To achieve filtering for a users web browsing to protect minors from undesirable content while allowing adult users to entertain themselves as they see fit in the home environment.
Solution
Install Squid and DansGuardian from the Synaptic Package Manager
Squid Configuration
Edit the squid configuration file with
sudo nano /etc/squid/squid.conf
setup who is allowed access to the proxy. Find the http_access section. Uncomment these 2 lines and add your network allocations.
acl our_networks src 192.168.1.0/24 192.168.2.0/24
http_access allow our_networks
Open /etc/resolvconf and make a note of the IP address.
You need to add a dns_nameservers entry to squid.conf from IP address /data found in /etc/resolvconf
Save & Exit
DansGuardian Configuration
Edit the dansguardian configuration file with
sudo nano /etc/dansguardian/dansguardian.conf
Comment out the UNCONFIGURED line
#UNCONFIGURED
Check that the following are set:
filterport = 8080
proxyip = 127.0.0.1
proxyport = 3128
Find the Auth plugins section and uncomment
authplugin = '/etc/dansguardian/authplugins/ident.conf'
Filter Groups
We now are going to set up 2 groups the first group will be for children using the default filter settings and the second group will be for adults.
Copy /etc/dansguardian/dansguardianf1.conf
rename the copy dansguardianf2.conf
We now need to edit dansguardianf2.conf
Find
# Defaults to 0 if unspecified.
# Unauthenticated users are treated as being in the first filter group.
groupmode = 1
The default group is filtered. Change the value in the group mode to the corresponding groupmode value to 2 for unfiltered for adult users.
Save & Exit
Now we need to identify users for the two user groups. If a users is not defined Dansguardian will implement the default filters in dansguardianf1.conf thus will we only add adult usernames.
Edit the file filtergroupslist located in /etc/dansguardian or /etc/dansguardian/lists
add the users to use the adult filter dansguardianf2.conf
example
dad=filter2
mom=filter2
Save & Exit
Authentication of Users In Order That Group Filters Can Be Applied
Via the Synaptic Package Manager install
Ident2
Open a console and enter sudo ident2
Firewall Configuration
In this case we are going to use Firestarter, which is available from the Synaptic Package Manager.
Go to the tab Policy > Select Inbound traffic policy
Add the service port 113
You may need to add service ports for squid 3128 and dansguardian 8080
Final Setting Up
Set your web browser to use 127.0.0.1 and port 8080 to use the proxy.
Alternatively use Preferences > Network Proxy > Manual Proxy Configuration
Instalation complete.
No comments:
Post a Comment