dansguardian(8) [debian man page]
DANSGUARDIAN(8) dansguardian DANSGUARDIAN(8) NAME
DansGuardian2 - web content filter SYNOPSIS
dansguardian [ -c config-file ] [ -v ] [ -h ] [ -N ] [ -q ] [ -Q ] [ -s ] [ -r ] [ -g ] SUMMARY
DansGuardian is a web content filtering proxy(1) for Linux, NetBSD, FreeBSD, OpenBSD, and Solaris that uses Squid(2) to do all the fetch- ing. It filters using multiple methods. These methods include URL and domain filtering, content phrase filtering, PICS filtering, MIME type fil- tering, file extension filtering, POST limiting and content (AV) scanning. The content phrase filtering will check for pages that contain profanities and phrases often associated with pornography and other undesir- able content. The POST filtering allows you to block or limit web uploads. The URL and domain filtering is able to handle huge lists and is significantly faster than squidGuard. Content scanning enables downloaded content to be passed through ClamD, KAVD, any local program with machine-parseable console output, and any other AV scanner available as an ICAP server. The filtering has configurable domain, user and source IP exception lists. SSL tunneling is supported; however, due to the encrypted nature of HTTPS requests, filtering is only supported on destination domain. The configurable logging produces a log in an easy to read format which has the option to only log the text-based pages, thus significantly reducing redundant information such as every image on a page. DansGuardian is under continuous development and so it is best to visit the web site for the latest information. (1) Technically DansGuardian is more of a filtering pass-through than a true proxy - but don't let that worry you! (2) DansGuardian should work with any proxy, not just Squid. For example, it is known to work with Oops. DOCUMENTATION
For all further information including copyright, support, FAQ, docs, mailing list - please go to: http://dansguardian.org/ Mirror: http://dansguardian.intmain.com/ Available documentation can be found at http://www.dansguardian.org/?page=documentation The DansGuardian FAQ is at http://www.dansguardian.org/?page=faq Some useful HOWTOs that cover specific implimentations of DansGuardian and caching/filtering in general can be found at http://www.dansguardian.org/?page=howto Information about Debian specific changes and configuration can be found in /usr/share/doc/dansguardian/changelog.Debian.gz . OPTIONS
-c config-file Use the given config-file. -v gives the version number and build options. -h Output a short summary of available command line options. -N Do not go into the background. -q causes DansGuardian to kill any running copy. -Q kill any running copy AND start a new one with current options. -s shows the parent process PID and exits. -r closes all connections and reloads config files by issuing a HUP, but this does not reset the maxchildren option (amongst others). -g gently restarts by not closing all current connections; only reloads filter group config files. (Issues a USR1) COPYRIGHT
DansGuardian is copyright Daniel Barron 2001. daniel@jadeb.com Daniel Barron Oct 2008 DANSGUARDIAN(8)
Check Out this Related Man Page
PRIVOXY(1) PRIVOXY(1) NAME
privoxy - Privacy Enhancing Proxy SYNOPSIS
privoxy [--help ] [--version ] [--no-daemon ] [--pidfile pidfile ] [--user user[.group] ] [configfile ] (UNIX) privoxy.exe [configfile ] (Windows) OPTIONS
Privoxy may be invoked with the following command line options: --help Print brief usage info and exit. --version Print version info and exit. --no-daemon Don't become a daemon, i.e. don't fork and become process group leader, don't detach from controlling tty, and do all logging there. --pidfile pidfile On startup, write the process ID to pidfile. Delete the pidfile on exit. Failiure to create or delete the pidfile is non-fatal. If no --pidfile option is given, no PID file will be used. --user user[.group] After (optionally) writing the PID file, assume the user ID of user and the GID of group, or, if the optional group was not given, the default group of user. Exit if the privileges are not sufficient to do so. If the configfile is not specified on the command line, Privoxy will look for a file named config in the current directory (except on Win32 where it will try config.txt). If no configfile is found, Privoxy will fail to start. DESCRIPTION
Privoxy is a web proxy with advanced filtering capabilities for protecting privacy, filtering web page content, managing cookies, control- ling access, and removing ads, banners, pop-ups and other obnoxious Internet junk. Privoxy has a very flexible configuration and can be customized to suit individual needs and tastes. Privoxy has application for both stand-alone systems and multi-user networks. Privoxy is based on Internet Junkbuster (tm). INSTALLATION AND USAGE
Browsers must be individually configured to use Privoxy as a HTTP proxy. The default setting is for localhost, on port 8118 (config- urable in the main config file). To set the HTTP proxy in Netscape and Mozilla, go through: Edit; Preferences; Advanced; Proxies; Man- ual Proxy Configuration; View. For Internet Explorer, go through: Tools; Internet Properties; Connections; LAN Settings. The Secure (SSL) Proxy should also be set to the same values, otherwise https: URLs will not be proxied. Note: Privoxy can only proxy HTTP and HTTPS traffic. Do not try it with FTP or other protocols. For other browsers, check the documentation. CONFIGURATION
Privoxy can be configured with the various configuration files. The default configuration files are: config, default.filter, and default.action. user.action should be used for locally defined exceptions to the default rules of default.action These are all well com- mented. On Unix and Unix-like systems, these are located in /etc/privoxy/ by default. On Windows, OS/2 and AmigaOS, these files are in the same directory as the Privoxy executable. The name and number of configuration files has changed from previous versions. In fact, the configuration itself is changed and much more sophisticated. See the user-manual for a complete explanation of all configuration options and general usage, and notes for upgrading from Junkbuster and earlier Privoxy versions. The actions list (ad blocks, etc) can also be configured with your web browser at http://config.privoxy.org/. Privoxy's configuration parameters can also be viewed at the same page. In addition, Privoxy can be toggled on/off. This is an internal page, and does not require Internet access. SAMPLE CONFIGURATION
A brief example of what a simple default.action configuration might look like: # Define a few useful custom aliases for later use {{alias}} # Useful aliases +crunch-cookies = +crunch-incoming-cookies +crunch-outgoing-cookies -crunch-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies +imageblock = +block +handle-as-image # Fragile sites should have the minimum changes fragile = -block -deanimate-gifs -fast-redirects -filter -hide-referer -prevent-cookies -kill-popups ## Turn some actions on ################################ { -add-header -block +deanimate-gifs{last} -downgrade-http-version -fast-redirects +filter{html-annoyances} +filter{js-annoyances} +filter{content-cookies} +filter{webbugs} +filter{banners-by-size} +hide-forwarded-for-headers +hide-from-header{block} +hide-referrer{forge} -hide-user-agent -handle-as-image +set-image-blocker{pattern} -limit-connect +prevent-compression +session-cookies-only -crunch-cookies -kill-popups } / # '/' Matches *all* URL patterns # Block, and treat these URL patterns as if they were 'images'. # We would expect these to be ads. {+imageblock} .ad.doubleclick.net .a[0-9].yimg.com/(?:(?!/i/).)*$ ad.*.doubleclick.net # Block any URLs that match these patterns {+block} ad*. .*ads. banner?. /.*count(er)?.(pl|cgi|exe|dll|asp|php[34]?) .hitbox.com # Make exceptions for these harmless ones that would be # caught by our +block patterns just above. {-block} adsl. advice. .*downloads. Then for a user.action, we would put local, narrowly defined exceptions: # Re-define aliases as needed here {{alias}} # Useful aliases -crunch-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies # Set personal exceptions to the policies in default.action ####### # Sites where we want persistant cookies, so allow *all* cookies {-crunch-cookies -session-cookies-only} .redhat.com .sun.com .msdn.microsoft.com # This site breaks easily. {-block -fast-redirects} .forbes.com See the comments in the configuration files themselves, or the user-manual for explanations of the above syntax, and other Privoxy configu- ration options. FILES
/usr/sbin/privoxy /etc/privoxy/config /etc/privoxy/default.action /etc/privoxy/standard.action /etc/privoxy/user.action /etc/privoxy/default.filter /etc/privoxy/trust /etc/privoxy/templates/* /var/log/privoxy/logfile Various other files should be included, but may vary depending on platform and build configuration. More documentation should be included in the local documentation directory. SIGNALS
Privoxy terminates on the SIGINT, SIGTERM and SIGABRT signals. Log rotation scripts may cause a re-opening of the logfile by sending a SIGHUP to Privoxy. Note that unlike other daemons, Privoxy does not need to be made aware of config file changes by SIGHUP -- it will detect them automatically. NOTES
Please see the User Manual on how to contact the developers for feature requests, reporting problems, and other questions. SEE ALSO
Other references and sites of interest to Privoxy users: http://www.privoxy.org/, the Privoxy Home page. http://www.privoxy.org/faq/, the Privoxy FAQ. http://sourceforge.net/projects/ijbswa/, the Project Page for Privoxy on SourceForge. http://config.privoxy.org/, the web-based user interface. Privoxy must be running for this to work. Shortcut: http://p.p/ http://www.privoxy.org/actions/, to submit ``misses'' to the developers. http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/ijbswa/contrib/, cool and fun ideas from Privoxy users. http://www.junkbusters.com/ht/en/cookies.html, an explanation how cookies are used to track web users. http://www.junkbusters.com/ijb.html, the original Internet Junkbuster. http://www.waldherr.org/junkbuster/, Stefan Waldherr's version of Junkbuster, from which Privoxy was derived. http://privacy.net/analyze/, a useful site to check what information about you is leaked while you browse the web. http://www.squid-cache.org/, a very popular caching proxy, which is often used together with Privoxy. http://www.privoxy.org/developer-manual/, the Privoxy developer manual. DEVELOPMENT TEAM
Jon Foster Andreas Oesterhelt Stefan Waldherr Thomas Steudten Rodney Stromlund Rodrigo Barbosa (RPM specfiles) Moritz Barsnick Hal Burgiss (docs) Karsten Hopp (Red Hat) Alexander Lazic Gabor Liptak Guy Haroon Rafique Roland Rosenfeld (Debian) Georg Sauthoff (Gentoo) David Schmidt (OS/2, Mac OSX ports) Joerg Strohmayer (Amiga) Sarantis Paskalis COPYRIGHT AND LICENSE
COPYRIGHT Copyright (C) 2001, 2002 by Privoxy Developers <developers@privoxy.org> Some source code is based on code Copyright (C) 1997 by Anonymous Coders and Junkbusters, Inc. and licensed under the GNU General Public License. LICENSE Privoxy is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License, version 2, as pub- lished by the Free Software Foundation. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MER- CHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details, which is available from the Free Software Foundation, Inc, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc. 59 Temple Place - Suite 330 Boston, MA 02111-1307 USA Privoxy 3.0.0 25 August 2002 PRIVOXY(1)