Installed server iso of Ubuntu 16.04.
Set server networking to static IP.
# sudo vi /etc/network/interfaces
<edit the settings>
# reboot
Updated server software to latest:
# sudo su
< enter password>
# apt-get update
# apt-get upgrade
Installed squid:
# apt-get install squid
Download or copy E2Guardian to server:
# cd /home/myloginid/
# mkdir tmp
# cd tmp
With FileZilla, copied e2guarding_3.4.0.3_wheezy-jessie_amd64.deb to server to tmp folder just created.
# dpkg -i e2guardian_3.4.0.3_wheezy-jessie_amd64.deb
Note: It will install w/dependency issues ( libtommath0 ), and not be configured. Fix with below command:
# apt-get install -f
Enable the service to start w/system:
# systemctl enable e2guardian
Open the firewall:
# ufw allow 8080
# ufw allow from 192.168.99.0/24 to any port 22
At this point the filter is now functioning. Try it out by updating the proxy settings on your Mac or PC for HTTP and HTTPS requests to go through your new filter.
Notes:
URL Blackslists: /etc/e2guardian/lists/
- bannedextensionlist
- bannediplist
- bannedphraselist
- bannedsitelist (blocked sites by domains for ALL of a site)
- bannedurllist (blocked site URLs for PART of a site)
- exceptionlist (whitelist, overrides ALL lists)
- greysitelist (overrides the banned lists - other filtering still is in effect (extensions, downloads, etc.)
Optional:
Make Google and Youtube Safer:
Update the urlregexplist file:
# cd /etc/e2guardian/lists
# vi urlregexplist
<make updates, save>
# service e2guardian restart
URLRegExpList:
# Redirect SSL Google to Safesearch Google
"^https://www(\.google\..*)"->https://forcesafesearch.google.com
SSLSiteRegexplist:
# Enforce restricted mode in YouTube
"(^https://www.youtube.com)"->"https:// restrictmoderate.youtube.com"
"(^https://m.youtube.com)"->"https:// restrictmoderate.youtube.com"
"(^https://youtubei.googleapis.com)"->"https:// restrictmoderate.youtube.com"
"(^https://youtube.googleapis.com)"->"https:// restrictmoderate.youtube.com"
"(^https://www.youtube-nocookie.com)"->"https:// restrictmoderate.youtube.com"
Note:
You can uncomment the lines in the file for various search engines (e.g. Google).
You can add your own regex code at the bottom, of course.
Make ONE change at a time, restart the e2guardian service, and test. That way if you hose the lists, you know exactly what to undo w/o troubleshooting logs.
Google:
"(^http://[0-9a-z]+\.google\.[a-z]+[-/%.0-9a-z]*/images\?)"->"\1safe=vss&"
"(^http://[0-9a-z]+\.google\.[a-z]+[-/%.0-9a-z]*/search\?)"->"\1safe=vss&"
"(^http://[0-9a-z]+\.google\.[a-z]+[-/%.0-9a-z]*/s\?)"->"\1safe=vss&"
You can also use DNS. If you create a local (intranet) DNS override for www.google.com and google.com as a CNAME for forcesavesearch.google.com (216.239.38.120).
Install Webmin...
# vi /etc/apt/sources.list
Add the following lines:
deb http://download.webmin.com/download/repository sarge contrib
deb http://webmin.mirror.somersettechsolutions.co.uk/repository sarge contrib
Save and quit: <wq>
Update the repository and perform the installation:
# apt-get update
# apt-get install webmin
Note: Part of the install just looks like it is hanging. It may be "stuck" there for a couple minutes. If you look at the server activity, you will see that memory and CPU are fluctuating.
Update the firewall:
# ufw allow 10000
Test:
https://myserver.mydomain.local:10000
Login w/myadminid and its password
Add the DansGuardian webmin module.
Webmin (main menu) --> Webmin Config --> Webmin Modules --> Upload method --> <select file and upload>
Now update the module config
Servers (main menu) --> DansGuardian Web Content --> On the warning line, select module config link.
Update the following:
Full path to DG config directory: /etc/e2guardian/
Full path to DG pid file: /var/run/e2guardian.pid
Full path to DG binary: /usr/sbin/e2guardian
Full path to DG log directory: /var/log/e2guardian
Full path to DG messages file: < don't know what to change in this one ? >
Command to restart DG: /etc/rc.d/init.d/e2guardian restart
Command to start DG: /etc/rc.d/init.d/e2guardian start
Command to stop DG: /etc/rc.d/init.d/e2guardian stop
Click Save.
Now create a link for the e2guardian.conf:
ln -s /etc/e2guardian/e2guardian.conf /etc/e2guardian/dansguardian.conf
Note:
The webmin module still warns that the version of DansGuardian is too new.
The analyze log files doesn't work. There a diff patch, but mine didn't fix this problem. Therefore, I just updated the webmin conf paths for DansGuardian to e2guardian, and went with that.
previous page
|