|
Updated 24 APR 08
Blacklists can be very important:
They help control bandwidth.
They lessen risk of spyware and malware.
They speed up browsing - killing ads and such.
They let a parent relax -a little- when their child goes online.
With Internet Caching already turned on via Squid, a Magnia user just needs to find a HELPER PROGRAM that will work with their system. I tried SquidGuard, but couldn't get it to work (BerkleyDB), and it was SLOW.
URLfilterDB was my next choice, and I got it working. I don't do automatic updates of my Blacklists, but I am happy with the results.
You can download the files from the download section, and give it a try yourself.
Here are step-by-step instructions for installation:
Install bzip2-devel-1.0.2-2.i386.rpm via
WebMin->System->Software Packages->From uploaded file
Use WebMin->Others->File Manager to upload ufdbGuard-1.15.tar.gz to
/usr/local/src
Use Telnet to log on (telnetuser,
defaultpassword):
# su -
# (defaultpassword)
# cd /usr/local/src
# tar xzf ufdbGuard-1.15.tar.gz
# cd ufdbGuard-1.15
# ./configure --prefix=/usr/libexec/URLfilterDB --with-bz2=/usr/bin
# cd src
# make
# make install
Use WebMin->Others->File Manager to upload blacklists.gz to
/usr/libexec/URLfilterDB
Use Telnet:
# cd /usr/libexec/URLfilterDB
# tar xzf blacklists.gz
Use WebMin->Others->File Manager to upload urlfilterdb to
/etc/rc.d/init.d
Highlight file and use INFO to change settings to:
Octal 0755
User & Group should be root
Use WebMin->Others->File Manager to upload ufdbGuard.conf to
/usr/libexec/URLfilterDB/etc
(you could rename existing file to ufdbGuard.conf.bak first)
EDIT ufdbGuard.conf and change ip to your subnet (if necessary):
# define local subnet source
### EDIT FOR LOCAL CONFIGURATION:
src allSystems {
ip 192.168.1.0/24
}
Then navigate to /usr/libexec and highlight URLfilterDB and use
INFO to change settings to:
Octal 2755
User & Group should be squid
Files inherit group
This directory and all subdirectories
Use Telnet:
# chkconfig urlfilterdb --add
# chkconfig urlfilterdb on
# for i in 1 2 3 4 5 6; do ls /etc/rc.d/rc$i.d/*url*; done
That line should give you this output:
/etc/rc.d/rc1.d/K01urlfilterdb@
/etc/rc.d/rc2.d/S99urlfilterdb@
/etc/rc.d/rc3.d/S99urlfilterdb@
/etc/rc.d/rc4.d/S99urlfilterdb@
/etc/rc.d/rc5.d/S99urlfilterdb@
/etc/rc.d/rc6.d/K01urlfilterdb@
Use WebMin->System->Bootup and Shutdown
There will be several ufdb entries at the bottom, click on each one
(the new screen will tell you it will only work at a certain run level) and delete.
Use WebMin->Others->File Manager to edit /etc/squid/squid.conf
Find and change the following area:
# TAG: redirect_program
# Specify the location of the executable for the URL redirector.
# Since they can perform almost any function there isn't one included.
# See the Release-Notes for information on how to write one.
# By default, a redirector is not used.
#
#redirect_program none
redirect_program /usr/libexec/URLfilterDB/bin/ufdbgclient -l /usr/libexec/URLfilterDB/logs
# TAG: redirect_children
# The number of redirector processes to spawn. If you start
# too few Squid will have to wait for them to process a backlog of
# URLs, slowing it down. If you start too many they will use RAM
# and other system resources.
#
#redirect_children 5
redirect_children 4
/sa2/templates/etc/squid/squid.conf/10base needs the same changes as well, or your next admin (8282) change will wipe out above entries.
Now we're ready to start the services:
Use WebMin->System->Bootup and Shutdown, find urlfilterdb, and
Start Now
You can then Return to action, set Start at boot time? to
Yes, and Save
Use WebMin->Servers->Squid Proxy Server and click on
Apply Changes or Apply Configuration
You should be working now.
Open a new Browser window and try to go to 123banners.com, if you get a forbidden screen you're set!
You can see how things are going by using WebMin->System->System Logs to view the log.
Set the configuration like so:
The entry is ONE line that wrapped!
It's /usr/libexec/URLfilterDB/logs/ufdbguardd.log
URLfilterDB Status & Block Log
Then go look at the log:
Now you'll want to change what's blocked...
Goto WebMin->WebMin Configuration->WebMin Modules
Install From: From uploaded file
browse to urlfilterdb.wbm.gz then click on
Install Module.
You now have a WebMin interface for
URLfilterDB under Servers.
The manual in pdf format is in the module.
When a URL is blocked that you didn't want blocked -
Note the category, or check the log to ascertain category.
Goto WebMin->Servers->URLfilterDB->Domain Control Lists and select appropriate category.
Type part of domain in search field for domains (ie: tried mail.yahoo.com so type
yahoo) and click
search.
Select the appropriate domain, and delete. Repeat if necessary - check URLs as well.
Compile database.
Restart URLfilterDB.
You may need to 'refresh' your browser.
You can manually edit the domains and urls files in
/usr/libexec/URLfilterDB/blacklists and add/remove items.
After doing so you must re-create the database file from Telnet with the following command
syntax:
# cd /usr/libexec/URLfilterDB/bin
# ./ufdbGenTable -n -C -t CATEGORY -d
/usr/libexec/URLfilterDB/blacklists/CATEGORY/domains -u
/usr/libexec/URLfilterDB/blacklists/CATEGORY/urls
where CATEGORY is the directory name you changed the
domains and urls file in.
(if you don't have a urls file for a category, don't enter anything from the -u on)
-OR- just use the Compile button in the WebMin module... much easier!
Then you must go to either WebMin->Servers->URLfilterDB->Restart
Now
-or- WebMin->System->Bootup and Shutdown and restart
urlfilterdb.
|
