethodident = off

# Preemptive banning - this means that if you have proxy auth enabled and a user accesses
# a site banned by URL for example they will be denied straight away without a request
# for their user and pass.  This has the effect of requiring the user to visit a clean
# site first before it knows who they are and thus maybe an admin user.
# This is how DansGuardian has always worked but in some situations it is less than
# ideal.  So you can optionally disable it.  Default is on.
# As a side effect disabling this makes AD image replacement work better as the mime
# type is know.
preemptivebanning = on

# Misc settings

# if on it adds an X-Forwarded-For: <clientip> to the HTTP request
# header.  This may help solve some problem sites that need to know the
# source ip. on | off
forwardedfor = on

# if on it uses the X-Forwarded-For: <clientip> to determine the client
# IP. This is for when you have squid between the clients and DansGuardian.
# Warning - headers are easily spoofed. on | off
#usexforwardedfor = off
usexforwardedfor = on

# if on it logs some debug info regarding fork()ing and accept()ing which
# can usually be ignored.  These are logged by syslog.  It is safe to leave
# it on or off
logconnectionhandlingerrors = on

# Fork pool options

# sets the maximum number of processes to sporn to handle the incomming
# connections.  Max value usually 250 depending on OS.
# On large sites you might want to try 180.
maxchildren = 180

# sets the minimum number of processes to sporn to handle the incomming connections.
# On large sites you might want to try 32.
minchildren = 32

# sets the minimum number of processes to be kept ready to handle connections.
# On large sites you might want to try 8.
minsparechildren = 8

# sets the minimum number of processes to sporn when it runs out
# On large sites you might want to try 10.
preforkchildren = 10

# sets the maximum number of processes to have doing nothing.
# When this many are spare it will cull some of them.
# On large sites you might want to try 64.
maxsparechildren = 64

# sets the maximum age of a child process before it croaks it.
# This is the number of connections they handle before exiting.
# On large sites you might want to try 10000.
maxagechildren = 500

# Process options
# (Change these only if you really know what you are doing).
# These options allow you to run multiple instances of DansGuardian on a single machine.
# Remember to edit the log file path above also if that is your intention.

# IPC filename
# Defines IPC server directory and filename used to communicate with the log process.
ipcfilename = '/tmp/.dguardianipc'

# URL list IPC filename
# Defines URL list IPC server directory and filename used to communicate with the URL
# cache process.
urlipcfilename = '/tmp/.dguardianurlipc'

# PID filename
# Defines process id directory and filename.
#pidfilename = '/var/run/dansguardian.pid'

# Disable daemoning
# If enabled the process will not fork into the background.
# It is not usually advantageous to do this.
# on|off ( defaults to off )
nodaemon = off

# Disable logging process
# on|off ( defaults to off )
nologger = off

# Daemon runas user and group
# This is the user that DansGuardian runs as.  Normally the user/group nobody.
# Uncomment to use.  Defaults to the user set at compile time.
# daemonuser = 'nobody'
# daemongroup = 'nobody'

# Soft restart
# When on this disables the forced killing off all processes in the process group.
# This is not to be confused with the -g run time option - they are not related.
# on|off ( defaults to off )
softrestart = off

Reply to: