Rosen Penev
GitHub
commit
507990bd48
4 changed files with 0 additions and 788 deletions
|
|
@ -1,85 +0,0 @@
|
|||
#
|
||||
# Copyright (C) 2015 OpenWrt.org
|
||||
#
|
||||
# This is free software, licensed under the GNU General Public License v2.
|
||||
# See /LICENSE for more information.
|
||||
#
|
||||
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=e2guardian
|
||||
PKG_VERSION:=3.2.0
|
||||
PKG_RELEASE:=2
|
||||
|
||||
PKG_LICENSE:=GPL-2.0
|
||||
PKG_MAINTAINER:=Luka Perkov <luka@openwrt.org>
|
||||
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
|
||||
PKG_SOURCE_URL:=https://github.com/$(PKG_NAME)/$(PKG_NAME)
|
||||
PKG_SOURCE_VERSION:=35be4a5b40aedc6a800c06389c220a8dbf35f1cc
|
||||
PKG_MIRROR_HASH:=2dab9ba63ee8a2c09ac84f5b69dc5a1e9beb3cf3deede55d405b8bc5dc711e97
|
||||
|
||||
PKG_FIXUP:=autoreconf
|
||||
PKG_BUILD_PARALLEL:=1
|
||||
PKG_INSTALL:=1
|
||||
|
||||
include $(INCLUDE_DIR)/uclibc++.mk
|
||||
include $(INCLUDE_DIR)/package.mk
|
||||
|
||||
define Package/e2guardian
|
||||
SECTION:=net
|
||||
DEPENDS:=+libpthread $(CXX_DEPENDS) +zlib +libpcre
|
||||
CATEGORY:=Network
|
||||
SUBMENU:=Web Servers/Proxies
|
||||
TITLE:=E2Guardian
|
||||
URL:=http://e2guardian.org/cms/
|
||||
endef
|
||||
|
||||
define Package/e2guardian/conffiles
|
||||
/etc/e2guardian/e2guardianf1.conf
|
||||
/etc/config/e2guardian
|
||||
endef
|
||||
|
||||
CONFIGURE_VARS += \
|
||||
INCLUDES="" \
|
||||
CXXFLAGS="$$$$CXXFLAGS -fno-rtti" \
|
||||
LIBS="-lpthread"
|
||||
|
||||
CONFIGURE_ARGS += \
|
||||
--with-sysconfsubdir=e2guardian \
|
||||
--with-proxyuser=nobody \
|
||||
--with-proxygroup=nogroup \
|
||||
--enable-pcre=yes \
|
||||
--with-piddir=/tmp/e2guardian/ \
|
||||
--enable-sslextralists=no \
|
||||
--enable-sslmitm=no
|
||||
|
||||
define Build/Configure
|
||||
( cd $(PKG_BUILD_DIR); ./autogen.sh )
|
||||
$(call Build/Configure/Default,$CONFIGURE_ARGS)
|
||||
endef
|
||||
|
||||
define Package/e2guardian/install
|
||||
$(INSTALL_DIR) $(1)/usr/sbin
|
||||
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/e2guardian $(1)/usr/sbin/
|
||||
|
||||
$(INSTALL_DIR) $(1)/etc
|
||||
$(CP) $(PKG_INSTALL_DIR)/etc/e2guardian $(1)/etc/
|
||||
$(INSTALL_CONF) ./files/e2guardianf1.conf $(1)/etc/e2guardian/e2guardianf1.conf
|
||||
|
||||
$(INSTALL_DIR) $(1)/etc/config
|
||||
$(INSTALL_CONF) ./files/e2guardian.config $(1)/etc/config/e2guardian
|
||||
|
||||
$(INSTALL_DIR) $(1)/usr/share/e2guardian
|
||||
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/e2guardian/transparent1x1.gif $(1)/usr/share/e2guardian/
|
||||
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/e2guardian/blockedflash.swf $(1)/usr/share/e2guardian/
|
||||
|
||||
$(INSTALL_DIR) $(1)/usr/share/e2guardian/languages/ukenglish
|
||||
$(CP) $(PKG_INSTALL_DIR)/usr/share/e2guardian/languages/ukenglish/* $(1)/usr/share/e2guardian/languages/ukenglish/
|
||||
|
||||
$(INSTALL_DIR) $(1)/etc/init.d/
|
||||
$(INSTALL_BIN) ./files/e2guardian.init $(1)/etc/init.d/e2guardian
|
||||
endef
|
||||
|
||||
$(eval $(call BuildPackage,e2guardian))
|
||||
|
|
@ -1,69 +0,0 @@
|
|||
config e2guardian 'e2guardian'
|
||||
option languagedir '/usr/share/e2guardian/languages'
|
||||
option language 'ukenglish'
|
||||
option loglevel '2'
|
||||
option logexceptionhits '2'
|
||||
option logfileformat '1'
|
||||
option loglocation '/var/log/e2guardian/access.log'
|
||||
option maxuploadsize '-1'
|
||||
option filterports '8080'
|
||||
option proxyip '127.0.0.1'
|
||||
option proxyport '3128'
|
||||
option proxytimeout '20'
|
||||
option proxyexchange '20'
|
||||
option pcontimeout '55'
|
||||
option accessdeniedaddress 'http://YOURSERVER.YOURDOMAIN/cgi-bin/e2guardian.pl'
|
||||
option usecustombannedimage 'on'
|
||||
option custombannedimagefile '/usr/share/e2guardian/transparent1x1.gif'
|
||||
option usecustombannedflash 'on'
|
||||
option custombannedflashfile '/usr/share/e2guardian/blockedflash.swf'
|
||||
option filtergroups '1'
|
||||
option filtergroupslist '/etc/e2guardian/lists/filtergroupslist'
|
||||
option bannediplist '/etc/e2guardian/lists/bannediplist'
|
||||
option exceptioniplist '/etc/e2guardian/lists/exceptioniplist'
|
||||
option perroomdirectory '/etc/e2guardian/lists/bannedrooms/'
|
||||
option showweightedfound 'on'
|
||||
option weightedphrasemode '2'
|
||||
option urlcachenumber '1000'
|
||||
option urlcacheage '900'
|
||||
option scancleancache 'on'
|
||||
option phrasefiltermode '2'
|
||||
option preservecase '0'
|
||||
option hexdecodecontent 'off'
|
||||
option forcequicksearch 'off'
|
||||
option reverseaddresslookups 'off'
|
||||
option reverseclientiplookups 'off'
|
||||
option logclienthostnames 'off'
|
||||
option createlistcachefiles 'on'
|
||||
option prefercachedlists 'off'
|
||||
option maxcontentfiltersize '256'
|
||||
option maxcontentramcachescansize '2000'
|
||||
option maxcontentfilecachescansize '20000'
|
||||
option filecachedir '/tmp'
|
||||
option deletedownloadedtempfiles 'on'
|
||||
option initialtrickledelay '20'
|
||||
option trickledelay '10'
|
||||
option downloadmanager '/etc/e2guardian/downloadmanagers/fancy.conf'
|
||||
option downloadmanager '/etc/e2guardian/downloadmanagers/default.conf'
|
||||
option contentscannertimeout '60'
|
||||
option contentscanexceptions 'off'
|
||||
option recheckreplacedurls 'off'
|
||||
option forwardedfor 'off'
|
||||
option usexforwardedfor 'off'
|
||||
option logconnectionhandlingerrors 'on'
|
||||
option logchildprocesshandling 'off'
|
||||
option maxchildren '180'
|
||||
option minchildren '20'
|
||||
option minsparechildren '16'
|
||||
option preforkchildren '10'
|
||||
option maxsparechildren '32'
|
||||
option maxagechildren '500'
|
||||
option maxips '0'
|
||||
option ipcfilename '/tmp/.dguardianipc'
|
||||
option urlipcfilename '/tmp/.dguardianurlipc'
|
||||
option ipipcfilename '/tmp/.dguardianipipc'
|
||||
option nodaemon 'off'
|
||||
option nologger 'off'
|
||||
option logadblocks 'off'
|
||||
option loguseragent 'off'
|
||||
option softrestart 'off'
|
||||
|
|
@ -1,204 +0,0 @@
|
|||
#!/bin/sh /etc/rc.common
|
||||
# Copyright (C) 2015 OpenWrt.org
|
||||
|
||||
START=90
|
||||
STOP=10
|
||||
|
||||
USE_PROCD=1
|
||||
PROG=/usr/sbin/e2guardian
|
||||
CONFIGFILE="/tmp/e2guardian/e2guardian.conf"
|
||||
LOGFILE="/tmp/e2guardian/access.log"
|
||||
GROUPCONFIG="/tmp/e2guardian/e2guardianf1.conf"
|
||||
|
||||
validate_e2guardian_section() {
|
||||
uci_load_validate e2guardian e2guardian "$1" "$2" \
|
||||
'accessdeniedaddress:string' \
|
||||
'bannediplist:string' \
|
||||
'contentscanexceptions:string' \
|
||||
'contentscanner:string' \
|
||||
'contentscannertimeout:uinteger' \
|
||||
'createlistcachefiles:string' \
|
||||
'custombannedflashfile:string' \
|
||||
'custombannedimagefile:string' \
|
||||
'deletedownloadedtempfiles:string' \
|
||||
'downloadmanager:string' \
|
||||
'exceptioniplist:string' \
|
||||
'filecachedir:string' \
|
||||
'filtergroups:uinteger' \
|
||||
'filtergroupslist:string' \
|
||||
'filterip:ipaddr' \
|
||||
'filterports:port:8080' \
|
||||
'forcequicksearch:string' \
|
||||
'forwardedfor:string' \
|
||||
'hexdecodecontent:string' \
|
||||
'initialtrickledelay:uinteger' \
|
||||
'ipcfilename:string' \
|
||||
'ipipcfilename:string' \
|
||||
'languagedir:string' \
|
||||
'language:string' \
|
||||
'logadblocks:string' \
|
||||
'logchildprocesshandling:string' \
|
||||
'logclienthostnames:string' \
|
||||
'logconnectionhandlingerrors:string' \
|
||||
'logexceptionhits:range(0,2)' \
|
||||
'logfileformat:range(1,6)' \
|
||||
'loglevel:range(0,3)' \
|
||||
'loglocation:string' \
|
||||
'loguseragent:string' \
|
||||
'maxagechildren:uinteger' \
|
||||
'maxchildren:uinteger' \
|
||||
'maxcontentfilecachescansize:uinteger' \
|
||||
'maxcontentfiltersize:uinteger' \
|
||||
'maxcontentramcachescansize:uinteger' \
|
||||
'maxips:uinteger' \
|
||||
'maxsparechildren:uinteger' \
|
||||
'maxuploadsize:integer' \
|
||||
'minchildren:uinteger' \
|
||||
'minsparechildren:uinteger' \
|
||||
'nodaemon:string' \
|
||||
'nologger:string' \
|
||||
'pcontimeout:range(5,300)' \
|
||||
'perroomdirectory:string' \
|
||||
'phrasefiltermode:range(0,3)' \
|
||||
'prefercachedlists:string' \
|
||||
'preforkchildren:uinteger' \
|
||||
'preservecase:range(0,2)' \
|
||||
'proxyexchange:range(20,300)' \
|
||||
'proxyip:ipaddr' \
|
||||
'proxyport:port:3128' \
|
||||
'proxytimeout:range(5,100)' \
|
||||
'recheckreplacedurls:string' \
|
||||
'reverseaddresslookups:string' \
|
||||
'reverseclientiplookups:string' \
|
||||
'scancleancache:string' \
|
||||
'showweightedfound:string' \
|
||||
'softrestart:string' \
|
||||
'trickledelay:uinteger' \
|
||||
'urlcacheage:uinteger' \
|
||||
'urlcachenumber:uinteger' \
|
||||
'urlipcfilename:string' \
|
||||
'usecustombannedflash:string' \
|
||||
'usecustombannedimage:string' \
|
||||
'usexforwardedfor:string' \
|
||||
'weightedphrasemode:range(0,2)'
|
||||
}
|
||||
|
||||
start_e2guardian_instance() {
|
||||
|
||||
[ "$2" = 0 ] || {
|
||||
echo "validation failed"
|
||||
return 1
|
||||
}
|
||||
|
||||
mkdir -p $(dirname $CONFIGFILE)
|
||||
chown -R nobody:nogroup $(dirname $CONFIGFILE)
|
||||
|
||||
mkdir -p $(dirname $loglocation)
|
||||
chown -R nobody:nogroup $(dirname $loglocation)
|
||||
|
||||
touch $loglocation
|
||||
chown nobody:nogroup $loglocation
|
||||
|
||||
ln -sf $loglocation $(dirname $LOGFILE)
|
||||
ln -sf /etc/e2guardian/e2guardian.conf $CONFIGFILE
|
||||
ln -sf /etc/e2guardian/e2guardianf1.conf $GROUPCONFIG
|
||||
|
||||
echo "accessdeniedaddress = " $accessdeniedaddress > $CONFIGFILE
|
||||
echo "bannediplist = " $bannediplist >> $CONFIGFILE
|
||||
|
||||
if [ "$contentscanner" != "" ]
|
||||
then
|
||||
echo "contentscanner = " $contentscanner >> $CONFIGFILE
|
||||
fi
|
||||
|
||||
echo "contentscanexceptions = " $contentscanexceptions >> $CONFIGFILE
|
||||
echo "contentscannertimeout = " $contentscannertimeout >> $CONFIGFILE
|
||||
echo "createlistcachefiles = " $createlistcachefiles >> $CONFIGFILE
|
||||
echo "custombannedflashfile = " $custombannedflashfile >> $CONFIGFILE
|
||||
echo "custombannedimagefile = " $custombannedimagefile >> $CONFIGFILE
|
||||
echo "deletedownloadedtempfiles = " $deletedownloadedtempfiles >> $CONFIGFILE
|
||||
echo "downloadmanager = " $downloadmanager >> $CONFIGFILE
|
||||
echo "exceptioniplist = " $exceptioniplist >> $CONFIGFILE
|
||||
echo "filecachedir = " $filecachedir >> $CONFIGFILE
|
||||
echo "filtergroups = " $filtergroups >> $CONFIGFILE
|
||||
echo "filtergroupslist = " $filtergroupslist >> $CONFIGFILE
|
||||
echo "filterip = " $filterip >> $CONFIGFILE
|
||||
echo "filterports = " $filterports >> $CONFIGFILE
|
||||
echo "forcequicksearch = " $forcequicksearch >> $CONFIGFILE
|
||||
echo "forwardedfor = " $forwardedfor >> $CONFIGFILE
|
||||
echo "hexdecodecontent = " $hexdecodecontent >> $CONFIGFILE
|
||||
echo "initialtrickledelay = " $initialtrickledelay >> $CONFIGFILE
|
||||
echo "ipcfilename = " $ipcfilename >> $CONFIGFILE
|
||||
echo "ipipcfilename = " $ipipcfilename >> $CONFIGFILE
|
||||
echo "language = " $language >> $CONFIGFILE
|
||||
echo "languagedir = " $languagedir >> $CONFIGFILE
|
||||
echo "logadblocks = " $logadblocks >> $CONFIGFILE
|
||||
echo "logchildprocesshandling = " $logchildprocesshandling >> $CONFIGFILE
|
||||
echo "logclienthostnames = " $logclienthostnames >> $CONFIGFILE
|
||||
echo "logconnectionhandlingerrors = " $logconnectionhandlingerrors >> $CONFIGFILE
|
||||
echo "logexceptionhits = " $logexceptionhits >> $CONFIGFILE
|
||||
echo "logfileformat = " $logfileformat >> $CONFIGFILE
|
||||
echo "loglevel = " $loglevel >> $CONFIGFILE
|
||||
echo "loglocation = " $loglocation >> $CONFIGFILE
|
||||
echo "loguseragent = " $loguseragent >> $CONFIGFILE
|
||||
echo "maxagechildren = " $maxagechildren >> $CONFIGFILE
|
||||
echo "maxchildren = " $maxchildren >> $CONFIGFILE
|
||||
echo "maxcontentfilecachescansize = " $maxcontentfilecachescansize >> $CONFIGFILE
|
||||
echo "maxcontentfiltersize = " $maxcontentfiltersize >> $CONFIGFILE
|
||||
echo "maxcontentramcachescansize = " $maxcontentramcachescansize >> $CONFIGFILE
|
||||
echo "maxips = " $maxips >> $CONFIGFILE
|
||||
echo "maxsparechildren = " $maxsparechildren >> $CONFIGFILE
|
||||
echo "maxuploadsize = " $maxuploadsize >> $CONFIGFILE
|
||||
echo "minchildren = " $minchildren >> $CONFIGFILE
|
||||
echo "minsparechildren = " $minsparechildren >> $CONFIGFILE
|
||||
echo "nodaemon = " $nodaemon >> $CONFIGFILE
|
||||
echo "nologger = " $nologger >> $CONFIGFILE
|
||||
echo "pcontimeout = " $pcontimeout >> $CONFIGFILE
|
||||
echo "perroomdirectory = " $perroomdirectory >> $CONFIGFILE
|
||||
echo "phrasefiltermode = " $phrasefiltermode >> $CONFIGFILE
|
||||
echo "prefercachedlists = " $prefercachedlists >> $CONFIGFILE
|
||||
echo "preforkchildren = " $preforkchildren >> $CONFIGFILE
|
||||
echo "preservecase = " $preservecase >> $CONFIGFILE
|
||||
echo "proxyexchange = " $proxyexchange >> $CONFIGFILE
|
||||
echo "proxyip = " $proxyip >> $CONFIGFILE
|
||||
echo "proxyport = " $proxyport >> $CONFIGFILE
|
||||
echo "proxytimeout = " $proxytimeout >> $CONFIGFILE
|
||||
echo "recheckreplacedurls = " $recheckreplacedurls >> $CONFIGFILE
|
||||
echo "reverseaddresslookups = " $reverseaddresslookups >> $CONFIGFILE
|
||||
echo "reverseclientiplookups = " $reverseclientiplookups >> $CONFIGFILE
|
||||
echo "scancleancache = " $scancleancache >> $CONFIGFILE
|
||||
echo "showweightedfound = " $showweightedfound >> $CONFIGFILE
|
||||
echo "softrestart = " $softrestart >> $CONFIGFILE
|
||||
echo "trickledelay = " $trickledelay >> $CONFIGFILE
|
||||
echo "urlcacheage = " $urlcacheage >> $CONFIGFILE
|
||||
echo "urlcachenumber = " $urlcachenumber >> $CONFIGFILE
|
||||
echo "urlipcfilename = " $urlipcfilename >> $CONFIGFILE
|
||||
echo "usecustombannedflash = " $usecustombannedflash >> $CONFIGFILE
|
||||
echo "usecustombannedimage = " $usecustombannedimage >> $CONFIGFILE
|
||||
echo "usexforwardedfor = " $usexforwardedfor >> $CONFIGFILE
|
||||
echo "weightedphrasemode = " $weightedphrasemode >> $CONFIGFILE
|
||||
|
||||
procd_open_instance
|
||||
procd_set_param command $PROG -c $CONFIGFILE
|
||||
procd_set_param file $CONFIGFILE
|
||||
procd_close_instance
|
||||
|
||||
}
|
||||
|
||||
start_service()
|
||||
{
|
||||
validate_e2guardian_section e2guardian start_e2guardian_instance
|
||||
}
|
||||
|
||||
stop_service()
|
||||
{
|
||||
PID=`cat /tmp/e2guardian/e2guardian.pid`
|
||||
kill $PID
|
||||
rm -f /tmp/e2guardian/e2guardian.pid
|
||||
}
|
||||
|
||||
service_triggers()
|
||||
{
|
||||
procd_add_reload_trigger "e2guardian"
|
||||
procd_add_validation validate_e2guardian_section
|
||||
}
|
||||
|
|
@ -1,430 +0,0 @@
|
|||
# e2guardian filter group config file for version 3.1.2
|
||||
|
||||
|
||||
# Filter group mode
|
||||
# This option determines whether members of this group have their web access
|
||||
# unfiltered, filtered, or banned.
|
||||
#
|
||||
# 0 = banned
|
||||
# 1 = filtered
|
||||
# 2 = unfiltered (exception)
|
||||
#
|
||||
# Only filter groups with a mode of 1 need to define phrase, URL, site, extension,
|
||||
# mimetype and PICS lists; in other modes, these options are ignored to conserve
|
||||
# memory.
|
||||
#
|
||||
# Defaults to 0 if unspecified.
|
||||
# Unauthenticated users are treated as being in the first filter group.
|
||||
groupmode = 1
|
||||
|
||||
# Filter group name
|
||||
# Used to fill in the -FILTERGROUP- placeholder in the HTML template file, and to
|
||||
# name the group in the access logs
|
||||
# Defaults to empty string
|
||||
#groupname = ''
|
||||
groupname = ''
|
||||
|
||||
# Content filtering files location
|
||||
bannedphraselist = '/etc/e2guardian/lists/bannedphraselist'
|
||||
weightedphraselist = '/etc/e2guardian/lists/weightedphraselist'
|
||||
exceptionphraselist = '/etc/e2guardian/lists/exceptionphraselist'
|
||||
bannedsitelist = '/etc/e2guardian/lists/bannedsitelist'
|
||||
greysitelist = '/etc/e2guardian/lists/greysitelist'
|
||||
bannedsslsitelist = '/etc/e2guardian/lists/bannedsslsitelist'
|
||||
greysslsitelist = '/etc/e2guardian/lists/greysslsitelist'
|
||||
exceptionsitelist = '/etc/e2guardian/lists/exceptionsitelist'
|
||||
bannedurllist = '/etc/e2guardian/lists/bannedurllist'
|
||||
greyurllist = '/etc/e2guardian/lists/greyurllist'
|
||||
exceptionurllist = '/etc/e2guardian/lists/exceptionurllist'
|
||||
exceptionregexpurllist = '/etc/e2guardian/lists/exceptionregexpurllist'
|
||||
bannedregexpurllist = '/etc/e2guardian/lists/bannedregexpurllist'
|
||||
picsfile = '/etc/e2guardian/lists/pics'
|
||||
contentregexplist = '/etc/e2guardian/lists/contentregexplist'
|
||||
urlregexplist = '/etc/e2guardian/lists/urlregexplist'
|
||||
refererexceptionsitelist = '/etc/e2guardian/lists/refererexceptionsitelist'
|
||||
refererexceptionurllist = '/etc/e2guardian/lists/refererexceptionurllist'
|
||||
embededreferersitelist = '/etc/e2guardian/lists/embededreferersitelist'
|
||||
embededrefererurllist = '/etc/e2guardian/lists/embededrefererurllist'
|
||||
urlredirectregexplist = '/etc/e2guardian/lists/urlredirectregexplist'
|
||||
|
||||
# local versions of lists (where LOCAL_LISTS enabled)
|
||||
#localbannedsitelist = '/etc/e2guardian/lists/localbannedsitelist'
|
||||
#localgreysitelist = '/etc/e2guardian/lists/localgreysitelist'
|
||||
#localexceptionsitelist = '/etc/e2guardian/lists/localexceptionsitelist'
|
||||
#localbannedurllist = '/etc/e2guardian/lists/localbannedurllist'
|
||||
#localgreyurllist = '/etc/e2guardian/lists/localgreyurllist'
|
||||
#localexceptionurllist = '/etc/e2guardian/lists/localexceptionurllist'
|
||||
#localbannedsslsitelist = '/etc/e2guardian/lists/localbannedsslsitelist'
|
||||
#localgreysslsitelist = '/etc/e2guardian/lists/localgreysslsitelist'
|
||||
#localbannedsearchlist = '/etc/e2guardian/lists/localbannedsearchlist'
|
||||
|
||||
!! Not compiled !! authexceptionsitelist = '/etc/e2guardian/lists/authexceptionsitelist'
|
||||
!! Not compiled !! authexceptionurllist = '/etc/e2guardian/lists/authexceptionurllist'
|
||||
|
||||
# Filetype filtering
|
||||
#
|
||||
# Allow bannedregexpurllist with grey list mode
|
||||
# bannedregexpheaderlist and bannedregexpurllist
|
||||
#
|
||||
# bannedregexwithblanketblock = off
|
||||
#
|
||||
# Blanket download blocking
|
||||
# If enabled, all files will be blocked, unless they match the
|
||||
# exceptionextensionlist or exceptionmimetypelist.
|
||||
# These lists do not override virus scanning.
|
||||
# Exception lists defined above override all types of filtering, including
|
||||
# the blanket download block.
|
||||
# Defaults to disabled.
|
||||
# (on | off)
|
||||
#
|
||||
blockdownloads = off
|
||||
exceptionextensionlist = '/etc/e2guardian/lists/exceptionextensionlist'
|
||||
exceptionmimetypelist = '/etc/e2guardian/lists/exceptionmimetypelist'
|
||||
#
|
||||
# Use the following lists to block specific kinds of file downloads.
|
||||
# The two exception lists above can be used to override these.
|
||||
#
|
||||
bannedextensionlist = '/etc/e2guardian/lists/bannedextensionlist'
|
||||
bannedmimetypelist = '/etc/e2guardian/lists/bannedmimetypelist'
|
||||
#
|
||||
# In either file filtering mode, the following list can be used to override
|
||||
# MIME type & extension blocks for particular domains & URLs (trusted download sites).
|
||||
#
|
||||
exceptionfilesitelist = '/etc/e2guardian/lists/exceptionfilesitelist'
|
||||
exceptionfileurllist = '/etc/e2guardian/lists/exceptionfileurllist'
|
||||
|
||||
# POST protection (web upload and forms)
|
||||
# does not block forms without any file upload, i.e. this is just for
|
||||
# blocking or limiting uploads
|
||||
# measured in kibibytes after MIME encoding and header bumph
|
||||
# use 0 for a complete block
|
||||
# use higher (e.g. 512 = 512Kbytes) for limiting
|
||||
# use -1 for no blocking
|
||||
#maxuploadsize = 512
|
||||
#maxuploadsize = 0
|
||||
maxuploadsize = -1
|
||||
|
||||
# Categorise without blocking:
|
||||
# Supply categorised lists here and the category string shall be logged against
|
||||
# matching requests, but matching these lists does not perform any filtering
|
||||
# action.
|
||||
#logsitelist = '/etc/e2guardian/lists/logsitelist'
|
||||
#logurllist = '/etc/e2guardian/lists/logurllist'
|
||||
#logregexpurllist = '/etc/e2guardian/lists/logregexpurllist'
|
||||
|
||||
# Outgoing HTTP header rules:
|
||||
# Optional lists for blocking based on, and modification of, outgoing HTTP
|
||||
# request headers. Format for headerregexplist is one modification rule per
|
||||
# line, similar to content/URL modifications. Format for
|
||||
# bannedregexpheaderlist is one regular expression per line, with matching
|
||||
# headers causing a request to be blocked.
|
||||
# Headers are matched/replaced on a line-by-line basis, not as a contiguous
|
||||
# block.
|
||||
# Use for example, to remove cookies or prevent certain user-agents.
|
||||
headerregexplist = '/etc/e2guardian/lists/headerregexplist'
|
||||
bannedregexpheaderlist = '/etc/e2guardian/lists/bannedregexpheaderlist'
|
||||
addheaderregexplist = '/etc/e2guardian/lists/addheaderregexplist'
|
||||
|
||||
# Weighted phrase mode
|
||||
# Optional; overrides the weightedphrasemode option in e2guardian.conf
|
||||
# for this particular group. See documentation for supported values in
|
||||
# that file.
|
||||
#weightedphrasemode = 0
|
||||
|
||||
# Naughtiness limit
|
||||
# This the limit over which the page will be blocked. Each weighted phrase is given
|
||||
# a value either positive or negative and the values added up. Phrases to do with
|
||||
# good subjects will have negative values, and bad subjects will have positive
|
||||
# values. See the weightedphraselist file for examples.
|
||||
# As a guide:
|
||||
# 50 is for young children, 100 for old children, 160 for young adults.
|
||||
naughtynesslimit = 50
|
||||
|
||||
# Search term blocking
|
||||
# Search terms can be extracted from search URLs and filtered using one or
|
||||
# both of two different methods.
|
||||
|
||||
# Method 1 is that developed by Protex where specific
|
||||
# search terms are contained in a bannedsearchlist.
|
||||
# (localbannedsearchlist and bannedsearchoveridelist can be used to suppliment
|
||||
# and overide this list as required.)
|
||||
# These lists contain banned search words combinations on each line.
|
||||
# Words are separated by '+' and must be in sorted order within a line.
|
||||
# so to block 'sexy girl' then the list must contain the line
|
||||
# girl+sexy
|
||||
# and this will block both 'sexy girl' and 'girl sexy'
|
||||
# To use this method, the searchregexplist must be enabled and the bannedsearchlist(s) defined
|
||||
|
||||
# Method 2 is uses the
|
||||
# bannedphraselist, weightedphraselist and exceptionphraselist, with a separate
|
||||
# threshold for blocking than that used for normal page content.
|
||||
# To do this, the searchregexplist must be enabled and searchtermlimit
|
||||
# must be grater than 0.
|
||||
|
||||
#
|
||||
# Search engine regular expression list (need for both options)
|
||||
# List of regular expressions for matching search engine URLs. It is assumed
|
||||
# that the search terms themselves will be contained in the
|
||||
# of output of each expression.
|
||||
#searchregexplist = '/etc/e2guardian/lists/searchregexplist'
|
||||
#
|
||||
# Banned Search Term list(s) for option 1
|
||||
#bannedsearchlist = '/etc/e2guardian/lists/bannedsearchlist'
|
||||
#bannedsearchoveridelist = '/etc/e2guardian/lists/bannedsearchoveridelist'
|
||||
|
||||
|
||||
# Search term limit (for Option 2)
|
||||
# The limit over which requests will be blocked for containing search terms
|
||||
# which match the weightedphraselist. This should usually be lower than the
|
||||
# 'naughtynesslimit' value above, because the amount of text being filtered
|
||||
# is only a few words, rather than a whole page.
|
||||
# This option must be uncommented if searchregexplist is uncommented.
|
||||
# A value of 0 here indicates that search terms should be extracted,
|
||||
# but no phrase filtering should be performed on the resulting text.
|
||||
#searchtermlimit = 0
|
||||
#
|
||||
# Search term phrase lists (for Option 2)
|
||||
# If the three lines below are uncommented, search term blocking will use
|
||||
# the banned, weighted & exception phrases from these lists, instead of using
|
||||
# the same phrase lists as for page content. This is optional but recommended,
|
||||
# as weights for individual phrases in the "normal" lists may not be
|
||||
# appropriate for blocking when those phrases appear in a much smaller block
|
||||
# of text.
|
||||
# Please note that all or none of the below should be uncommented, not a
|
||||
# mixture.
|
||||
#bannedsearchtermlist = '/etc/e2guardian/lists/bannedsearchtermlist'
|
||||
#weightedsearchtermlist = '/etc/e2guardian/lists/weightedsearchtermlist'
|
||||
#exceptionsearchtermlist = '/etc/e2guardian/lists/exceptionsearchtermlist'
|
||||
|
||||
# Category display threshold
|
||||
# This option only applies to pages blocked by weighted phrase filtering.
|
||||
# Defines the minimum score that must be accumulated within a particular
|
||||
# category in order for it to show up on the block pages' category list.
|
||||
# All categories under which the page scores positively will be logged; those
|
||||
# that were not displayed to the user appear in brackets.
|
||||
#
|
||||
# -1 = display only the highest scoring category
|
||||
# 0 = display all categories (default)
|
||||
# > 0 = minimum score for a category to be displayed
|
||||
categorydisplaythreshold = 0
|
||||
|
||||
# Embedded URL weighting
|
||||
# When set to something greater than zero, this option causes URLs embedded within a
|
||||
# page's HTML (from links, image tags, etc.) to be extracted and checked against the
|
||||
# bannedsitelist and bannedurllist. Each link to a banned page causes the amount set
|
||||
# here to be added to the page's weighting.
|
||||
# The behaviour of this option with regards to multiple occurrences of a site/URL is
|
||||
# affected by the weightedphrasemode setting.
|
||||
#
|
||||
# NB: Currently, this feature uses regular expressions that require the PCRE library.
|
||||
# As such, it is only available if you compiled DansGuardian with '--enable-pcre=yes'.
|
||||
# You can check compile-time options by running 'e2guardian -v'.
|
||||
#
|
||||
# Set to 0 to disable.
|
||||
# Defaults to 0.
|
||||
# WARNING: This option is highly CPU intensive!
|
||||
embeddedurlweight = 0
|
||||
|
||||
# Enable PICS rating support
|
||||
#
|
||||
# Defaults to disabled
|
||||
# (on | off)
|
||||
enablepics = off
|
||||
|
||||
# Temporary Denied Page Bypass
|
||||
# This provides a link on the denied page to bypass the ban for a few minutes. To be
|
||||
# secure it uses a random hashed secret generated at daemon startup. You define the
|
||||
# number of seconds the bypass will function for before the deny will appear again.
|
||||
# To allow the link on the denied page to appear you will need to edit the template.html
|
||||
# or e2guardian.pl file for your language.
|
||||
# 300 = enable for 5 minutes
|
||||
# 0 = disable ( defaults to 0 )
|
||||
# -1 = enable but you require a separate program/CGI to generate a valid link
|
||||
bypass = 0
|
||||
|
||||
# Temporary Denied Page Bypass Secret Key
|
||||
# Rather than generating a random key you can specify one. It must be more than 8 chars.
|
||||
# '' = generate a random one (recommended and default)
|
||||
# 'Mary had a little lamb.' = an example
|
||||
# '76b42abc1cd0fdcaf6e943dcbc93b826' = an example
|
||||
bypasskey = ''
|
||||
|
||||
# Infection/Scan Error Bypass
|
||||
# Similar to the 'bypass' setting, but specifically for bypassing files scanned and found
|
||||
# to be infected, or files that trigger scanner errors - for example, archive types with
|
||||
# recognised but unsupported compression schemes, or corrupt archives.
|
||||
# The option specifies the number of seconds for which the bypass link will be valid.
|
||||
# 300 = enable for 5 minutes
|
||||
# 0 = disable (default)
|
||||
# -1 = enable, but require a separate program/CGI to generate a valid link
|
||||
infectionbypass = 0
|
||||
|
||||
# Infection/Scan Error Bypass Secret Key
|
||||
# Same as the 'bypasskey' option, but used for infection bypass mode.
|
||||
infectionbypasskey = ''
|
||||
|
||||
# Infection/Scan Error Bypass on Scan Errors Only
|
||||
# Enable this option to allow infectionbypass links only when virus scanning fails,
|
||||
# not when a file is found to contain a virus.
|
||||
# on = enable (default and highly recommended)
|
||||
# off = disable
|
||||
infectionbypasserrorsonly = on
|
||||
|
||||
# Disable content scanning
|
||||
# If you enable this option you will disable content scanning for this group.
|
||||
# Content scanning primarily is AV scanning (if enabled) but could include
|
||||
# other types.
|
||||
# (on|off) default = off.
|
||||
disablecontentscan = off
|
||||
|
||||
# Enable Deep URL Analysis
|
||||
# When enabled, DG looks for URLs within URLs, checking against the bannedsitelist and
|
||||
# bannedurllist. This can be used, for example, to block images originating from banned
|
||||
# sites from appearing in Google Images search results, as the original URLs are
|
||||
# embedded in the thumbnail GET requests.
|
||||
# (on|off) default = off
|
||||
deepurlanalysis = off
|
||||
|
||||
# reportinglevel
|
||||
#
|
||||
# -1 = log, but do not block - Stealth mode
|
||||
# 0 = just say 'Access Denied'
|
||||
# 1 = report why but not what denied phrase
|
||||
# 2 = report fully
|
||||
# 3 = use HTML template file (accessdeniedaddress ignored) - recommended
|
||||
#
|
||||
# If defined, this overrides the global setting in e2guardian.conf for
|
||||
# members of this filter group.
|
||||
#
|
||||
reportinglevel = 3
|
||||
|
||||
# accessdeniedaddress is the address of your web server to which the cgi
|
||||
# e2guardian reporting script was copied. Only used in reporting levels
|
||||
# 1 and 2.
|
||||
#
|
||||
# This webserver must be either:
|
||||
# 1. Non-proxied. Either a machine on the local network, or listed as an
|
||||
# exception in your browser's proxy configuration.
|
||||
# 2. Added to the exceptionsitelist. Option 1 is preferable; this option is
|
||||
# only for users using both transparent proxying and a non-local server
|
||||
# to host this script.
|
||||
#
|
||||
# If defined, this overrides the global setting in e2guardian.conf for
|
||||
# members of this filter group.
|
||||
#
|
||||
#accessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/cgi-bin/e2guardian.pl'
|
||||
|
||||
# sslaccessdeniedaddress is the address of your web server to which the static page
|
||||
# e2guardian reporting was copied. Only used in reporting levels 3 (avoid blank page)
|
||||
# Work only in firefox with ssldeniedrewrite off
|
||||
|
||||
# sslaccessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/denyssl.htm'
|
||||
|
||||
# Break SSL protocol and redirect to another HTTPS website for denied page (sslaccessdeniedaddress url)
|
||||
|
||||
#ssldeniedrewrite = 'on'
|
||||
|
||||
# HTML Template override
|
||||
# If defined, this specifies a custom HTML template file for members of this
|
||||
# filter group, overriding the global setting in e2guardian.conf. This is
|
||||
# only used in reporting level 3.
|
||||
#
|
||||
# The default template file path is <languagedir>/<language>/template.h
|
||||
# e.g. /share/e2guardian/languages/ukenglish/template.html when using 'ukenglish'
|
||||
# language.
|
||||
#
|
||||
# This option generates a file path of the form:
|
||||
# <languagedir>/<language>/<htmltemplate>
|
||||
# e.g. /share/e2guardian/languages/ukenglish/custom.html
|
||||
#
|
||||
#htmltemplate = 'custom.html'
|
||||
|
||||
# Non standard delimiter (only used with accessdeniedaddress)
|
||||
# To help preserve the full banned URL, including parameters, the variables
|
||||
# passed into the access denied CGI are separated using non-standard
|
||||
# delimiters. This can be useful to ensure correct operation of the filter
|
||||
# bypass modes. Parameters are split using "::" in place of "&", and "==" in
|
||||
# place of "=".
|
||||
# Default is enabled, but to go back to the standard mode, disable it.
|
||||
|
||||
#nonstandarddelimiter = off
|
||||
|
||||
# Email reporting - original patch by J. Gauthier
|
||||
|
||||
# Use SMTP
|
||||
# If on, will enable system wide events to be reported by email.
|
||||
# need to configure mail program (see 'mailer' in global config)
|
||||
# and email recipients
|
||||
# default usesmtp = off
|
||||
#!! Not compiled !!usesmtp = off
|
||||
|
||||
# mailfrom
|
||||
# who the email would come from
|
||||
# example: mailfrom = 'e2guardian@mycompany.com'
|
||||
#!! Not compiled !!mailfrom = ''
|
||||
|
||||
# avadmin
|
||||
# who the virus emails go to (if notify av is on)
|
||||
# example: avadmin = 'admin@mycompany.com'
|
||||
#!! Not compiled !!avadmin = ''
|
||||
|
||||
# contentdmin
|
||||
# who the content emails go to (when thresholds are exceeded)
|
||||
# and contentnotify is on
|
||||
# example: contentadmin = 'admin@mycompany.com'
|
||||
#!! Not compiled !!contentadmin = ''
|
||||
|
||||
# avsubject
|
||||
# Subject of the email sent when a virus is caught.
|
||||
# only applicable if notifyav is on
|
||||
# default avsubject = 'e2guardian virus block'
|
||||
#!! Not compiled !!avsubject = 'e2guardian virus block'
|
||||
|
||||
# content
|
||||
# Subject of the email sent when violation thresholds are exceeded
|
||||
# default contentsubject = 'e2guardian violation'
|
||||
#!! Not compiled !!contentsubject = 'e2guardian violation'
|
||||
|
||||
# notifyAV
|
||||
# This will send a notification, if usesmtp/notifyav is on, any time an
|
||||
# infection is found.
|
||||
# Important: If this option is off, viruses will still be recorded like a
|
||||
# content infraction.
|
||||
#!! Not compiled !!notifyav = off
|
||||
|
||||
# notifycontent
|
||||
# This will send a notification, if usesmtp is on, based on thresholds
|
||||
# below
|
||||
#!! Not compiled !!notifycontent = off
|
||||
|
||||
# thresholdbyuser
|
||||
# results are only predictable with user authenticated configs
|
||||
# if enabled the violation/threshold count is kept track of by the user
|
||||
#!! Not compiled !!thresholdbyuser = off
|
||||
|
||||
#violations
|
||||
# number of violations before notification
|
||||
# setting to 0 will never trigger a notification
|
||||
#!! Not compiled !!violations = 0
|
||||
|
||||
#threshold
|
||||
# this is in seconds. If 'violations' occur in 'threshold' seconds, then
|
||||
# a notification is made.
|
||||
# if this is set to 0, then whenever the set number of violations are made a
|
||||
# notifaction will be sent.
|
||||
#!! Not compiled !!threshold = 0
|
||||
|
||||
#SSL certificate checking
|
||||
# Check that ssl certificates for servers on https connections are valid
|
||||
# and signed by a ca in the configured path
|
||||
sslcertcheck = off
|
||||
|
||||
#SSL man in the middle
|
||||
# Forge ssl certificates for all non-exception sites, decrypt the data then re encrypt it
|
||||
# using a different private key. Used to filter ssl sites
|
||||
sslmitm = off
|
||||
|
||||
#Limit SSL MITM to sites in greysslsitelist(s)
|
||||
# ignored if sslmitm is off
|
||||
# SSL sites not matching greysslsitelist will be treat as if sslmitm is off.
|
||||
onlymitmsslgrey = off
|
||||
Loading…
Reference in a new issue