Sendo que o squid esta ativo e funcionando:
- Código: Selecionar todos
WEBADMIN_PORT='8181'
SSH_PORT='22'
ADMIN_AUTH='xxxxx'
DNSSERVER='yes'
HOSTNAME='brazilfw'
DNS1=''
DNS2=''
PERSIST_LOG='no'
TIME_ZONE='25,-3:00'
CACHE_DISK='yes'
USE_QOS='no'
DHCP_SERVER='yes'
DHCP_DEFAULT_LEASE='7200'
DHCP_DNS1=''
DHCP_DNS2=''
IPUPDATE='no'
IPUPDATE_REFRESH='600'
USE_MAC_CONTROL='yes'
CERTIFICATE_ISSUED_TO=''
EXTERNAL_PING='yes'
ENABLE_MYSQL='no'
ARP_SCAN_RETRY='1'
ARP_SCAN_TIMEOUT='250'
KEYBOARD=''
DNSFREECHOICE='yes'
USE_RESTRICTION_FILE='no'
SHOW_LINK_USAGE='no'
DMZ=''
BANDWIDTH_RESERVATION='2'
- Código: Selecionar todos
MAXIMUM_OBJECT_SIZE=''
MAXIMUM_OBJECT_SIZE_MEMORY=''
MAXIMUM_CACHE_SIZE=''
MAXIMUM_RAM_CACHE_SIZE=''
WEB_CONTENT_FILTER='no'
SQUID_REPORT='sarg'
SARG_LONG_URL='no'
SARG_GRAPHS='no'
REPORT_DELETE_AFTER_DAYS='0'
CACHE_LOG='no'
TPROXY='no'
HIDE_PROXY='no'
Danguardianf1.conf
- Código: Selecionar todos
# DansGuardian filter group config file for version 2.10
# Filter group mode
# This option determines whether members of this group have their web access
# unfiltered, filtered, or banned. This mechanism replaces the "banneduserlist"
# and "exceptionuserlist" files from previous versions.
#
# 0 = banned
# 1 = filtered
# 2 = unfiltered (exception)
#
# Only filter groups with a mode of 1 need to define phrase, URL, site, extension,
# mimetype and PICS lists; in other modes, these options are ignored to conserve
# memory.
#
# Defaults to 0 if unspecified.
# Unauthenticated users are treated as being in the first filter group.
groupmode = 1
# Filter group name
# Used to fill in the -FILTERGROUP- placeholder in the HTML template file, and to
# name the group in the access logs
# Defaults to empty string
#groupname = ''
# Content filtering files location
bannedphraselist = '/etc/brazilfw/dansguardian/lists/bannedphraselist'
weightedphraselist = '/etc/brazilfw/dansguardian/lists/weightedphraselist'
exceptionphraselist = '/etc/brazilfw/dansguardian/lists/exceptionphraselist'
bannedsitelist = '/etc/brazilfw/dansguardian/lists/bannedsitelist'
greysitelist = '/etc/brazilfw/dansguardian/lists/greysitelist'
exceptionsitelist = '/etc/brazilfw/dansguardian/lists/exceptionsitelist'
bannedurllist = '/etc/brazilfw/dansguardian/lists/bannedurllist'
greyurllist = '/etc/brazilfw/dansguardian/lists/greyurllist'
exceptionurllist = '/etc/brazilfw/dansguardian/lists/exceptionurllist'
exceptionregexpurllist = '/etc/brazilfw/dansguardian/lists/exceptionregexpurllist'
bannedregexpurllist = '/etc/brazilfw/dansguardian/lists/bannedregexpurllist'
picsfile = '/etc/brazilfw/dansguardian/lists/pics'
contentregexplist = '/etc/brazilfw/dansguardian/lists/contentregexplist'
urlregexplist = '/etc/brazilfw/dansguardian/lists/urlregexplist'
# Filetype filtering
#
# Blanket download blocking
# If enabled, all files will be blocked, unless they match the
# exceptionextensionlist or exceptionmimetypelist.
# These lists do not override virus scanning.
# Exception lists defined above override all types of filtering, including
# the blanket download block.
# Defaults to disabled.
# (on | off)
#
blockdownloads = off
exceptionextensionlist = '/etc/brazilfw/dansguardian/lists/exceptionextensionlist'
exceptionmimetypelist = '/etc/brazilfw/dansguardian/lists/exceptionmimetypelist'
#
# Use the following lists to block specific kinds of file downloads.
# The two exception lists above can be used to override these.
#
bannedextensionlist = '/etc/brazilfw/dansguardian/lists/bannedextensionlist'
bannedmimetypelist = '/etc/brazilfw/dansguardian/lists/bannedmimetypelist'
#
# In either file filtering mode, the following list can be used to override
# MIME type & extension blocks for particular domains & URLs (trusted download sites).
#
exceptionfilesitelist = '/etc/brazilfw/dansguardian/lists/exceptionfilesitelist'
exceptionfileurllist = '/etc/brazilfw/dansguardian/lists/exceptionfileurllist'
# Categorise without blocking:
# Supply categorised lists here and the category string shall be logged against
# matching requests, but matching these lists does not perform any filtering
# action.
#logsitelist = '/etc/brazilfw/dansguardian/lists/logsitelist'
#logurllist = '/etc/brazilfw/dansguardian/lists/logurllist'
#logregexpurllist = '/etc/brazilfw/dansguardian/lists/logregexpurllist'
# Outgoing HTTP header rules:
# Optional lists for blocking based on, and modification of, outgoing HTTP
# request headers. Format for headerregexplist is one modification rule per
# line, similar to content/URL modifications. Format for
# bannedregexpheaderlist is one regular expression per line, with matching
# headers causing a request to be blocked.
# Headers are matched/replaced on a line-by-line basis, not as a contiguous
# block.
# Use for example, to remove cookies or prevent certain user-agents.
headerregexplist = '/etc/brazilfw/dansguardian/lists/headerregexplist'
bannedregexpheaderlist = '/etc/brazilfw/dansguardian/lists/bannedregexpheaderlist'
# Naughtyness limit
# This the limit over which the page will be blocked. Each weighted phrase is given
# a value either positive or negative and the values added up. Phrases to do with
# good subjects will have negative values, and bad subjects will have positive
# values. See the weightedphraselist file for examples.
# As a guide:
# 50 is for young children, 100 for old children, 160 for young adults.
naughtynesslimit = 50
# Category display threshold
# This option only applies to pages blocked by weighted phrase filtering.
# Defines the minimum score that must be accumulated within a particular
# category in order for it to show up on the block pages' category list.
# All categories under which the page scores positively will be logged; those
# that were not displayed to the user appear in brackets.
#
# -1 = display only the highest scoring category
# 0 = display all categories (default)
# > 0 = minimum score for a category to be displayed
categorydisplaythreshold = 0
# Embedded URL weighting
# When set to something greater than zero, this option causes URLs embedded within a
# page's HTML (from links, image tags, etc.) to be extracted and checked against the
# bannedsitelist and bannedurllist. Each link to a banned page causes the amount set
# here to be added to the page's weighting.
# The behaviour of this option with regards to multiple occurrences of a site/URL is
# affected by the weightedphrasemode setting.
#
# NB: Currently, this feature uses regular expressions that require the PCRE library.
# As such, it is only available if you compiled DansGuardian with '--enable-pcre=yes'.
# You can check compile-time options by running 'dansguardian -v'.
#
# Set to 0 to disable.
# Defaults to 0.
# WARNING: This option is highly CPU intensive!
embeddedurlweight = 0
# Enable PICS rating support
#
# Defaults to disabled
# (on | off)
enablepics = off
# Temporary Denied Page Bypass
# This provides a link on the denied page to bypass the ban for a few minutes. To be
# secure it uses a random hashed secret generated at daemon startup. You define the
# number of seconds the bypass will function for before the deny will appear again.
# To allow the link on the denied page to appear you will need to edit the template.html
# or dansguardian.pl file for your language.
# 300 = enable for 5 minutes
# 0 = disable ( defaults to 0 )
# -1 = enable but you require a separate program/CGI to generate a valid link
bypass = 0
# Temporary Denied Page Bypass Secret Key
# Rather than generating a random key you can specify one. It must be more than 8 chars.
# '' = generate a random one (recommended and default)
# 'Mary had a little lamb.' = an example
# '76b42abc1cd0fdcaf6e943dcbc93b826' = an example
#
# Please note: manually entered keys are converted to all lowercase before use.
#
bypasskey = ''
# Infection/Scan Error Bypass
# Similar to the 'bypass' setting, but specifically for bypassing files scanned and found
# to be infected, or files that trigger scanner errors - for example, archive types with
# recognised but unsupported compression schemes, or corrupt archives.
# The option specifies the number of seconds for which the bypass link will be valid.
# 300 = enable for 5 minutes
# 0 = disable (default)
# -1 = enable, but require a separate program/CGI to generate a valid link
infectionbypass = 0
# Infection/Scan Error Bypass Secret Key
# Same as the 'bypasskey' option, but used for infection bypass mode.
infectionbypasskey = ''
# Infection/Scan Error Bypass on Scan Errors Only
# Enable this option to allow infectionbypass links only when virus scanning fails,
# not when a file is found to contain a virus.
# on = enable (default and highly recommended)
# off = disable
infectionbypasserrorsonly = on
# Disable content scanning
# If you enable this option you will disable content scanning for this group.
# Content scanning primarily is AV scanning (if enabled) but could include
# other types.
# (on|off) default = off.
disablecontentscan = off
# Enable Deep URL Analysis
# When enabled, DG looks for URLs within URLs, checking against the bannedsitelist and
# bannedurllist. This can be used, for example, to block images originating from banned
# sites from appearing in Google Images search results, as the original URLs are
# embedded in the thumbnail GET requests.
# (on|off) default = off
deepurlanalysis = off
# reportinglevel
#
# -1 = log, but do not block - Stealth mode
# 0 = just say 'Access Denied'
# 1 = report why but not what denied phrase
# 2 = report fully
# 3 = use HTML template file (accessdeniedaddress ignored) - recommended
#
# If defined, this overrides the global setting in dansguardian.conf for
# members of this filter group.
#
#reportinglevel = 3
# accessdeniedaddress is the address of your web server to which the cgi
# dansguardian reporting script was copied. Only used in reporting levels
# 1 and 2.
#
# This webserver must be either:
# 1. Non-proxied. Either a machine on the local network, or listed as an
# exception in your browser's proxy configuration.
# 2. Added to the exceptionsitelist. Option 1 is preferable; this option is
# only for users using both transparent proxying and a non-local server
# to host this script.
#
# If defined, this overrides the global setting in dansguardian.conf for
# members of this filter group.
#
#accessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/cgi-bin/dansguardian.pl'
# HTML Template override
# If defined, this specifies a custom HTML template file for members of this
# filter group, overriding the global setting in dansguardian.conf. This is
# only used in reporting level 3.
#
# The default template file path is <languagedir>/<language>/template.html
# e.g. /usr/local/share/dansguardian/languages/ukenglish/template.html when using 'ukenglish'
# language.
#
# This option generates a file path of the form:
# <languagedir>/<language>/<htmltemplate>
# e.g. /usr/local/share/dansguardian/languages/ukenglish/custom.html
#
#htmltemplate = 'custom.html'
# Email reporting - original patch by J. Gauthier
# Use SMTP
# If on, will enable system wide events to be reported by email.
# need to configure mail program (see 'mailer' in global config)
# and email recipients
# default usesmtp = off
#!! Not compiled !!usesmtp = off
# mailfrom
# who the email would come from
# example: mailfrom = 'dansguardian@mycompany.com'
#!! Not compiled !!mailfrom = ''
# avadmin
# who the virus emails go to (if notify av is on)
# example: avadmin = 'admin@mycompany.com'
#!! Not compiled !!avadmin = ''
# contentdmin
# who the content emails go to (when thresholds are exceeded)
# and contentnotify is on
# example: contentadmin = 'admin@mycompany.com'
#!! Not compiled !!contentadmin = ''
# avsubject
# Subject of the email sent when a virus is caught.
# only applicable if notifyav is on
# default avsubject = 'dansguardian virus block'
#!! Not compiled !!avsubject = 'dansguardian virus block'
# content
# Subject of the email sent when violation thresholds are exceeded
# default contentsubject = 'dansguardian violation'
#!! Not compiled !!contentsubject = 'dansguardian violation'
# notifyAV
# This will send a notification, if usesmtp/notifyav is on, any time an
# infection is found.
# Important: If this option is off, viruses will still be recorded like a
# content infraction.
#!! Not compiled !!notifyav = off
# notifycontent
# This will send a notification, if usesmtp is on, based on thresholds
# below
#!! Not compiled !!notifycontent = off
# thresholdbyuser
# results are only predictable with user authenticated configs
# if enabled the violation/threshold count is kept track of by the user
#!! Not compiled !!thresholdbyuser = off
#violations
# number of violations before notification
# setting to 0 will never trigger a notification
#!! Not compiled !!violations = 0
#threshold
# this is in seconds. If 'violations' occur in 'threshold' seconds, then
# a notification is made.
# if this is set to 0, then whenever the set number of violations are made a
# notifaction will be sent.
#!! Not compiled !!threshold = 0
Danguardian.conf
- Código: Selecionar todos
reportinglevel = 3
languagedir = '/etc/brazilfw/dansguardian/languages'
language = 'ptbrazilian'
loglevel = 2
logexceptionhits = 2
logfileformat = 3
loglocation = '/partition/squid/logs/access.log'
filterip =
filterport = 3128
proxyip = 127.0.0.1
proxyport = 3129
usecustombannedimage = on
custombannedimagefile = '/usr/local/dansguardian/transparent1x1.gif'
filtergroups = 1
filtergroupslist = '/etc/brazilfw/dansguardian/filtergroupslist'
bannediplist = '/etc/brazilfw/dansguardian/bannediplist'
exceptioniplist = '/etc/brazilfw/dansguardian/exceptioniplist'
showweightedfound = off
weightedphrasemode = 0
urlcachenumber = 1000
urlcacheage = 900
scancleancache = off
phrasefiltermode = 2
preservecase = 0
hexdecodecontent = off
forcequicksearch = off
reverseaddresslookups = off
reverseclientiplookups = off
logclienthostnames = off
createlistcachefiles = on
maxuploadsize = -1
maxcontentfiltersize = 256
maxcontentramcachescansize = 2000
maxcontentfilecachescansize = 20000
filecachedir = '/tmp'
deletedownloadedtempfiles = on
initialtrickledelay = 20
trickledelay = 10
downloadmanager = '/etc/brazilfw/dansguardian/downloadmanagers/default.conf'
authplugin = '/etc/brazilfw/dansguardian/authplugins/ip.conf'
contentscannertimeout = 60
contentscanexceptions = off
recheckreplacedurls = off
forwardedfor = off
usexforwardedfor = off
logconnectionhandlingerrors = on
logchildprocesshandling = off
maxchildren = 120
minchildren = 8
minsparechildren = 4
preforkchildren = 6
maxsparechildren = 32
maxagechildren = 500
maxips = 0
ipcfilename = '/tmp/.dguardianipc'
urlipcfilename = '/tmp/.dguardianurlipc'
ipipcfilename = '/tmp/.dguardianipipc'
pidfilename = '/var/run/dansguardian.pid'
nodaemon = off
nologger = off
logadblocks = off
loguseragent = off
daemonuser = 'squid'
daemongroup = 'squid'
softrestart = off