--- dansguardian-2.10.1.1.orig/debian/postinst +++ dansguardian-2.10.1.1/debian/postinst @@ -0,0 +1,35 @@ +#! /bin/sh -e + +if ! id -u dansguardian > /dev/null 2>&1 ; then + adduser --system --group \ + --disabled-login \ + --gecos "DansGuardian User" \ + --home /var/log/dansguardian \ + --shell /bin/sh \ + dansguardian +fi + +dguser=`grep daemonuser /etc/dansguardian/dansguardian.conf|grep -v '^\ *#' \ + |awk -F = '{print $2}'|tr -d \ \'` + +dggroup=`grep daemongroup /etc/dansguardian/dansguardian.conf|grep -v '^\ *#' \ + |awk -F = '{print $2}'|tr -d \ \'` + +logdir=`grep loglocation /etc/dansguardian/dansguardian.conf|grep -v '^\ *#' \ + |awk -F = '{print $2}'|tr -d \ \'|xargs -r dirname 2>/dev/null` + +echo "$logdir" +test -z "$dguser" && dguser=dansguardian +test -z "$dggroup" && dggroup=dansguardian +test -z "$logdir" && logdir=/var/log/dansguardian + +chown -R $dguser:$dggroup $logdir +chmod -R u+wr $logdir +chmod u+wrx $logdir + +init_failed () +{ + echo "WARNING: Starting dansguardian failed. Please check your configuration." +} + +#DEBHELPER# --- dansguardian-2.10.1.1.orig/debian/control +++ dansguardian-2.10.1.1/debian/control @@ -0,0 +1,29 @@ +Source: dansguardian +Section: web +Priority: optional +Maintainer: Ubuntu Developers +XSBC-Original-Maintainer: Alexander Wirt +Build-Depends: debhelper (>= 8), zlib1g-dev, autotools-dev, dpatch, libclamav-dev (>= 0.90), libpcre3-dev, dh-autoreconf +Standards-Version: 3.9.2 +Vcs-Browser: https://github.com/formorer/pkg-dansguardian +Vcs-Git: git://github.com/formorer/pkg-dansguardian.git + +Package: dansguardian +Architecture: any +Depends: ${shlibs:Depends}, perl, adduser, clamav (>= 0.80), ${misc:Depends} +Suggests: squid, clamav-freshclam +Description: Web content filtering + DansGuardian filters the content of pages based on many methods + including phrase matching, PICS filtering and URL filtering. It does + not purely filter based on a banned list of sites. + . + It provides real-time virus scanning capabilities for content access. + . + DansGuardian is designed to be completely flexible and allows you to tailor + the filtering to your exact needs. It can be as draconian or as + unobstructive as you want. The default settings are geared towards what a + primary school might want but DansGuardian puts you in control of what you + want to block. + . + DansGuardian requires squid or another similar caching proxy server + on your local network. --- dansguardian-2.10.1.1.orig/debian/dansguardian.logrotate +++ dansguardian-2.10.1.1/debian/dansguardian.logrotate @@ -0,0 +1,10 @@ +/var/log/dansguardian/access.log { + rotate 5 + daily + prerotate + /etc/init.d/dansguardian stop > /dev/null 2>&1 || true + endscript + postrotate + /etc/init.d/dansguardian start > /dev/null 2>&1 + endscript +} --- dansguardian-2.10.1.1.orig/debian/README.source +++ dansguardian-2.10.1.1/debian/README.source @@ -0,0 +1,2 @@ +I use dpatch for patch handling inside the dansguardian package. Please see +/usr/share/doc/dpatch/README.source.gz (if you have installed dpatch) for documentation about dpatch. --- dansguardian-2.10.1.1.orig/debian/preinst +++ dansguardian-2.10.1.1/debian/preinst @@ -0,0 +1,145 @@ +#! /bin/sh +# preinst script for dansguardian +# +# see: dh_installdeb(1) + +set -e + +# Prepare to move a conffile without triggering a dpkg question +# (stolen from debian wiki) +prep_mv_conffile() { + PKGNAME="$1" + CONFFILE="$2" + if [ -e "$CONFFILE" ]; then + md5sum="$(md5sum "$CONFFILE" | sed -e 's/ .*//')" + old_md5sum="$(dpkg-query -W -f='${Conffiles}' $PKGNAME | sed -n -e "\\' ${CONFFILE} '{s/ obsolete$//;s/.* //p}")" + if [ "$md5sum" = "$old_md5sum" ]; then + echo "rm $CONFFILE" + rm -f "$CONFFILE" + fi + fi +} + +rm_conffile() { + PKGNAME="$1" + CONFFILE="$2" + if [ -e "$CONFFILE" ]; then + md5sum="$(md5sum "$CONFFILE" | sed -e 's/ .*//')" + old_md5sum="$(dpkg-query -W -f='${Conffiles}' $PKGNAME | sed -n -e "\\' $CONFFILE'{s/ obsolete$//;s/.* //p}")" + if [ "$md5sum" != "$old_md5sum" ]; then + echo "Obsolete conffile $CONFFILE has been modified by you." + echo "Saving as $CONFFILE.dpkg-bak ..." + mv -f "$CONFFILE" "$CONFFILE".dpkg-bak + else + echo "Removing obsolete conffile $CONFFILE ..." + rm -f "$CONFFILE" + fi + fi +} + +# summary of how this script can be called: +# * `install' +# * `install' +# * `upgrade' +# * `abort-upgrade' + +case "$1" in + install|upgrade) + if dpkg --compare-versions "$2" le "dansguardian_2.8.0.6-antivirus-6.4.4.1-4"; then + prep_mv_conffile dansguardian "/etc/dansguardian/bannedextensionlist" + prep_mv_conffile dansguardian "/etc/dansguardian/bannediplist" + prep_mv_conffile dansguardian "/etc/dansguardian/bannedmimetypelist" + prep_mv_conffile dansguardian "/etc/dansguardian/bannedphraselist" + prep_mv_conffile dansguardian "/etc/dansguardian/bannedregexpurllist" + prep_mv_conffile dansguardian "/etc/dansguardian/bannedsitelist" + prep_mv_conffile dansguardian "/etc/dansguardian/bannedurllist" + prep_mv_conffile dansguardian "/etc/dansguardian/banneduserlist" + prep_mv_conffile dansguardian "/etc/dansguardian/contentregexplist" + prep_mv_conffile dansguardian "/etc/dansguardian/exceptioniplist" + prep_mv_conffile dansguardian "/etc/dansguardian/exceptionphraselist" + prep_mv_conffile dansguardian "/etc/dansguardian/exceptionsitelist" + prep_mv_conffile dansguardian "/etc/dansguardian/exceptionurllist" + prep_mv_conffile dansguardian "/etc/dansguardian/exceptionuserlist" + prep_mv_conffile dansguardian "/etc/dansguardian/exceptionvirusextensionlist" + prep_mv_conffile dansguardian "/etc/dansguardian/exceptionvirusmimetypelist" + prep_mv_conffile dansguardian "/etc/dansguardian/exceptionvirussitelist" + prep_mv_conffile dansguardian "/etc/dansguardian/exceptionvirusurllist" + prep_mv_conffile dansguardian "/etc/dansguardian/filtergroupslist" + prep_mv_conffile dansguardian "/etc/dansguardian/greysitelist" + prep_mv_conffile dansguardian "/etc/dansguardian/greyurllist" + prep_mv_conffile dansguardian "/etc/dansguardian/pics" + prep_mv_conffile dansguardian "/etc/dansguardian/weightedphraselist" + + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/badwords/weighted_dutch" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/badwords/weighted_french" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/badwords/weighted_german" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/badwords/weighted_portuguese" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/badwords/weighted_spanish" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/chat/weighted" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/chat/weighted_italian" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/drugadvocacy/weighted" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/gambling/banned" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/gambling/banned_portuguese" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/gambling/weighted" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/gambling/weighted_portuguese" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/games/weighted" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/goodphrases/exception" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/goodphrases/exception_email" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/goodphrases/weighted_general" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/goodphrases/weighted_general_danish" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/goodphrases/weighted_general_portuguese" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/goodphrases/weighted_news" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/googlesearches/banned" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/gore/weighted" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/gore/weighted_portuguese" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/illegaldrugs/banned" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/illegaldrugs/banned_portuguese" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/illegaldrugs/weighted" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/illegaldrugs/weighted_portuguese" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/intolerance/banned_portuguese" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/intolerance/weighted" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/intolerance/weighted_portuguese" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/legaldrugs/weighted" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/malware/weighted" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/news/weighted" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/nudism/weighted" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/peer2peer/weighted" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/personals/weighted" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/personals/weighted_portuguese" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/pornography/banned" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/pornography/banned_portuguese" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/pornography/weighted" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/pornography/weighted_danish" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/pornography/weighted_dutch" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/pornography/weighted_french" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/pornography/weighted_german" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/pornography/weighted_italian" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/pornography/weighted_portuguese" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/pornography/weighted_spanish" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/proxies/weighted" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/sport/weighted" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/violence/weighted" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/violence/weighted_portuguese" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/warezhacking/weighted" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/weapons/weighted" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/weapons/weighted_portuguese" + prep_mv_conffile dansguardian "/etc/dansguardian/phraselists/webmail/weighted" + + #this is now in /usr/share where is belongs to + rm_conffile dansguardian "/etc/dansguardian/transparent1x1.gif" + #this was dgav specific + rm_conffile dansguardian "/etc/dansguardian/dlmgrextensionlist" + #this is now handled by authplugins itself... no replacement + rm_conffile dansguardian "/etc/dansguardian/banneduserlist" + rm_conffile dansguardian "/etc/dansguardian/exceptionuserlist" + fi + ;; + abort-upgrade) + ;; + *) + echo "preinst called with unknown argument \`$1'" >&2 + exit 0 + ;; +esac + +#DEBHELPER# --- dansguardian-2.10.1.1.orig/debian/detailedinstallation2.html +++ dansguardian-2.10.1.1/debian/detailedinstallation2.html @@ -0,0 +1,477 @@ + + +DansGuardian Detailed Installation Guide + + + + +

DansGuardian 2.2.x Detailed Installation Guide

+

Tue 26th March 2002 - Draft 4a +

Originally by Daniel Barron, modified by GB +

Contents

+ +

 

+

Overview

This is not a HOWTO. This document is an attempt at detailed installation instructions for +DansGuardian 2.2.x. If you just want +to get DansGuardian up and running as quickly as possible, you might want to +read the brief +installation guide. +

 

+

Prerequisites

You must already be running a fairly recent +distribution of Linux, FreeBSD, OpenBSD, Solaris or SuSE. You +also need to have squid running and configured on port 3128. +

DansGuardian is a filtering pass-through that sits between the client browser +and the Squid proxy. It listens on port 8080 and connects to squid on port 3128. +So you must have no other daemon running already using port 8080. +

You will need a web server. Apache (httpd) that comes with RedHat 6.2 is +absolutely perfect and you would be hard pushed to find a better web server. The +server is used to display a cgi perl script that gives the user notification of +an 'Access Denied'. +

You will need the standard development tools installed such as +glibc, + autoconf, + gcc and make. Debian users will also require zlib1g-dev. +The default Redhat 6.2 +installation and most others come with these installed so you don't need to +worry about them. +

Most of the time during this work you will need to be logged on as root. A +more experienced user will be able to determine when, however for most people - +stay logged on as root for the entirety. +

Make sure you have all of the above installed and working before you +continue. +

 

+

Collecting what you need

+

Obviously, you need DansGuardian. You can download it from here: DansGuardian, +or from the US mirror site. +

It is recommended that you download and install from the source as this +is always the most up to date.  However, packages are available for some +distributions. For the purpose of these instructions, we shall be installing +from the source.

+

 

+

Installation and compilation

+

If you just want to quickly get on with the installation and avoid all this +detail, don't forget you can simply follow the brief installation guide. + +

1. Download DansGuardian-2.2.*.source.tar.gz into a temporary area, and +untar with a tar -zxpf.  This will create the subdirectory +DansGuardian-2.2.*.

DansGuardian uses gnu autoconf, auto-generating the +Makefile with the "configure" script.

2. cd into this new directory. Run the configure +script with the help option (./configure --help) to see the user +selectable settings (see table below).

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+

option

+ 		+

description

+ 		+

default value

+

bindir

where the binary gets placed/usr/sbin/

sysconfdir

where the config and data files gets placed/etc/dansguardian/

sysvdir

where the startup script gets placed/etc/rc.d/init.d/

cgidir

where the cgi-bin dir is located/home/httpd/cgi-bin/

mandir

where the man docs get placed/usr/man/

logdir

 where the logs get place/var/log/dansguardian/

runas_usr

the system user the daemon runs asnobody

runas_grp

the system group the daemon runs asnobody

piddir

where the pid file gets placed/var/run/
+

3. Run configure with the appropriate options. For examples, see +section  Example +Configure Scripts below.

+

RedHat 6.2 and 7.0 users can run +configure with the default +settings. RedHat 7.1 and 7.2 will have to change their cgidir option. Solaris, +OpenBSD and FreeBSD will have to set just about all settings.
+

4. Edit the Makefile and verify that all the settings are correct. If not, re-run the configure script. +If you don't understand Makefiles, skip this step.
+
+5. Run make to build DansGuardian (gmake for Solaris).
+
+6. Run make install to create the directory structure, install all the files in the chosen +paths and set permissions as appropriate.
+
+7. Doing a make clean will remove the now un-needed binaries etc.
+
+8. When a page is denied, DansGuardian redirects to a cgi perl script on your web server to report to the user. This makes it easy to customise the message. This server does not need to be the same machine as the DansGuardian filter server, however if it is not local you will need to amend or comment out the perl script copying line in the Makefile.

+To configure the address of your web server that will display the access denied perl +script, edit the accessdeniedaddress within dansguardian.conf (see sysconfdir +above).  For further +configuration options, see the Options +section. +

+

9. The last thing that we need to do is configure the log rotation. Log rotation +ensures that the filesystem does not fill up with a huge log file. Most daemons that log such as httpd and squid rotate their +logs once a week. With DansGuardian, there are five log files: access.log, access.log.1, +access.log.2 ... and so on up to 4.  Once a week, +the oldest of the five log files is deleted, and the remaining logs' names are +incremented by one, and a new access.log is created. The +Makefile copies a log rotation script to the configuration directory. We need to +schedule this script to run once a week, so (as root) do a crontab -e and enter the +following: 

59 23 * * sat /etc/dansguardian/logrotation
+
+

Then save. This will schedule it for 23:59 every Saturday. Of course you can + schedule the log rotation differently or edit the script to your own liking. +

+

DansGuardian is now ready to go. You can start it by just running the binary +(ie just type dansguardian and hit return). You can stop it with a dansguardian +-q. Or you can use the SysV(-like) script provided. Run a dansguardian +-h to see other command line options available.
+
+

Example Configure Scripts

+

Here +are some examples of options for the configure script for different +distributions:

FreeBSD
+A standard configure script that should work, provided you have installed FreeBSD and the associated programs in their default locations.
+
+ ./configure --cgidir=/usr/local/www/cgi-bin/ \
+--sysconfdir=/usr/local/etc/dansguardian/ \
+--sysvdir=/usr/local/etc/rc.d/ \
+--bindir=/usr/local/sbin/ \
+--mandir=/usr/local/man/
+
+OpenBSD
+A standard configure script that should work, provided you have installed OpenBSD and the associated programs in their default locations.
+
+ ./configure --cgidir=/var/www/cgi-bin/ \
+ --sysconfdir=/usr/local/etc/dansguardian/ \
+ --sysvdir=/usr/local/etc/rc.d/ \
+ --bindir=/usr/sbin/ \
+ --mandir=/usr/share/man/

RedHat 6.2/7.0
+It is safe to run the configure (./configure) script with the defaults.
+
+RedHat 7.1/7.2
+ ./configure --sysconfdir=/usr/local/etc/dansguardian/ \
+ --sysvdir=/etc/rc.d/init.d/ \
+ --cgidir=/var/www/cgi-bin/
+
+Mandrake 7.2
+ ./configure --mandir=/usr/share/man/
+
+Mandrake 8/8.1
+ ./configure --mandir=/usr/share/man/ \
+ --cgidir=/var/www/cgi-bin/
+
+The system user 'squid' might be also appropriate rather than 'nobody' when configuring your +system's +"runas" option.

SuSE 7.2
+ ./configure --runas_grp=nogroup \
+ --cgidir=/usr/local/httpd/cgi-bin/
+
+SuSE 7.3
+ ./configure --runas_grp=nogroup \
+ --cgidir=/usr/local/httpd/cgi-bin/ \
+ --sysvdir=/etc/init.d/
+

Solaris
+Only Solaris 8 (7/01) has been tested. DansGuardian requires the GNU version of make (gmake), and GCC version 2.95.3 (3.01 +may work but is as yet untested and not recommended).
+
+Both gmake and GCC 2.95.3 are included with the OS on the "Companion CD", and are usually installed in +/opt/sfw/bin. To ensure these are in your path, simply do (in csh; bash syntax is different):
+
+ setenv PATH /opt/sfw/bin\:$PATH
+
+To configure and compile, do:
+ ./configure --bindir=/opt/dansguardian/sbin/ \
+ --sysconfdir=/opt/dansguardian/etc/ \
+ --sysvdir=/etc/init.d/ \
+ --cgidir=/var/apache/cgi-bin/ \
+ --mandir=/opt/dansguardian/man/ \
+--logdir=/opt/dansguardian/log/
+
+
+

+

Further customisation - configuration +options

DansGuardian is highly configurable. The source code is provided +so you have the ultimate in configurability, although most people will be content with +modifying the configuration files. If you do modify the source code +please send what you've done to Daniel. +

After you have modified any configuration file, to apply the changes you will +need to restart DansGuardian. To do this run the sysv script with the restart +option.  For example, for RedHat type the following in a terminal: +

/etc/rc.d/init.d/dansguardian restart +

or for OpenBSD:

/usr/local/etc/rc.d/dansguardian.sh restart +

Alternatively, run a dansguardian -q followed by a dansguardian. +

There is one main configuration file, several banned lists and an exception +list. These are all explained below: +

exceptionsitelist

This contains a list of domain endings that if found +in the requested URL, DansGuardian will not filter the page. Note that you +should not put the httpd:// or the www. at the beginning of the +entries. +

exceptioniplist

This contains a list of client IPs who you want to +bypass the filtering. For example, the network administrator's computer's IP. +

+exceptionuserlist

+

Usernames who will not be filtered (basic authentication or ident must be enabled). +

bannedphraselist

This contains a list of banned phrases. The phrases +must be enclosed between < and >. DansGuardian is supplied with an example +list. You can not use phrases such as <sex> as this will block sites such +as Middlesex University. The phrases can contain spaces. Use them to your +advantage. This is the most useful part of DansGuardian and will catch more +pages than PICS and URL filtering put together. +

Combinations of phrases can also be used, +which if they are all found in a page, it is blocked. +

bannedmimetypelist

This contains a list of banned MIME-types. If a URL +request returns a MIME-type that is in this list, DansGuardian will block it. +DansGuardian comes with some example MIME-types to deny. This is a good way of +blocking inappropriate movies for example. It is obviously unwise to ban the +MIME-types text/html or image/*. +

bannedextensionlist

This contains a list of banned file extensions. If a +URL ends in an extension that is in this list, DansGuardian will block it. +DansGuardian comes with some example file extensions to deny. This is a good way +of blocking kiddies from downloading those lovely screen savers and hacking +tools. You are a fool if you ban the file extension .html, or .jpg etc. +

+bannedregexpurllist

+

+This contains a list of banned regular expression URLs.  For more +information on regular expressions, click here. +

+bannedsitelist

+

This file contains a list of banned sites.  Entering a domain name here +bans the entire site.  For banning specific parts of a site, see +bannedurllist. Also, you can have a blanket ban all sites except those +specifically excluded in exceptionsitelist. You can also block sites specified +only as an IP address, and include a stock squidGuard blacklists collection. To +enable these blacklists, download them from the extras section here. +Simply put them somewhere appropriate, un-comment the squidGuard blacklists collection +lines at the bottom of the bannedsitelist file, and check the paths are correct. +For URL blacklists, edit the bannedurllist in a similar way. +

+bannedurllist

+

This allows you to block specific parts of a site rather than the whole +site.  To block an entire site, see bannedsitelist. To enable squidGuard +blacklists for URLs, you will need to download the blacklists and edit the squidGuard blacklists collection +section at the bottom (as for bannedsitelist above). +

pics

This file allows you to finely tune the PICS filtering. Each +PICS section comes with a description of the allowed settings and what they +represent. The default settings with DansGuardian are set for youngish children, +for example mild profanities and artistic nudity are allowed. +

For more detailed information on PICS ratings, click here.

+

ICRA

+

The ICRA section is fairly self-explanatory.  A value of 0 means nothing +of that category is allowed, whereas a value of 1 allows it. For example,

+

ICRAnudityartistic = 1

+

allows nude art. For more in-depth information see here.

+

RSAC 

+

RSAC is an older version of ICRA. The values here range from 0 meaning none +allowed, through 2 (the default value), to 4, which allows wanton and gratuitous +amounts of the given category. For more in-depth information see here.

+

evaluWEB

+

evaluWEB rating uses a system similar to the British Film classification +system:

+

0 = U (Universal, ie. suitable for even the youngest viewer)

+

1 = PG (Parental Guidance recommended)

+

2 = 18 (Only suitable for viewers aged 18 and over)
+

+

SafeSurf

+

Similar to RSAC, but containing a larger range of categories with the range +from 0 = full filtering to 9 = wanton and gratuitous. For more in-depth +information, see here.

+


+Weburbia

+

See evaluWEB. For more in-depth information, see here.

+


+Vancouver Webpages

+

This is yet another ratings scheme.  See here +for more information.

+

 

+

dansguardian.conf

+

The only setting that is vital for you to configure in the +dansguardian.conf file is the accessdeniedaddress setting. You should set this +to the address (not the file path) of your Apache server with the perl access denied reporting +script. For most people this will be the same server as squid and DansGuardian. +If you really want you can change this address to a normal html static page on +any server.

+

Reporting Level

You can change the reporting level for when a page +gets denied. It can say just 'Access Denied', or report why, or report why and what +the denied phrase is. The latter may be more useful for testing, but the middler would be more +useful in a school environment. Stealth mode logs what would be denied but +doesn't do any blocking. +

Logging Settings

This setting lets you configure the logging level. You can log nothing, just denied pages, text based +and all requests. HTTPS requests only get logged when the logging is set to 3 - +all requests. +

Network Settings

These allow you to modify the IP address that +DansGuardian is listening on, the port DansGuardian listens on, the IP address of the server +running squid as well as the squid port. +It is possible to configure the Access Denied reporting page here also. +

Content Filtering Settings

Here you can modify the location of the list +files. Adjusting these locations is not recommended. +

Reverse Lookups for Banned Sites and URLs

+If set to on, DansGuardian will look up the forward DNS for an IP URL address and search for both in the +banned site and URL lists. This would prevent a user from simply entering the IP +for a banned address. It will reduce searching speed somewhat so unless you have a local caching +DNS server, leave it off and use the Blanket IP Block option in the bannedsitelist file instead. +

Build bannedsitelist and bannedurllist Cache Files

+This will compare the date stamp of the list file with the date stamp of the +cache file and will recreate as needed. If a bsl or bul .processed file exists, +then that will be used instead. It will increase process start speed by 300%. On +slow computers this will be significant. Fast computers do not need this option. +

POST protection (web upload and forms)

+This is for blocking or limiting uploads, not for blocking forms without any file +upload. +The value is given in kilobytes after MIME encoding and header information. +

Username identification methods (used in logging)

+The proxyauth option is for when basic proxy authentication is used (obviously +no good for transparent proxying). The ntlm option is for when the proxy supports the MS NTLM authentication.  +This only works with IE5.5 sp1 and later, and has not been implemented yet. The ident +option causes DansGuardian to try to connect to an identd server on the computer +originating the request. +

Forwarded For

+This option adds an X-Forwarded-For: <clientIP> to the HTTP request header. This may help +solve some problem sites that need to know the source IP. +

Max Children

+

This sets the maximum number of processes to spawn to handle the incoming connections. This will prevent DoS attacks killing the server with +too many spawned processes. On large sites you might want to double or triple this number.

+

Log Connection Handling Errors

+

This option logs some debug info regarding fork()ing and accept()ing which can usually be ignored. These are logged by syslog. It is safe to leave
+this setting on or off.

+

 

+

Squid configuration

There is none that is +required as DansGuardian appears to squid just as a normal web browser. +However... +

We need to make sure that squid will not allow client browsers to bypass +DansGuardian. This is a non trivial problem. What I will assume is that you have +already blocked open web access (via firewall IP tables and IP chains) and the only way to access the web is through +squid and hence DansGuardian. This goal is achievable in a number of ways. +

squid.conf method

+

You can modify the acl rules so that only localhost has access. In my +squid.conf I had the following lines: +

# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
+#
+acl localnet src 192.168.42.0/255.255.255.0
+http_access allow localnet
+http_access allow localhost
+http_access deny all
+

So I remmed out both the localnet lines with a #. I believe that the default +configuration of squid is to only have localhost allowed so you probably don't +even have to do this. +

With proxy authentication things get a little bit more complex. With no +DansGuardian in my squid.conf I have: 

authenticate_program /usr/bin/smb_auth -W DOMAIN -U 192.168.0.2
+acl domainusers proxy_auth REQUIRED
+http_access allow domainusers
+http_access deny all
+
Which allows authenticated users to access the proxy from anywhere. +

However, it makes sense to let SSL through without going +through DansGuardian, yet at the same time still prevent bypassing DansGuardian +on other ports. +So the same section became: 

authenticate_program /usr/bin/smb_auth -W DOMAIN -U 192.168.0.2
+acl domainusers proxy_auth REQUIRED
+acl linuxserver src 192.168.0.1/255.255.255.255
+acl ntserver src 192.168.0.2/255.255.255.255
+http_access allow linuxserver
+http_access allow ntserver
+http_access allow domainusers localhost
+http_access allow CONNECT SSL_ports
+http_access deny all
+
So for all web access (SSL or not) the user is required to be +authenticated, but SSL is allowed to bypass DansGuardian. I also allow the NT +and Linux servers to bypass the filtering and access squid directly. +

ipchains method 1

You could redirect incoming requests on port 3128 from +the local net to port 8080 while still allowing incoming from the localhost to +access 3128. More specific detail is currently beyond the scope of these +instructions. +

ipchains method 2 - sneaky method

A really sneaky method would be to +configure squid to work as a transparent proxy and redirect all port 80 traffic +to port 8080. You would want to include method 1 as well. More specific detail +is currently beyond the scope of these instructions. There are HOWTOs that cover this. +

 

+

Client Configuration

+

Simple config

+

Let's assume you have a Linux server at IP 192.168.0.1 which is a caching web +proxy and intranet web server. On this server you have DansGuardian +installed listening on port 8080. +

You need to configure the client browser for http proxy 192.168.0.1 with port +8080. You can configure ftp the same as http - it is reported to work. That's +it. But for efficiency you might want to set the 'no proxy on' to your local +Apache server address - 192.168.0.1 in this case. If you've got DNS working, you +can use the DNS address of your local server. I tend not to. +

+

Sneaky Config

If you've used the sneaky method to configure squid then +there should be no configuration required. Configure your browser for no proxy +and maybe set the 'no proxy on' to your local Apache server address - +192.168.0.1 in this case. +

+

Beebug(Daniel's) Config

This could be known as super sneaky I suppose. +The problem with the simple config method is that you have to configure by hand +every browser. This is a pain and is why the sneaky method is really quite +good.
The way Beebug solve this is by using a custom in-house Visual Basic application that +loads upon login and modifies the needed Windows registry and various files so +that IE and Netscape (including email) are configured automatically. +It's so good, you can just stick a copy of Netscape on a server in a share and +run this program at login and it automatically just works on all the PCs. No +installation and a central copy so it's easy to update.
It also has other +features such as removing unwanted bits such as web folders, GMT/BST auto +switching (already done by login script), app data, and other fixes.
Unless I +persuade the directors to release it open source you can't use this method +without paying or writing your own. And guess who wrote this - yes - the +DansGuardian author!

+

Support

For all support issues, join the mailing list +and post your question or comment there. +

If you feel your message is not suitable for public viewing and is private +(for example asking for pricing or other commercial issues) then email me +direct. My address is daniel at jadeb dot com. +

You can also get further help from the DansGuardian web site dansguardian.org. +

Any comments about this document, email gb at dansguardian dot org.

--- dansguardian-2.10.1.1.orig/debian/installation2.html +++ dansguardian-2.10.1.1/debian/installation2.html @@ -0,0 +1,58 @@ + + +DansGuardian Brief Installation Guide + +

DansGuardian Brief Installation Guide

+

+Tue 9th October 2001 - version 2.x.x +

+

Installing from RPM

+
    +
  1. Download the correct RPM for DansGuardian 2. +
  2. If upgrading from an older version of DansGuardian, make a backup of your /etc/dansguardian directory. Also stop running any old version. +
  3. rpm -Uvh DansGuardian-2....rpm (fill in the blank) (--nodeps might be needed) +
  4. Now edit the dansguardian.conf file to your liking paying special attention to the accessdeniedaddress option. +
+

+

Installing from source

+
    +
  1. Download the source for DansGuardian 2. +
  2. If upgrading from an older version of DansGuardian, make a backup of your /etc/dansguardian directory. Also stop running any old version. +
  3. Untar with a 'tar -zxpf DansGuardian-2.....tar.gz' (fill in the blanks). +
  4. cd into the new directory. +
  5. Run the configure (./configure --help) script with the help option to see the user selectable settings. Default settings are shown in []'s. +
  6. Run the configure (./configure) script with your options, if any. (RedHat 6.2/7.0 users can leave the default settings. Other users see below. +
  7. Edit the Makefile and verify that all the directory settings are correct. If not, re-run the configure script. +
  8. "make" will now build DansGuardian. +
  9. "make install" will create the directory structure and install all the files in the chosen paths. +
  10. "make clean" will remove the now un-needed binaries etc. +
  11. Now edit the dansguardian.conf file to your liking paying special attention to the accessdeniedaddress option. +
+

Options

+You may change with the configure options: + + + + + + + + + + +
bindir(where the binary gets places)
sysconfdir(where the config and data files gets placed)
sysvdir(where the startup script gets placed)
cgidir(where the cgi-bin dir is located)
mandir(where the man docs get placed)
logdir(where the logs get placed)
runas_usr(the system user the daemon runs as)
runas_grp(the system group the daemon runs as)
piddir(where the pid file gets placed)
+

+The INSTALL file included within the source tarball gives all this information as well as example options for FreeBSD, OpenBSD, Mandrake, SuSE, etc +

+

Nearly finished

+You need to make DansGuardian start up when the server reboots. For linux this means use your favourite SysV editor to stick DansGuardian in run level 5 and 3 at about 92, if chkconfig/rpm has not already done this for you. +

+Also you need to rotate the logs once a week. As root, crontab -e and set the log rotation script up as follows:
+59 23 * * sun /etc/dansguardian/logrotation
I.e 23:59 every sunday. Or as pleases you. Note, the path may be different. You don't have to use my splendid script and could use any method you want so long as it stops DansGuardian first, rotates then starts it again. +

+

Finally

+

The port it listens on by default is 8080. It uses port 3128 on Squid. To manually start it run /etc/rc.d/init.d/dansguardian start. Use stop to stop it. +For all support issues, join the mailing list and post your question or comment there. Everyone would like to know of success or failure as this may help them. The messages also act as an archive of information that may get put into the FAQ. +

If you feel your message is not suitable for public viewing and is private (for example asking for pricing or other commercial issues) then email me direct. My address is author at dansguardian dot org. + + --- dansguardian-2.10.1.1.orig/debian/changelog +++ dansguardian-2.10.1.1/debian/changelog @@ -0,0 +1,269 @@ +dansguardian (2.10.1.1-4ubuntu0.1) precise-security; urgency=medium + + * No change rebuild for the clamav security update + + -- Marc Deslauriers Wed, 21 Sep 2016 15:27:28 -0400 + +dansguardian (2.10.1.1-4) unstable; urgency=low + + * [42dcd6d] Install subdirs + * [5643aa6] use dh_lintian + * [d9eae0e] Move from classic debhelper to dh + * [2269451] Raise dh compat level + * [4256464] Patch configure.ac to fix clamav detection. + Thanks to Dan Chen for the patch (Closes: #646903) + * [4295784] Add Vcs headers + * [cedb4a7] Bump debhelper dependency to 8 + * [8f24e4e] bump standards version + * [3ad2dee] remove unused patches + * [27145cd] Fix compilation with gcc 4.6. + Thanks to Dan Chen for the patch (Closes: 624996) + * [02ba68c] remove leftovers + * [7c8296c] Remove old stuff in postinst (Closes: #646901) + + -- Alexander Wirt Sat, 05 Nov 2011 21:19:57 +0100 + +dansguardian (2.10.1.1-3) unstable; urgency=low + + * Fix restart in init script (Closes: #605934) + + -- Alexander Wirt Wed, 19 Jan 2011 19:30:17 +0100 + +dansguardian (2.10.1.1-2) unstable; urgency=low + + * Fix initscript ordering (Closes: #541742) + * Force debsource 1.0 + * Update copyright file (Closes: #567263) + * Fix clamdsocket in clamdscan.conf (Closes: #544656) + * Use settings from configfile for chown ops + (Closes: #419989) Thanks to Игорь Чумак for the patch + + -- Alexander Wirt Sat, 13 Feb 2010 09:32:09 +0100 + +dansguardian (2.10.1.1-1) unstable; urgency=low + + * New upstream version (Closes: #516749) + * Re-enable clamd support (Closes: #533024) + * Bump standards version (No changes) + * Add --retry 15 to start-ѕtop-daemon (Closes: #424076) + * Fix headers for gcc 4.4 (Closes: #505386, #526156) + Thanks to tbm for the patch + + -- Alexander Wirt Sun, 14 Jun 2009 11:21:44 +0200 + +dansguardian (2.9.9.7-2.1) unstable; urgency=low + + * Non-maintainer upload. + * Added patch for clamav 0.95/libclamav6 support + - added debian/patches/50_clamav095_support.dpatch + + -- Imre Gergely Sun, 19 Apr 2009 09:42:35 +0300 + +dansguardian (2.9.9.7-2) unstable; urgency=low + + [ Thomas Viehmann ] + * OptionContainer.cpp: If you need to iterate through all lines in the + config file to find a field, at least don't abuse the configfile deque + by accessing it as if it was an array with signed index. + Works way better on arm, too, i.e. closes: #493047. + + -- Alexander Wirt Mon, 13 Oct 2008 09:29:35 +0200 + +dansguardian (2.9.9.7-1) unstable; urgency=low + + * New upstream version (Closes: #497260) + * Don't ban sites with general rating (Closes: #477073) + * Update to new chown syntax + + -- Alexander Wirt Mon, 05 May 2008 16:33:47 +0200 + +dansguardian (2.9.9.3-2) unstable; urgency=low + + * This time build with gcc 4.3 (Closes: #454889) + + -- Alexander Wirt Sun, 06 Apr 2008 14:47:06 +0200 + +dansguardian (2.9.9.3-1) unstable; urgency=low + + * New upstream release, move from dgav patch to 2.9 series (Closes: #334839) + - This version builds fine with GCC 4.3 (Closes: #454889) + - spanish translations have been fixed (Closes: #428372) + - See /usr/share/doc/dansguardian/NEWS.Debian.gz for more informations + * Don't fail it in prerm if dansguardian is already stopped (Closes: + #396321, #474420) + * Move configfiles to a new place + * Bump standards version (no changes) + * Remove 01_unrpmize (dansguardian now uses autotools) + * Updated copyright file + * Remove 04_clamav-0.90-API.dpatch, 05_kfreebsd.dpatch, + 06_gcc4.3.dpatch they are not used anymore + * Don't ignore failures from distclean + * Don't fail if build twice in a row. (Closes: #442538) + + -- Alexander Wirt Mon, 24 Mar 2008 18:45:37 +0100 + +dansguardian (2.8.0.6-antivirus-6.4.4.1-4) unstable; urgency=low + + * Add a patch for kfreebsd (Closes: #414338). Thanks Cyril Brulebois. + * Fix includes to make it compile with GCC 4.3 (Closes: #417139). Thanks + to Martin Michlmayr. + + -- Alexander Wirt Mon, 02 Apr 2007 16:03:15 +0200 + +dansguardian (2.8.0.6-antivirus-6.4.4.1-3) UNRELEASED; urgency=low + + * NOT RELEASED YET + + -- Alexander Wirt Wed, 28 Feb 2007 15:44:25 +0100 + +dansguardian (2.8.0.6-antivirus-6.4.4.1-2) unstable; urgency=low + + * Update ClamAV.cpp to the clamav 0.90 API (Closes: #410834). Thanks to + Stephen Gran for the patch! + + -- Alexander Wirt Wed, 28 Feb 2007 15:42:50 +0100 + +dansguardian (2.8.0.6-antivirus-6.4.4.1-1) unstable; urgency=medium + + * Updated antivirus plugin + - Fixed cleaning of temp files + (Closes: #400385) + * Fix missing opening quote in spanish translations + (Closes: #399176) + * Readd a patch thats prevents starting in unconfigured systems + (Closes: #402831) + + -- Alexander Wirt Thu, 14 Dec 2006 22:33:54 +0100 + +dansguardian (2.8.0.6-antivirus-6.4.4-1) unstable; urgency=medium + + * New av plugin release + - Proper autocleaning (Closes: #377983) + * Bumped standards version + * Depend on clamav (>= 0.80) + * Fix typo in description (Closes: #363224) + + -- Alexander Wirt Sun, 22 Oct 2006 16:56:11 +0200 + +dansguardian (2.8.0.6-antivirus-6.3.8-1-1) unstable; urgency=low + + * New upstream release + * Integreated Aecio F. Netos Antiviruspatch (Closes: #263890) + * Acknowledge the gcc4 nmu (Closes: #319568) + + -- Alexander Wirt Wed, 17 Aug 2005 14:30:31 +0200 + +dansguardian (2.8.0.4-2.1) unstable; urgency=low + + * Non-Maintainer Upload (BSP 2005-08-07). + * Fixed FTBFS by applying patch from Matt Kraai (Closes: #319568). + + -- Uwe Hermann Sun, 7 Aug 2005 14:21:46 +0200 + +dansguardian (2.8.0.4-2) unstable; urgency=low + + * Added --oknodo to start-stop-daemon to get restarting + working if it isn't started before (Closes: #303762) + Thanks to Kevin Traas for the patch + + -- Alexander Wirt Fri, 8 Apr 2005 21:02:42 +0200 + +dansguardian (2.8.0.4-1) unstable; urgency=low + + * New upstream release + * Added reload to initfile (Closes: #292301) + + -- Alexander Wirt Wed, 2 Mar 2005 19:16:47 +0100 + +dansguardian (2.8.0.3-1) unstable; urgency=low + + * New upstream release + * Removed the compressed content patch, this is + now solved from upstream + * Dansguardian builds now clean with gcc-3.4 (Closes: #258592) + * Make logrotate more silent (Closes: #180318) + + + -- Alexander Wirt Mon, 27 Sep 2004 18:57:06 +0200 + +dansguardian (2.7.7-9-1) unstable; urgency=low + + * New upstream release + * New Maintainer (Closes: #254395) + * Acknowledge of several NMUs by Mathias Klose + closes: #160096, #150904, #156703, #151163, #169736, #150884, #161038 + also closes: #200194, #200194, #206519 + * Added a small patch from Bob Vincent + that fixes the handling of Sources.gz and Packages.gz (closes: #229826) + + -- Alexander Wirt Wed, 16 Jun 2004 21:28:52 +0200 + +dansguardian (2.7.7-8-0.1) unstable; urgency=low + + * NMU. + * New upstream release. + + -- Matthias Klose Sat, 1 May 2004 10:15:29 +0200 + +dansguardian (2.7.7-5-0.1) unstable; urgency=low + + * NMU. + * New upstream release. + + -- Matthias Klose Fri, 2 Apr 2004 23:15:24 +0200 + +dansguardian (2.7.6-7-0.1) unstable; urgency=low + + * NMU. + * New upstream release. + + -- Matthias Klose Sun, 4 Jan 2004 11:03:31 +0100 + +dansguardian (2.7.6-3-0.1) unstable; urgency=low + + * NMU. + * New upstream release. + + -- Matthias Klose Sat, 6 Dec 2003 16:28:05 +0100 + +dansguardian (2.7.3-1-0.1) unstable; urgency=low + + * NMU. + * New upstream release. + * Wait some time before restarting after a logrotate (closes: #206519). + * Upgrade problems fixed at least in 2.7.3 (closes: #169736). + * Change maintainer address to flimsy@debian.org, as the original + address bounces (closes: #200194). + + -- Matthias Klose Wed, 1 Oct 2003 23:29:35 +0200 + +dansguardian (2.7.3-0-0.1) unstable; urgency=low + + * NMU. + * New upstream version (closes: #150904, #151163). + + -- Matthias Klose Mon, 1 Sep 2003 00:06:48 +0200 + +dansguardian (2.5.2-0-0.1) unstable; urgency=low + + * NMU. + * New upstream version (close: #151163). + - Should fix compile errors on alpha, ia64 and s390 (closes: #160096). + * Make the g++-2.9[56] dependency explicit. The code doesn't compile with + g++-3.x. + * The configure script uses a broken check for the echo command, + so explicitely call it using bash. + * Start after squid and apache (closes: #161038). + * Update package description (closes: #150884). + * Fix postrm script to purge the package (closes: #156703). + * Fix broken checks for user and group in postinst. + * Link against dynamic libz. + * Add logrotate script. + + -- Matthias Klose Sun, 10 Nov 2002 12:23:28 +0100 + +dansguardian (2.2.10-0-1) unstable; urgency=low + + * Initial Release. (Closes: #150218) + + -- Jonathan J. Hall Mon, 17 Jun 2002 21:14:35 -0500 --- dansguardian-2.10.1.1.orig/debian/prerm +++ dansguardian-2.10.1.1/debian/prerm @@ -0,0 +1,8 @@ +#! /bin/sh -e + +init_failed () +{ + echo "WARNING: Stopping dansguardian failed! Upgrade or removal may be incomplete!" +} + +#DEBHELPER# --- dansguardian-2.10.1.1.orig/debian/compat +++ dansguardian-2.10.1.1/debian/compat @@ -0,0 +1 @@ +8 --- dansguardian-2.10.1.1.orig/debian/dansguardian.dirs +++ dansguardian-2.10.1.1/debian/dansguardian.dirs @@ -0,0 +1,3 @@ +usr/lib/cgi-bin/ +usr/share/doc/dansguardian +var/lock/subsys --- dansguardian-2.10.1.1.orig/debian/NEWS +++ dansguardian-2.10.1.1/debian/NEWS @@ -0,0 +1,50 @@ +dansguardian (2.9.9.3-1) unstable; urgency=low + + This is the first upload of the new dansguardian 2.9 tree. It changes + several things: + + - there is no loger a patch needed for antivirussupport. Unfortunatly + that means that the old configuration syntax is not valid any more. + On the other hand this version has support for icap and + commandlinescanners. For configuration details see + /etc/dansguardian/contentscanners. + + - Nearly all configuration files were moved to /etc/dansguardian/lists. + I did my beѕt to made the migration as painless as possible. But if you + renamed filterfiles or had custom ones they could not get moved + automatically. Please look into /etc/dansguardian/lists and + /etc/dansguardian⁄dansgardianf1.conf how to integrate them into + Dansguardian 2.9. + + - Since there were so many changes and new features its recommended to + start with a new config (this means dansguardian.conf and + dansguardianf1.conf, not your filter files). An automatic migration is + unfortunatly not possible. + + -- Alexander Wirt Mon, 24 Mar 2008 15:55:54 +0100 + +dansguardian (2.8.0.6-antivirus-6.4.4-1) unstable; urgency=low + + The option tricklescanlength has been renamed to forkscanlength. + Please change this in your configuration file. + + -- Alexander Wirt Sun, 22 Oct 2006 17:49:05 +0200 + +dansguardian (2.8.0.6-antivirus-6.3.8-1) unstable; urgency=low + + I included Aecio F. Neto antiviruspatch for dansguardian, this makes it + possible to scan websites and file for viruses using the clamav engine. + You will have to adapt your config with the new antivirus options. See + /usr/share/doc/README.AV for more informations. + Its not possible to use clamd or kapersky antivirus with the debian package, + because the code has to be patched to get another engine working. + + -- Alexander Wirt Thu, 18 Aug 2005 09:11:10 +0200 +dansguardian (2.9.9.3-1) unstable; urgency=low + + The option tricklescanlength has been renamed to forkscanlength. + Please change this in your configuration file. + + + + -- Alexander Wirt Mon, 24 Mar 2008 15:55:54 +0100 --- dansguardian-2.10.1.1.orig/debian/copyright +++ dansguardian-2.10.1.1/debian/copyright @@ -0,0 +1,25 @@ +This package was debianized by Jonathan Hall on +Mon, 17 Jun 2002 21:14:35 -0500. + +It as downloaded from http://dansguardian.org/ + +Upstream Author: Daniel Barron + +Copyright (c) 2001-2010 Daniel Barron + +This program is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License along with +this program; if not, write to the Free Software Foundation, Inc., 51 Franklin +St, Fifth Floor, Boston, MA 02110-1301, USA. On Debian systems, the complete +text of the GNU General Public License, can be found in +/usr/share/common-licenses/GPL. + --- dansguardian-2.10.1.1.orig/debian/watch +++ dansguardian-2.10.1.1/debian/watch @@ -0,0 +1,3 @@ +version=3 + +http://dansguardian.org/downloads/2/Stable/dansguardian-(.*)\.tar\.gz --- dansguardian-2.10.1.1.orig/debian/postrm +++ dansguardian-2.10.1.1/debian/postrm @@ -0,0 +1,9 @@ +#!/bin/sh -e + +if [ "$1" = "purge" ]; then + deluser dansguardian > /dev/null || true + rm -rf /var/log/dansguardian + rm -rf /etc/dansguardian +fi + +#DEBHELPER# --- dansguardian-2.10.1.1.orig/debian/README.Debian +++ dansguardian-2.10.1.1/debian/README.Debian @@ -0,0 +1,28 @@ +LICENSING ISSUES +================ +Thanks to Daniel Barron for this piece of software! + +Although this software is released under the GPL, and is therefore free for +anyone to use for any purpose, Daniel has made commercial licenses of this +software available for those who require another license for their purposes. +Please visit http://www.dansguardian.org/?page=copyright2 for details. + +If you use this software commercially, or if you just feel like making a +donation, you are encouraged to make a donation to Daniel to support +development of this software. + +Commercial support services are also available from Daniel for those +needeing them. Please visit http://www.dansguardian.org/?page=pricing#CS +for details. + + +DOCUMENTATION +============= +Available documentation can be found at +http://www.dansguardian.org/?page=documentation + +The DansGuardian FAQ is at http://www.dansguardian.org/?page=faq + +Some useful HOWTOs that cover specific implimentations of DansGuardian and +caching/filtering in general can be found at +http://www.dansguardian.org/?page=howto --- dansguardian-2.10.1.1.orig/debian/contentregexplist +++ dansguardian-2.10.1.1/debian/contentregexplist @@ -0,0 +1,12 @@ +#Content modifying Regular Expressions +# +# The format is: "extended regular expression"->"replacement straight string" +# E.g. "shit"->"censored" would replace all occurances of shit in any case. +# Far more complicated matches are possible. See other sources for examples +# of extended regular expressions. + +# These are just some weak examples. If you write any, for example, to +# remove popups etc, please send them to author at dansguardian.org. + +#"