API tools faq
paste
Advertisement
Guest User

Dansguardian 2.12.0.0 Config

a guest
Jul 8th, 2013
391
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 25.65 KB | None | 0 0
raw download clone embed print report
  1. # DansGuardian config file for version 2.12.0.0
  2.  
  3. # **NOTE** as of version 2.7.5 most of the list files are now in dansguardianf1.conf
  4.  
  5.  
  6. # Web Access Denied Reporting (does not affect logging)
  7. #
  8. # -1 = log, but do not block - Stealth mode
  9. #  0 = just say 'Access Denied'
  10. #  1 = report why but not what denied phrase
  11. #  2 = report fully
  12. #  3 = use HTML template file (accessdeniedaddress ignored) - recommended
  13. #
  14. reportinglevel = 3
  15.  
  16. # Language dir where languages are stored for internationalisation.
  17. # The HTML template within this dir is only used when reportinglevel
  18. # is set to 3. When used, DansGuardian will display the HTML file instead of
  19. # using the perl cgi script.  This option is faster, cleaner
  20. # and easier to customise the access denied page.
  21. # The language file is used no matter what setting however.
  22. #
  23. languagedir = '/usr/local/share/dansguardian/languages'
  24.  
  25. # language to use from languagedir.
  26. language = 'german'
  27.  
  28. # Logging Settings
  29. #
  30. # 0 = none  1 = just denied  2 = all text based  3 = all requests
  31. loglevel = 3
  32.  
  33. # Log Exception Hits
  34. # Log if an exception (user, ip, URL, phrase) is matched and so
  35. # the page gets let through.  Can be useful for diagnosing
  36. # why a site gets through the filter.
  37. # 0 = never log exceptions
  38. # 1 = log exceptions, but do not explicitly mark them as such
  39. # 2 = always log & mark exceptions (default)
  40. logexceptionhits = 2
  41.  
  42. # Log File Format
  43. # 1 = DansGuardian format (space delimited)
  44. # 2 = CSV-style format
  45. # 3 = Squid Log File Format
  46. # 4 = Tab delimited
  47. logfileformat = 1
  48.  
  49. # truncate large items in log lines
  50. # 0 = no truncating (default)
  51. #maxlogitemlength = 0
  52.  
  53. # anonymize logs (blank out usernames & IPs)
  54. #anonymizelogs = off
  55.  
  56.  
  57. # Syslog logging
  58. #
  59. # Use syslog for access logging instead of logging to the file
  60. # at the defined or built-in "loglocation"
  61. #logsyslog = off
  62.  
  63. # Log file location
  64. #
  65. # Defines the log directory and filename.
  66. loglocation = '/usr/local/var/log/dansguardian/access.log'
  67.  
  68.  
  69. # Statistics log file location
  70. #
  71. # Defines the stat file directory and filename.
  72. # Only used in conjunction with maxips > 0
  73. # Once every 3 minutes, the current number of IPs in the cache, and the most
  74. # that have been in the cache since the daemon was started, are written to this
  75. # file. IPs persist in the cache for 7 days.
  76. #statlocation = '/usr/local/var/log/dansguardian/stats'
  77.  
  78.  
  79. # Network Settings
  80. #
  81. # the IP that DansGuardian listens on.  If left blank DansGuardian will
  82. # listen on all IPs.  That would include all NICs, loopback, modem, etc.
  83. # Normally you would have your firewall protecting this, but if you want
  84. # you can limit it to a certain IP. To bind to multiple interfaces,
  85. # specify each IP on an individual filterip line.
  86. # You can have the same IP twice so long as it has a different port.
  87. filterip =
  88.  
  89. # the ports that DansGuardian listens to.  Specify one line per filterip
  90. # line.  You can specify different authentication mechanisms per port but
  91. # only if the mechanisms can co-exist (e.g. basic/proxy auth can't)
  92. filterports = 8080
  93.  
  94. # the ip of the proxy (default is the loopback - i.e. this server)
  95. proxyip = 127.0.0.1
  96.  
  97. # the port DansGuardian connects to proxy on
  98. proxyport = 3128
  99.  
  100. # Whether to retrieve the original destination IP in transparent proxy
  101. # setups and check it against the domain pulled from the HTTP headers.
  102. #
  103. # Be aware that when visiting sites which use a certain type of round-robin
  104. # DNS for load balancing, DG may mark requests as invalid unless DG gets
  105. # exactly the same answers to its DNS requests as clients.  The chances of
  106. # this happening can be increased if all clients and servers on the same LAN
  107. # make use of a local, caching DNS server instead of using upstream DNS
  108. # directly.
  109. #
  110. # See http://www.kb.cert.org/vuls/id/435052
  111. # on (default) | off
  112. #!! Not compiled !! originalip = on
  113.  
  114. # accessdeniedaddress is the address of your web server to which the cgi
  115. # dansguardian reporting script was copied. Only used in reporting levels 1 and 2.
  116. #
  117. # This webserver must be either:
  118. #  1. Non-proxied. Either a machine on the local network, or listed as an exception
  119. #     in your browser's proxy configuration.
  120. #  2. Added to the exceptionsitelist. Option 1 is preferable; this option is
  121. #     only for users using both transparent proxying and a non-local server
  122. #     to host this script.
  123. #
  124. # Individual filter groups can override this setting in their own configuration.
  125. #
  126. accessdeniedaddress = 'http://sepr01/cgi-bin/dansguardian.pl'
  127.  
  128. # Non standard delimiter (only used with accessdeniedaddress)
  129. # To help preserve the full banned URL, including parameters, the variables
  130. # passed into the access denied CGI are separated using non-standard
  131. # delimiters. This can be useful to ensure correct operation of the filter
  132. # bypass modes. Parameters are split using "::" in place of "&", and "==" in
  133. # place of "=".
  134. # Default is enabled, but to go back to the standard mode, disable it.
  135. nonstandarddelimiter = on
  136.  
  137.  
  138.  
  139. # Banned image replacement
  140. # Images that are banned due to domain/url/etc reasons including those
  141. # in the adverts blacklists can be replaced by an image.  This will,
  142. # for example, hide images from advert sites and remove broken image
  143. # icons from banned domains.
  144. # on (default) | off
  145. usecustombannedimage = on
  146. custombannedimagefile = '/usr/local/share/dansguardian/transparent1x1.gif'
  147.  
  148.  
  149. #Banned flash replacement
  150. usecustombannedflash = on
  151. custombannedflashfile = '/usr/local/share/dansguardian/blockedflash.swf'
  152.  
  153.  
  154.  
  155. # Filter groups options
  156. # filtergroups sets the number of filter groups. A filter group is a set of content
  157. # filtering options you can apply to a group of users.  The value must be 1 or more.
  158. # DansGuardian will automatically look for dansguardianfN.conf where N is the filter
  159. # group.  To assign users to groups use the filtergroupslist option.  All users default
  160. # to filter group 1.  You must have some sort of authentication to be able to map users
  161. # to a group.  The more filter groups the more copies of the lists will be in RAM so
  162. # use as few as possible.
  163. filtergroups = 4
  164. filtergroupslist = '/usr/local/etc/dansguardian/lists/filtergroupslist'
  165.  
  166.  
  167.  
  168. # Authentication files location
  169. bannediplist = '/usr/local/etc/dansguardian/lists/bannediplist'
  170. exceptioniplist = '/usr/local/etc/dansguardian/lists/exceptioniplist'
  171.  
  172. # Per-Room blocking definition directory
  173. # A directory containing text files containing the room's name followed by IPs or ranges
  174. # Think of it as bannediplist on crack
  175. perroomblockingdirectory = '/usr/local/etc/dansguardian/lists/bannedrooms/'
  176.  
  177. # Show weighted phrases found
  178. # If enabled then the phrases found that made up the total which excedes
  179. # the naughtyness limit will be logged and, if the reporting level is
  180. # high enough, reported. on | off
  181. showweightedfound = on
  182.  
  183. # Weighted phrase mode
  184. # There are 3 possible modes of operation:
  185. # 0 = off = do not use the weighted phrase feature.
  186. # 1 = on, normal = normal weighted phrase operation.
  187. # 2 = on, singular = each weighted phrase found only counts once on a page.
  188. #
  189. # IMPORTANT: Note that setting this to "0" turns off all features which
  190. # extract phrases from page content, including banned & exception
  191. # phrases (not just weighted), search term filtering, and scanning for
  192. # links to banned URLs.
  193. #
  194. weightedphrasemode = 2
  195.  
  196.  
  197.  
  198. # Positive (clean) result caching for URLs
  199. # Caches good pages so they don't need to be scanned again.
  200. # It also works with AV plugins.
  201. # 0 = off (recommended for ISPs with users with disimilar browsing)
  202. # 1000 = recommended for most users
  203. # 5000 = suggested max upper limit
  204. # If you're using an AV plugin then use at least 5000.
  205. urlcachenumber = 1000
  206. #
  207. # Age before they are stale and should be ignored in seconds
  208. # 0 = never
  209. # 900 = recommended = 15 mins
  210. urlcacheage = 900
  211.  
  212.  
  213.  
  214. # Cache for content (AV) scan results as 'clean'
  215. # By default, to save CPU, files scanned and found to be
  216. # clean are inserted into the clean cache and NOT scanned
  217. # again for a while.  If you don't like this then choose
  218. # to disable it.
  219. # on = cache results; do not re-scan
  220. # off = do not cache; always re-scan
  221. # (on|off) default = on.
  222. scancleancache = on
  223.  
  224.  
  225.  
  226. # Smart, Raw and Meta/Title phrase content filtering options
  227. # Smart is where the multiple spaces and HTML are removed before phrase filtering
  228. # Raw is where the raw HTML including meta tags are phrase filtered
  229. # Meta/Title is where only meta and title tags are phrase filtered (v. quick)
  230. # CPU usage can be effectively halved by using setting 0 or 1 compared to 2
  231. # 0 = raw only
  232. # 1 = smart only
  233. # 2 = both of the above (default)
  234. # 3 = meta/title
  235. phrasefiltermode = 2
  236.  
  237. # Lower casing options
  238. # When a document is scanned the uppercase letters are converted to lower case
  239. # in order to compare them with the phrases.  However this can break Big5 and
  240. # other 16-bit texts.  If needed preserve the case.  As of version 2.7.0 accented
  241. # characters are supported.
  242. # 0 = force lower case (default)
  243. # 1 = do not change case
  244. # 2 = scan first in lower case, then in original case
  245. preservecase = 0
  246.  
  247. # Note:
  248. # If phrasefiltermode and preserve case are both 2, this equates to 4 phrase
  249. # filtering passes. If you have a large enough userbase for this to be a
  250. # worry, and need to filter pages in exotic character encodings, it may be
  251. # better to run two instances on separate servers: one with preservecase 1
  252. # (and possibly forcequicksearch 1) and non ASCII/UTF-8 phrase lists, and one
  253. # with preservecase 0 and ASCII/UTF-8 lists.
  254.  
  255.  
  256.  
  257. # Hex decoding options
  258. # When a document is scanned it can optionally convert %XX to chars.
  259. # If you find documents are getting past the phrase filtering due to encoding
  260. # then enable.  However this can break Big5 and other 16-bit texts.
  261. # off = disabled (default)
  262. # on = enabled
  263. hexdecodecontent = off
  264.  
  265.  
  266.  
  267. # Force Quick Search rather than DFA search algorithm
  268. # The current DFA implementation is not totally 16-bit character compatible
  269. # but is used by default as it handles large phrase lists much faster.
  270. # If you wish to use a large number of 16-bit character phrases then
  271. # enable this option.
  272. # off (default) | on (Big5 compatible)
  273. forcequicksearch = off
  274.  
  275.  
  276.  
  277. # Reverse lookups for banned site and URLs.
  278. # If set to on, DansGuardian will look up the forward DNS for an IP URL
  279. # address and search for both in the banned site and URL lists.  This would
  280. # prevent a user from simply entering the IP for a banned address.
  281. # It will reduce searching speed somewhat so unless you have a local caching
  282. # DNS server, leave it off and use the Blanket IP Block option in the
  283. # bannedsitelist file instead.
  284. reverseaddresslookups = off
  285.  
  286.  
  287.  
  288. # Reverse lookups for banned and exception IP lists.
  289. # If set to on, DansGuardian will look up the forward DNS for the IP
  290. # of the connecting computer.  This means you can put in hostnames in
  291. # the exceptioniplist and bannediplist.
  292. # If a client computer is matched against an IP given in the lists, then the
  293. # IP will be recorded in any log entries; if forward DNS is successful and a
  294. # match occurs against a hostname, the hostname will be logged instead.
  295. # It will reduce searching speed somewhat so unless you have a local DNS server,
  296. # leave it off.
  297. reverseclientiplookups = off
  298.  
  299.  
  300. # Perform reverse lookups on client IPs for successful requests.
  301. # If set to on, DansGuardian will look up the forward DNS for the IP
  302. # of the connecting computer, and log host names (where available) rather than
  303. # IPs against requests.
  304. # This is not dependent on reverseclientiplookups being enabled; however, if it
  305. # is, enabling this option does not incur any additional forward DNS requests.
  306. logclienthostnames = off
  307.  
  308.  
  309. # Build bannedsitelist and bannedurllist cache files.
  310. # This will compare the date stamp of the list file with the date stamp of
  311. # the cache file and will recreate as needed.
  312. # If a .processed file exists for an item (e.g. domain/URL) list, then that
  313. # will be used instead, if it is up to date (i.e. newer than the unprocessed
  314. # list file).
  315. # This can increase process start speed on slow computers.
  316. # Fast computers do not need this option.
  317. # on | off, default = on
  318. createlistcachefiles = on
  319.  
  320.  
  321. # Prefer cached list files
  322. # If enabled, DansGuardian will always prefer to load ".processed" versions of
  323. # list files, regardless of their time stamps relative to the original
  324. # unprocessed lists.  This is not generally useful unless you have a specific
  325. # list update process which results in - for example - up-to-date, pre-sorted
  326. # ".processed" list files with dummy unprocessed files.
  327. # on | off, default = off
  328. prefercachedlists = off
  329.  
  330.  
  331.  
  332. # POST protection (web upload and forms)
  333. # does not block forms without any file upload, i.e. this is just for
  334. # blocking or limiting uploads
  335. # measured in kibibytes after MIME encoding and header bumph
  336. # use 0 for a complete block
  337. # use higher (e.g. 512 = 512Kbytes) for limiting
  338. # use -1 for no blocking
  339. #maxuploadsize = 512
  340. #maxuploadsize = 0
  341. maxuploadsize = -1
  342.  
  343.  
  344.  
  345. # Max content filter size
  346. # Sometimes web servers label binary files as text which can be very
  347. # large which causes a huge drain on memory and cpu resources.
  348. # To counter this, you can limit the size of the document to be
  349. # filtered and get it to just pass it straight through.
  350. # This setting also applies to content regular expression modification.
  351. # The value must not be higher than maxcontentramcachescansize
  352. # The size is in Kibibytes - eg 2048 = 2Mb
  353. # use 0 to set it to maxcontentramcachescansize
  354. maxcontentfiltersize = 256
  355.  
  356.  
  357.  
  358. # Max content ram cache scan size
  359. # This is only used if you use a content scanner plugin such as AV
  360. # This is the max size of file that DG will download and cache
  361. # in RAM.  After this limit is reached it will cache to disk
  362. # This value must be less than or equal to maxcontentfilecachescansize.
  363. # The size is in Kibibytes - eg 10240 = 10Mb
  364. # use 0 to set it to maxcontentfilecachescansize
  365. # This option may be ignored by the configured download manager.
  366. maxcontentramcachescansize = 2000
  367.  
  368.  
  369.  
  370. # Max content file cache scan size
  371. # This is only used if you use a content scanner plugin such as AV
  372. # This is the max size file that DG will download
  373. # so that it can be scanned or virus checked.
  374. # This value must be greater or equal to maxcontentramcachescansize.
  375. # The size is in Kibibytes - eg 10240 = 10Mb
  376. maxcontentfilecachescansize = 20000
  377.  
  378.  
  379. # Proxy timeout
  380. # Set timeout between the Proxy and DansGuardian
  381. # Min 20 - Max 30
  382. proxytimeout = 20
  383.  
  384.  
  385. # File cache dir
  386. # Where DG will download files to be scanned if too large for the
  387. # RAM cache.
  388. filecachedir = '/tmp'
  389.  
  390.  
  391.  
  392. # Delete file cache after user completes download
  393. # When a file gets save to temp it stays there until it is deleted.
  394. # You can choose to have the file deleted when the user makes a sucessful
  395. # download.  This will mean if they click on the link to download from
  396. # the temp store a second time it will give a 404 error.
  397. # You should configure something to delete old files in temp to stop it filling up.
  398. # on|off (defaults to on)
  399. deletedownloadedtempfiles = on
  400.  
  401.  
  402.  
  403. # Initial Trickle delay
  404. # This is the number of seconds a browser connection is left waiting
  405. # before first being sent *something* to keep it alive.  The
  406. # *something* depends on the download manager chosen.
  407. # Do not choose a value too low or normal web pages will be affected.
  408. # A value between 20 and 110 would be sensible
  409. # This may be ignored by the configured download manager.
  410. initialtrickledelay = 20
  411.  
  412.  
  413.  
  414. # Trickle delay
  415. # This is the number of seconds a browser connection is left waiting
  416. # before being sent more *something* to keep it alive.  The
  417. # *something* depends on the download manager chosen.
  418. # This may be ignored by the configured download manager.
  419. trickledelay = 10
  420.  
  421.  
  422.  
  423. # Download Managers
  424. # These handle downloads of files to be filtered and scanned.
  425. # They differ in the method they deal with large downloads.
  426. # Files usually need to be downloaded 100% before they can be
  427. # filtered and scanned before being sent on to the browser.
  428. # Normally the browser can just wait, but with content scanning,
  429. # for example to AV, the browser may timeout or the user may get
  430. # confused so the download manager has to do some sort of
  431. # 'keep alive'.
  432. #
  433. # There are various methods possible but not all are included.
  434. # The author does not have the time to write them all so I have
  435. # included a plugin systam.  Also, not all methods work with all
  436. # browsers and clients.  Specifically some fancy methods don't
  437. # work with software that downloads updates.  To solve this,
  438. # each plugin can support a regular expression for matching
  439. # the client's user-agent string, and lists of the mime types
  440. # and extensions it should manage.
  441. #
  442. # Note that these are the matching methods provided by the base plugin
  443. # code, and individual plugins may override or add to them.
  444. # See the individual plugin conf files for supported options.
  445. #
  446. # The plugins are matched in the order you specify and the last
  447. # one is forced to match as the default, regardless of user agent
  448. # and other matching mechanisms.
  449. #
  450. downloadmanager = '/usr/local/etc/dansguardian/downloadmanagers/fancy.conf'
  451. ##!! Not compiled !! downloadmanager = '/usr/local/etc/dansguardian/downloadmanagers/trickle.conf'
  452. downloadmanager = '/usr/local/etc/dansguardian/downloadmanagers/default.conf'
  453.  
  454.  
  455.  
  456. # Content Scanners (Also known as AV scanners)
  457. # These are plugins that scan the content of all files your browser fetches
  458. # for example to AV scan.  The options are limitless.  Eventually all of
  459. # DansGuardian will be plugin based.  You can have more than one content
  460. # scanner. The plugins are run in the order you specify.
  461. # This is one of the few places you can have multiple options of the same name.
  462. #
  463. # Some of the scanner(s) require 3rd party software and libraries eg clamav.
  464. # See the individual plugin conf file for more options (if any).
  465. #
  466. #!! Not compiled !! contentscanner = '/usr/local/etc/dansguardian/contentscanners/clamdscan.conf'
  467. #!! Not compiled !! contentscanner = '/usr/local/etc/dansguardian/contentscanners/avastdscan.conf'
  468. #!! Not compiled !! contentscanner = '/usr/local/etc/dansguardian/contentscanners/kavdscan.conf'
  469. #!! Not compiled !! contentscanner = '/usr/local/etc/dansguardian/contentscanners/icapscan.conf'
  470. #!! Not compiled !! contentscanner = '/usr/local/etc/dansguardian/contentscanners/commandlinescan.conf'
  471.  
  472.  
  473.  
  474. # Content scanner timeout
  475. # Some of the content scanners support using a timeout value to stop
  476. # processing (eg AV scanning) the file if it takes too long.
  477. # If supported this will be used.
  478. # The default of 60 seconds is probably reasonable.
  479. contentscannertimeout = 60
  480.  
  481.  
  482.  
  483. # Content scan exceptions
  484. # If 'on' exception sites, urls, users etc will be scanned
  485. # This is probably not desirable behavour as exceptions are
  486. # supposed to be trusted and will increase load.
  487. # Correct use of grey lists are a better idea.
  488. # (on|off) default = off
  489. contentscanexceptions = off
  490.  
  491.  
  492.  
  493. # Auth plugins
  494. # These replace the usernameidmethod* options in previous versions. They
  495. # handle the extraction of client usernames from various sources, such as
  496. # Proxy-Authorisation headers and ident servers, enabling requests to be
  497. # handled according to the settings of the user's filter group.
  498. # Multiple plugins can be specified, and will be used per port in the order
  499. # filterports are listed.
  500. #
  501. # If you do not use multiple filter groups, you need not specify this option.
  502. #
  503. #authplugin = '/usr/local/etc/dansguardian/authplugins/proxy-basic.conf'
  504. #authplugin = '/usr/local/etc/dansguardian/authplugins/proxy-digest.conf'
  505. authplugin = '/usr/local/etc/dansguardian/authplugins/proxy-ntlm.conf'
  506. #authplugin = '/usr/local/etc/dansguardian/authplugins/ident.conf'
  507. #authplugin = '/usr/local/etc/dansguardian/authplugins/ip.conf'
  508.  
  509.  
  510.  
  511. # Re-check replaced URLs
  512. # As a matter of course, URLs undergo regular expression search/replace (urlregexplist)
  513. # *after* checking the exception site/URL/regexpURL lists, but *before* checking against
  514. # the banned site/URL lists, allowing certain requests that would be matched against the
  515. # latter in their original state to effectively be converted into grey requests.
  516. # With this option enabled, the exception site/URL/regexpURL lists are also re-checked
  517. # after replacement, making it possible for URL replacement to trigger exceptions based
  518. # on them.
  519. # Defaults to off.
  520. recheckreplacedurls = off
  521.  
  522.  
  523.  
  524. # Misc settings
  525.  
  526. # if on it adds an X-Forwarded-For: <clientip> to the HTTP request
  527. # header.  This may help solve some problem sites that need to know the
  528. # source ip. on | off
  529. forwardedfor = off
  530.  
  531.  
  532. # if on it uses the X-Forwarded-For: <clientip> to determine the client
  533. # IP. This is for when you have squid between the clients and DansGuardian.
  534. # Warning - headers are easily spoofed. on | off
  535. usexforwardedfor = off
  536.  
  537.  
  538. # if on it logs some debug info regarding fork()ing and accept()ing which
  539. # can usually be ignored.  These are logged by syslog.  It is safe to leave
  540. # it on or off
  541. logconnectionhandlingerrors = on
  542.  
  543.  
  544.  
  545. # Fork pool options
  546.  
  547. # If on, this causes DG to write to the log file whenever child processes are
  548. # created or destroyed (other than by crashes). This information can help in
  549. # understanding and tuning the following parameters, but is not generally
  550. # useful in production.
  551. logchildprocesshandling = off
  552.  
  553. # sets the maximum number of processes to spawn to handle the incoming
  554. # connections.  Max value usually 250 depending on OS.
  555. # On large sites you might want to try 180.
  556. maxchildren = 180
  557.  
  558.  
  559. # sets the minimum number of processes to spawn to handle the incoming connections.
  560. # On large sites you might want to try 32.
  561. minchildren = 32
  562.  
  563.  
  564. # sets the minimum number of processes to be kept ready to handle connections.
  565. # On large sites you might want to try 8.
  566. minsparechildren = 8
  567.  
  568.  
  569. # sets the minimum number of processes to spawn when it runs out
  570. # On large sites you might want to try 10.
  571. preforkchildren = 10
  572.  
  573.  
  574. # sets the maximum number of processes to have doing nothing.
  575. # When this many are spare it will cull some of them.
  576. # On large sites you might want to try 64.
  577. maxsparechildren = 32
  578.  
  579.  
  580. # sets the maximum age of a child process before it croaks it.
  581. # This is the number of connections they handle before exiting.
  582. # On large sites you might want to try 10000.
  583. maxagechildren = 5000
  584.  
  585.  
  586. # Sets the maximum number client IP addresses allowed to connect at once.
  587. # Use this to set a hard limit on the number of users allowed to concurrently
  588. # browse the web. Set to 0 for no limit, and to disable the IP cache process.
  589. maxips = 0
  590.  
  591.  
  592.  
  593. # Process options
  594. # (Change these only if you really know what you are doing).
  595. # These options allow you to run multiple instances of DansGuardian on a single machine.
  596. # Remember to edit the log file path above also if that is your intention.
  597.  
  598. # IPC filename
  599. #
  600. # Defines IPC server directory and filename used to communicate with the log process.
  601. ipcfilename = '/tmp/.dguardianipc'
  602.  
  603. # URL list IPC filename
  604. #
  605. # Defines URL list IPC server directory and filename used to communicate with the URL
  606. # cache process.
  607. urlipcfilename = '/tmp/.dguardianurlipc'
  608.  
  609. # IP list IPC filename
  610. #
  611. # Defines IP list IPC server directory and filename, for communicating with the client
  612. # IP cache process.
  613. ipipcfilename = '/tmp/.dguardianipipc'
  614.  
  615. # PID filename
  616. #
  617. # Defines process id directory and filename.
  618. #pidfilename = '/usr/local/var/run/dansguardian.pid'
  619.  
  620. # Disable daemoning
  621. # If enabled the process will not fork into the background.
  622. # It is not usually advantageous to do this.
  623. # on|off (defaults to off)
  624. nodaemon = off
  625.  
  626. # Disable logging process
  627. # on|off (defaults to off)
  628. nologger = off
  629.  
  630. # Enable logging of "ADs" category blocks
  631. # on|off (defaults to off)
  632. logadblocks = off
  633.  
  634. # Enable logging of client User-Agent
  635. # Some browsers will cause a *lot* of extra information on each line!
  636. # on|off (defaults to off)
  637. loguseragent = off
  638.  
  639. # Daemon runas user and group
  640. # This is the user that DansGuardian runs as.  Normally the user/group nobody.
  641. # Uncomment to use.  Defaults to the user set at compile time.
  642. # Temp files created during virus scanning are given owner and group read
  643. # permissions; to use content scanners based on external processes, such as
  644. # clamdscan, the two processes must run with either the same group or user ID.
  645. daemonuser = 'root'
  646. daemongroup = 'root'
  647.  
  648. # Soft restart
  649. # When on this disables the forced killing off all processes in the process group.
  650. # This is not to be confused with the -g run time option - they are not related.
  651. # on|off (defaults to off)
  652. softrestart = off
  653.  
  654. # Mail program
  655. # Path (sendmail-compatible) email program, with options.
  656. # Not used if usesmtp is disabled (filtergroup specific).
  657. #!! Not compiled !!mailer = '/usr/sbin/sendmail -t'
  658.  
  659. #SSL certificate checking path
  660. #Path to CA certificates used to validate the certificates of https sites.
  661. #sslcertificatepath = '/etc/ssl/certs/'
  662.  
  663. #SSL man in the middle
  664. #CA certificate path
  665. #Path to the CA certificate to use as a signing certificate for
  666. #generated certificates.
  667. #cacertificatepath = '/home/stephen/dginstall/ca.pem'
  668.  
  669. #CA private key path
  670. #path to the private key that matches the public key in the CA certificate.
  671. #caprivatekeypath = '/home/stephen/dginstall/ca.key'
  672.  
  673. #Cert private key path
  674. #The public / private key pair used by all generated certificates
  675. #certprivatekeypath = '/home/stephen/dginstall/cert.key'
  676.  
  677. #Generated cert path
  678. #The location where generated certificates will be saved for future use.
  679. #(must be writable by the dg user)
  680. #generatedcertpath = '/home/stephen/dginstall/generatedcerts/'
  681.  
  682. #Generated link path = ''
  683. #The location where symlinks to certificates will be created.
  684. #(must be writable by the dg user)
  685. #generatedlinkpath = '/home/stephen/dginstall/generatedlinks/'
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!