Dansguardian is efficient, even mostly out-of-the-box web content filtering to protect from the filth flowing on the internet. On Ubuntu Linux (which rocks), do:
sudo apt-get install dansguardian tinyproxy firehol
Configure /etc/dansguardian/dansguardian.conf – at least you will have to comment the line saying UNCONFIGURED (but please do check out the other options in the file, they’re not hard), and then:
sudo dpkg-reconfigure dansguardian
should get you started – now you just need to set your web browsers to use the proxy on localhost at port 8080. If you want to make it more
script kiddie proof, read on.
UPDATE: To stop anyone on your computer from going to dirty pages, it is perhaps the easiest to use FireHOL so you can avoid most of the iptables headaches. To force unconfigured browsers to use dansguardian: In /etc/firehol/firehol.conf you will need
transparent_squid 8080 "proxy root"
(note that squid/tinyproxy runs as username proxy in Ubuntu – and probably in Debian, too). Also, you will have to allow at least access to the outside world in FireHOL:
interface any world policy drop protection strong client all accept
To stop people from using just squid/tinyproxy as a proxy, thus again bypassing dansguardian, you will need to add the following in the beginning of your /etc/firehol/firehol.conf.
iptables -t filter -I OUTPUT -d 127.0.0.1 -p tcp --dport 3128 -m owner ! --uid-owner dansguardian -j DROP
(Thanks to Costa Tsaousis at FireHOL help forums. Also note: dansguardian runs as user dansguardian on Ubuntu.)
Now that the programme is installed, change the following 4 lines in /etc/tinyproxy/tinyproxy.conf User root Group root Port 3128 ViaProxyName “tinyproxy”
Squid was much slower than tinyproxy for me. Still, if you choose to use Squid instead of tinyproxy, I understand that you need to set up Squid as an intercepting proxy, so see those instructions as well.
An additional tip: to make dansguardian, tinyproxy, squid or firehol reread their configuration files, I found it easiest to say
sudo /etc/init.d/PROGRAMNAME restart
There’s good documentation on the dansguardian site, and as a last resort feel free to ask me help in the installation, though I’m no expert. You might also try the FireHOL help forum for any filtering-specific questions, which I’m a novice at. Also, please comment. I must have forgotten a step or two. 🙂
This howto is in the public domain. Feel free to copy or modify.
Original posting and comments are at the personal site.