After configuring the Squid proxy, You can install and configure Dansguardian.
Dansguardian is an add-on for squid. DG is having lots of list files to which we can add and remove entries easily. No need to write complicated ACL rules in squid.
DG acts as a filter point before the squid. We have to configure two things in DG. A filter port and filter IP. The web request will be hitting this port first. Then only it'll goto squid.
The data flows is as shown below.
From web browser request will hit iptables rules first. Then the DG and then Squid.
Installation:
The package can be downloaded from site dansguardian.org.Before installation check whether all the pre-requisites are met.
Pre-requisistes
- gcc
- rpm-build
- kernel-devel
- pcre – [perl compatible regular expressions] , pcre-devel
Steps:
Download the package from dansguardian.org
Extract the package:
#tar zxvf dansguardian-2.10.0.3.tar.gz
Change Directory:
#cd dansguardian-2.10.0.3
Configure the software:
We are going to install the DG in the location /usr/local/dans
#./configure --prefix=/usr/local/dans
Compile:
#make
Install:
#make install
Installation is over. Now we can see four directories created under /usr/local/dans/
etc - configuration files
sbin - deamons
share - language and display settings
var - log files
Edit the configuation file:
#vi /usr/local/dans/etc/dansguardian/dansguardian.conf
filterip = 192.168.0.21
filterport = 9999
proxyip = 192.168.0.21
proxyport = 8080
Give the proper permissions and ownership:
#chown -R root:squid /usr/local/dans/var/log/dansguardian/
#chmod -R 777 /usr/local/dans/var/log/dansguardian/
Now start the server.
# /usr/local/dans/sbin/dansguardian
Change the proxy IP & Port in browser to filter IP and Port
Important files:
#cd /usr/local/dans/etc/dansguardian/lists/
All the files in this directory are the Access control files..
For example:
in bannedsitelist if you add youtube.com, and restart the DG as below
# /usr/local/dans/sbin/dansguardian -Q
You can no more access youtube.com
in bannedphraselist if you add and restart the DG
Then you can no more view any page which contains the word football.
Use and syntax is explained with each and every file in lists.
No comments:
Post a Comment