Thursday, July 29, 2010

Dansguardian Ubuntu Linux Install how-to

If you are installing to a piece of hardware, skip the first step.

Install Ubuntu in a VM (can also be on physical machine)

Install SSH, Squid cache, and DansGuardian

  • make appropriate changes to the APT sources file
  • vi /etc/apt/sources.list
  • comment out the line starting with 'deb cdrom'
  • uncomment the bottom two lines with 'universe' at the end
  • apt-get update - after making changes to the sources.list file, you need to run update for apt-get to start using those sources
  • apt-get install ssh squid dansguardian - install openssh (optional, for remote administration), Squid cache, and DansGuardian

Configure DansGuardian

  • vi /etc/dansguardian/dansguardian.conf
  • comment out the UNCONFIGURED line
  • change the variable 'virusscan' to off - I'll do instructions soon on how to finish configuring clamav for use with DansGuardian

Add ports to firewall

  • Add ports to firewall - this part is optional, but highly recommended. There are many ways to do this, this was just my preferred way
  • copy the following to the file /etc/network/if-up.d/iptables-config 
  #!/bin/bash
 iptables -F
 # set the default policy for each of the pre-defined chains
 iptables -P INPUT ACCEPT
 iptables -P OUTPUT ACCEPT
 iptables -P FORWARD DROP
 iptables -A INPUT -i lo -j ACCEPT
 iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
 # to allow incoming SSH and Proxy
 iptables -A INPUT -p tcp --dport 22 -j ACCEPT
 iptables -A INPUT -m state --state NEW -p tcp -m tcp -s 127.0.0.1 --dport 3128 -j ACCEPT
 iptables -A INPUT -m state --state NEW -p tcp -m tcp --dport 8080 -j ACCEPT
 # drop everything else
 iptables -A INPUT -i eth+ -p udp -j DROP
 iptables -A INPUT -i eth+ -p tcp -m tcp --syn -j DROP
  • chmod +x /etc/network/if-up.d/iptables-config - makes the iptables-config script executable

Enable SSH, DansGuardian, and Squid cache on system startup

update-rc.d ssh defaults
update-rc.d squid defaults
update-rc.d dansguardian defaults

Restart the daemons

  • /etc/init.d/networking restart - restarts the networking components to firewall changes take effect
  • /etc/init.d/squid restart - restarts the squid daemons
  • /etc/init.d/dansguardian restart - restarts the DansGuardian daemons
Done
from the source: http://www.kathmannlabs.net/mediawiki/index.php/Dansguardian_Ubuntu_Linux_Install_how-to
Posted by at No comments:

Dansguardian Content Filtering With Transparent Proxy On Ubuntu

This summary is not available. Please click here to view the post.
Posted by at No comments:
Subscribe to: Posts (Atom)