howto: squid and dansguardian with dapper
this is a howto i wrote awhile back for ubuntu 6.06 dapper drake. squid is a web caching proxy that reduces bandwidth usage while speeding up the websites you visit frequently. dansguardian is a web content filter that is used to block porn and other offensive web content. put both of these together and your family will have a very powerful and secure web surfing experience.
original howto on ubuntuforums.org
This howto guide was created to describe setting up a Squid Proxy/DansGuardian server using Ubuntu 6.06 LTS installed with the LAMP server option. This guide assumes the user has previous knowledge of installing a LAMP server using Ubuntu and will not be covered. While each program may have a multitude of options to configure, this guide will show you how to configure the basics to get a server started.
Installing Apache
Start off by ensuring Apache Web Server is installed, if not, install it using this command
sudo aptitude install apache2
Setting a Static IP Address
Now make sure that you have a static IP address
sudo nano /etc/network/interfaces
And change the following (bold) to match your network
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.1.2
netmask 255.255.255.0
gateway 192.168.1.1Press ctrl + x to exit, yes to save, and enter to keep the same file name. After saving the file, you must now restart the networking process
sudo /etc/init.d/networking restart
Installing and Configuring Squid
Next install the Squid Proxy Server
sudo aptitude install squid
If you want to change the default port that squid listens on [3128], change the http_port tag using nano, making a backup copy first
sudo cp /etc/squid/squid.conf /etc/squid/squid.conf_backup
sudo nano /etc/squid/squid.confOK, now we’ll setup who is allowed access to the proxy. Find the http_access section (should start around line 1860) Uncomment these 2 lines and add your network allocations
acl our_networks src 192.168.1.0/24 192.168.2.0/24
http_access allow our_networksOptional = if you get a startup error ‘FATAL: Could not determine fully qualified hostname. Please set visible_hostname’ you will also need to modify the visible_hostname tag
visible_hostname localhost
Save the file and close nano.
Installing and Configuring DansGuardian
To install DansGuardian, use the following command
sudo aptitude install dansguardian
Once the package is installed, edit the following lines in the conf file to match, this will set DansGuardian to do basic filtering and use Squid as its proxy server.
# UNCONFIGURED
filterip =
filterport = 8080
proxyip = 127.0.0.1
proxyport = 3128To configure banned/exception sites based on either phrases, ip addresses, urls, mime type, etc… you would need to edit one of the following files using nano. All files are located in /etc/dansguardian/
bannedextensionlist
bannediplist
bannedmimetypelist
bannedphraselist
bannedregexpurllist
bannedsitelist
bannedurllist
banneduserlistexceptioniplist
exceptionphraselist
exceptionsitelist
exceptionurllist
exceptionuserlist
exceptionvirusextensionlist
exceptionvirusmimetypelist
exceptionvirussitelist
exceptionvirusurllistRestarting Squid and DansGuardian
Whenever a file is edited, it is good practice to restart both Squid and DansGuardian services by using the following commands
sudo /etc/init.d/dansguardian stop
sudo /etc/init.d/squid stop
sudo /etc/init.d/squid start
sudo /etc/init.d/dansguardian start
ps –e | grep dansguardian ## to see if the service is runningNow that Squid and DansGuardian are configured, test it by setting up your browser to use the proxy server with port 8080. A site that is blocked by default in DansGuardian is www.porn.com, if you get a page redirect then you’re good to go.
Again, this howto assumes that you know how to install a LAMP server yourself. There are far more features that can be configured using Squid/DG, but they are beyond the scope of this howto. I hope this helps everyone and please note, I am no where near an expert on this subject. Safe surfing!
this is fine