Protect Kids and Student Online – content filtering

The parental control uses the most advanced content filter technology available in blackPanther OS. Our Content Filter actually scans webpages in real-time.

This a local Proxy Server that use Squid and Dansguardian as filtering for porn or other web that should not for the student to access.

Before you edit the configuration, you should install squid and dansguardian package. You can install it from the command like the below or You can use standard graphically install method:

Needs packages installation:

The commandline based install:

# installing squid

# installing dansguardian

Don’t forget to answer Y for the dependencies.

Check the installation and services:

# services squid start

# services dansguardian start

If all serivces is well that will see you:

[root@core2 v11.1]# services squid start
* Start query: init_cache_dir … squid starting: .                                                         [    OK    ]

[root@core2 v11.1]# services squid start
* Start query: init_cache_dir … squid starting: .                                                         [    OK    ]

After you install, now you must edit the squid.conf. Just type the command in the below for edit the file:

# mcedit /etc/squid/squid.conf   (or from mc with pressed F4 /F2 save key/)




Now edit the file like the below:

acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
acl localnet src 10.0.0.0/8    # RFC1918 possible internal network
acl localnet src 172.16.0.0/12    # RFC1918 possible internal network
acl localnet src 192.168.0.0/24    # your internal network
acl SSL_ports port 443
acl Safe_ports port 80        # http
acl Safe_ports port 21        # ftp
acl Safe_ports port 443        # https
acl Safe_ports port 70        # gopher
acl Safe_ports port 210        # wais
acl Safe_ports port 1025-65535    # unregistered ports
acl Safe_ports port 280        # http-mgmt
acl Safe_ports port 488        # gss-http
acl Safe_ports port 591        # filemaker
acl Safe_ports port 777        # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localnet
http_access allow localhost
http_access allow localhost
http_port 3128 transparent
cache_mem 128 MB
#I make 5 for squid cache
cache_dir ufs /cache/1 1012 16 256
cache_dir ufs /cache/2 1012 16 256
cache_dir ufs /cache/3 1012 16 256
cache_dir ufs /cache/4 1012 16 256
cache_dir ufs /cache/5 1012 16 256
cache_mgr Suwandy
visible_hostname blackPantherOS-v11.1
dns_nameservers 180.131.144.144 180.131.145.145 #I use NAWALA DNS for DNS filtering.
hierarchy_stoplist cgi-bin ?
coredump_dir /var/spool/squid
access_log /var/log/squid/access.log squid
refresh_pattern ^ftp:        1440    20%    10080
refresh_pattern ^gopher:    1440    0%    1440
refresh_pattern -i (/cgi-bin/|\?) 0    0%    0
refresh_pattern .        0    20%    4320
shutdown_lifetime 5 seconds
cache_effective_user squid
cache_effective_group squid

After you finished edit the file, you can run the squid from the command:

# services squid restart

Okay, now we edit dansguardian.conf from the command:

# mcedit /etc/dansguardian/dansguardian.conf

And then edit the file like this:

reportinglevel = 3
languagedir = ‘/usr/share/dansguardian/languages’
language = ‘ukenglish’  #OR YOUR FAVORITE LANGUAGE
loglevel = 2
logexceptionhits = 2
logfileformat = 3
loglocation = ‘/var/log/dansguardian/access.log’
statlocation = ‘/var/log/dansguardian/stats’
filterip =
filterport = 8080 #your dansguardian port
proxyip = 127.0.0.1
proxyport = 3128 #your squid port
originalip = off
accessdeniedaddress = ‘http://YOURSERVER.YOURDOMAIN/cgi-bin/dansguardian.pl’
nonstandarddelimiter = on
usecustombannedimage = on
custombannedimagefile = ‘/usr/share/dansguardian/transparent1x1.gif’
filtergroups = 1
filtergroupslist = ‘/etc/dansguardian/lists/filtergroupslist’
bannediplist = ‘/etc/dansguardian/lists/bannediplist’
exceptioniplist = ‘/etc/dansguardian/lists/exceptioniplist’
showweightedfound = on
weightedphrasemode = 2
urlcachenumber = 1000
urlcacheage = 900
scancleancache = on
phrasefiltermode = 2
preservecase = 0
hexdecodecontent = off
forcequicksearch = off
reverseaddresslookups = off
reverseclientiplookups = off
logclienthostnames = off
createlistcachefiles = on
maxuploadsize = 0
maxcontentfiltersize = 256
maxcontentramcachescansize = 2000
maxcontentfilecachescansize = 20000
filecachedir = ‘/var/lib/dansguardian/tmp’
deletedownloadedtempfiles = on
initialtrickledelay = 20
trickledelay = 10
downloadmanager = ‘/etc/dansguardian/downloadmanagers/fancy.conf’
downloadmanager = ‘/etc/dansguardian/downloadmanagers/default.conf’
contentscannertimeout = 60
contentscanexceptions = off
recheckreplacedurls = off
forwardedfor = off
usexforwardedfor = off
logconnectionhandlingerrors = on
logchildprocesshandling = off
maxchildren = 250
minchildren = 32
minsparechildren = 8
preforkchildren = 10
maxsparechildren = 64
maxagechildren = 5000
maxips = 0
ipcfilename = ‘/var/lib/dansguardian/.dguardianipc’
urlipcfilename = ‘/var/lib/dansguardian/.dguardianurlipc’
ipipcfilename = ‘/var/lib/dansguardian/.dguardianipipc’
pidfilename = ‘/var/run/dansguardian/dansguardian.pid’
nodaemon = off
nologger = off
logadblocks = off
loguseragent = off
daemonuser = ‘dansguardian’
daemongroup = ‘dansguardian’
softrestart = off
mailer = ‘/usr/sbin/sendmail -t’

Okay, now you’ve finished edit dansguardian configuration. After that I edit dansguardianf1.conf

# mcedit /etc/dansguardian/dansguardianf1.conf

and then edit it like this:

groupmode = 1
bannedphraselist = ‘/etc/dansguardian/lists/bannedphraselist’
weightedphraselist = ‘/etc/dansguardian/lists/weightedphraselist’
exceptionphraselist = ‘/etc/dansguardian/lists/exceptionphraselist’
bannedsitelist = ‘/etc/dansguardian/lists/bannedsitelist’
greysitelist = ‘/etc/dansguardian/lists/greysitelist’
exceptionsitelist = ‘/etc/dansguardian/lists/exceptionsitelist’
bannedurllist = ‘/etc/dansguardian/lists/bannedurllist’
greyurllist = ‘/etc/dansguardian/lists/greyurllist’
exceptionurllist = ‘/etc/dansguardian/lists/exceptionurllist’
exceptionregexpurllist = ‘/etc/dansguardian/lists/exceptionregexpurllist’
bannedregexpurllist = ‘/etc/dansguardian/lists/bannedregexpurllist’
picsfile = ‘/etc/dansguardian/lists/pics’
contentregexplist = ‘/etc/dansguardian/lists/contentregexplist’
urlregexplist = ‘/etc/dansguardian/lists/urlregexplist’
blockdownloads = off
exceptionextensionlist = ‘/etc/dansguardian/lists/exceptionextensionlist’
exceptionmimetypelist = ‘/etc/dansguardian/lists/exceptionmimetypelist’
bannedextensionlist = ‘/etc/dansguardian/lists/bannedextensionlist’
bannedmimetypelist = ‘/etc/dansguardian/lists/bannedmimetypelist’
exceptionfilesitelist = ‘/etc/dansguardian/lists/exceptionfilesitelist’
exceptionfileurllist = ‘/etc/dansguardian/lists/exceptionfileurllist’
headerregexplist = ‘/etc/dansguardian/lists/headerregexplist’
bannedregexpheaderlist = ‘/etc/dansguardian/lists/bannedregexpheaderlist’
naughtynesslimit = 50
categorydisplaythreshold = 0
embeddedurlweight = 0
enablepics = off
bypass = 0
bypasskey = ”
infectionbypass = 0
infectionbypasskey = ”
infectionbypasserrorsonly = on
disablecontentscan = off
deepurlanalysis = off
usesmtp = off
mailfrom = ”
avadmin = ”
contentadmin = ”
avsubject = ‘dansguardian virus block’
contentsubject = ‘dansguardian violation’
notifyav = off
notifycontent = off
thresholdbyuser = off
violations = 0
threshold = 0

Now, you can run dansguardian server like this command:

# services dansguardian restart

If there aren’t error, you have success make proxy server that support filtering that you want.

Last step the browser network settings:

Go to Edit> Preferences > Advanced > Network  > Settings

And enable proxy server and add 127.0.0.1 for the Proxy IP address rows  and add 8080 to Proxy Port rows.

Working the content filtering on blackPanther OS and protect the childerens!

admin

About admin