API tools faq
paste
Advertisement
Guest User

e2guardianf1.conf

a guest
Apr 14th, 2017
2,279
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 19.43 KB | None | 0 0
raw download clone embed print report
  1. # e2guardian filter group config file for version 4.0.2
  2.  
  3. # This file is re-read on gentle restart and any changes actions
  4.  
  5.  
  6. # Filter group mode IS NOT LONGER SUPPORTED after 4.x
  7. # This option determines whether members of this group have their web access
  8. # unfiltered, filtered, or banned.
  9. #
  10. # 0 = banned
  11. # Replaced by bannedsitelist and bannedsitelist
  12. # To block all sites except those in the
  13. # exceptionsitelist and greysitelist files remove
  14. # the # from the next line to leave only a '**':
  15. #
  16. # Unauthenticated users are treated as being in the first filter group.
  17. # groupmode = 1 #DISABLED
  18.  
  19. # Filter group name
  20. # Used to fill in the -FILTERGROUP- placeholder in the HTML template file, and to
  21. # name the group in the access logs
  22. # Defaults to empty string
  23. #groupname = ''
  24. groupname = 'no_mame_group'
  25.  
  26. # Enable legacy (DG) ssl logic
  27. #
  28. # Note that the logic for handling SSL is changed. In DG when either blanket block (or SSL blanket block)
  29. # was active then an SSL site would not be blocked if site name matched either exceptionsitelist or greysitelist.
  30. # In e2guardian with blanket block (or SSL blanket block) active an SSL site will only be allowed if it matches
  31. # exceptionsitelist or greysslsitelist. This ensures that only trusted sites can be accessed via SSL.
  32. # The greysslsitelist is used in order to allow a site to drop through so that it's domain can be mangled via urlregexplist,
  33. # e.g. To use the Google mechanism for prevention of https Google search, or to allow an SSL site whilst blocking the corresponding http: site.
  34. #
  35. # Default off (logic as above)
  36. # For legacy (DG style) logic then set ssllegacylogic to on
  37. # Note that MITM cannot work with this flag set
  38. # ssllegacylogic = off
  39.  
  40. # Content filtering files location
  41. bannedphraselist = '/etc/e2guardian/lists/bannedphraselist'
  42. weightedphraselist = '/etc/e2guardian/lists/weightedphraselist'
  43. exceptionphraselist = '/etc/e2guardian/lists/exceptionphraselist'
  44. bannedsitelist = '/etc/e2guardian/lists/bannedsitelist'
  45. greysitelist = '/etc/e2guardian/lists/greysitelist'
  46. bannedsslsitelist = '/etc/e2guardian/lists/bannedsslsitelist'
  47. greysslsitelist = '/etc/e2guardian/lists/greysslsitelist'
  48. exceptionsitelist = '/etc/e2guardian/lists/exceptionsitelist'
  49. bannedurllist = '/etc/e2guardian/lists/bannedurllist'
  50. greyurllist = '/etc/e2guardian/lists/greyurllist'
  51. exceptionurllist = '/etc/e2guardian/lists/exceptionurllist'
  52. exceptionregexpurllist = '/etc/e2guardian/lists/exceptionregexpurllist'
  53. bannedregexpurllist = '/etc/e2guardian/lists/bannedregexpurllist'
  54. picsfile = '/etc/e2guardian/lists/pics'
  55. contentregexplist = '/etc/e2guardian/lists/contentregexplist'
  56. urlregexplist = '/etc/e2guardian/lists/urlregexplist'
  57. refererexceptionsitelist = '/etc/e2guardian/lists/refererexceptionsitelist'
  58. refererexceptionurllist = '/etc/e2guardian/lists/refererexceptionurllist'
  59. embededreferersitelist = '/etc/e2guardian/lists/embededreferersitelist'
  60. embededrefererurllist = '/etc/e2guardian/lists/embededrefererurllist'
  61. urlredirectregexplist = '/etc/e2guardian/lists/urlredirectregexplist'
  62. sslsiteregexplist = '/etc/e2guardian/lists/sslsiteregexplist'
  63.  
  64. # local versions of lists (where LOCAL_LISTS enabled)
  65. #enablelocallists = on
  66. #localbannedsitelist = '/etc/e2guardian/lists/localbannedsitelist'
  67. #localgreysitelist = '/etc/e2guardian/lists/localgreysitelist'
  68. #localexceptionsitelist = '/etc/e2guardian/lists/localexceptionsitelist'
  69. #localbannedurllist = '/etc/e2guardian/lists/localbannedurllist'
  70. #localgreyurllist = '/etc/e2guardian/lists/localgreyurllist'
  71. #localexceptionurllist = '/etc/e2guardian/lists/localexceptionurllist'
  72. #localbannedsslsitelist = '/etc/e2guardian/lists/localbannedsslsitelist'
  73. #localgreysslsitelist = '/etc/e2guardian/lists/localgreysslsitelist'
  74. #localbannedsearchlist = '/etc/e2guardian/lists/localbannedsearchlist'
  75.  
  76. !! Not compiled !! authexceptionsitelist = '/etc/e2guardian/lists/authexceptionsitelist'
  77. !! Not compiled !! authexceptionurllist = '/etc/e2guardian/lists/authexceptionurllist'
  78.  
  79. # Filetype filtering
  80. #
  81. # Allow bannedregexpurllist with grey list mode
  82. # bannedregexpheaderlist and bannedregexpurllist
  83. #
  84. # bannedregexwithblanketblock = off
  85. #
  86. # Blanket download blocking
  87. # If enabled, all files will be blocked, unless they match the
  88. # exceptionextensionlist or exceptionmimetypelist.
  89. # These lists do not override virus scanning.
  90. # Exception lists defined above override all types of filtering, including
  91. # the blanket download block.
  92. # Defaults to disabled.
  93. # (on | off)
  94. #
  95. blockdownloads = off
  96. exceptionextensionlist = '/etc/e2guardian/lists/exceptionextensionlist'
  97. exceptionmimetypelist = '/etc/e2guardian/lists/exceptionmimetypelist'
  98. #
  99. # Use the following lists to block specific kinds of file downloads.
  100. # The two exception lists above can be used to override these.
  101. #
  102. bannedextensionlist = '/etc/e2guardian/lists/bannedextensionlist'
  103. bannedmimetypelist = '/etc/e2guardian/lists/bannedmimetypelist'
  104. #
  105. # In either file filtering mode, the following list can be used to override
  106. # MIME type & extension blocks for particular domains & URLs (trusted download sites).
  107. #
  108. exceptionfilesitelist = '/etc/e2guardian/lists/exceptionfilesitelist'
  109. exceptionfileurllist = '/etc/e2guardian/lists/exceptionfileurllist'
  110.  
  111. # POST protection (web upload and forms)
  112. # does not block forms without any file upload, i.e. this is just for
  113. # blocking or limiting uploads
  114. # measured in kibibytes after MIME encoding and header bumph
  115. # use 0 for a complete block
  116. # use higher (e.g. 512 = 512Kbytes) for limiting
  117. # use -1 for no blocking
  118. #maxuploadsize = 512
  119. #maxuploadsize = 0
  120. maxuploadsize = -1
  121.  
  122. # Categorise without blocking:
  123. # Supply categorised lists here and the category string shall be logged against
  124. # matching requests, but matching these lists does not perform any filtering
  125. # action.
  126. #logsitelist = '/etc/e2guardian/lists/logsitelist'
  127. #logurllist = '/etc/e2guardian/lists/logurllist'
  128. #logregexpurllist = '/etc/e2guardian/lists/logregexpurllist'
  129.  
  130. # Outgoing HTTP header rules:
  131. # Optional lists for blocking based on, and modification of, outgoing HTTP
  132. # request headers. Format for headerregexplist is one modification rule per
  133. # line, similar to content/URL modifications. Format for
  134. # bannedregexpheaderlist is one regular expression per line, with matching
  135. # headers causing a request to be blocked.
  136. # Headers are matched/replaced on a line-by-line basis, not as a contiguous
  137. # block.
  138. # Use for example, to remove cookies or prevent certain user-agents.
  139. headerregexplist = '/etc/e2guardian/lists/headerregexplist'
  140. bannedregexpheaderlist = '/etc/e2guardian/lists/bannedregexpheaderlist'
  141. addheaderregexplist = '/etc/e2guardian/lists/addheaderregexplist'
  142.  
  143. # Weighted phrase mode
  144. # Optional; overrides the weightedphrasemode option in e2guardian.conf
  145. # for this particular group. See documentation for supported values in
  146. # that file.
  147. #weightedphrasemode = 0
  148.  
  149. # Naughtiness limit
  150. # This the limit over which the page will be blocked. Each weighted phrase is given
  151. # a value either positive or negative and the values added up. Phrases to do with
  152. # good subjects will have negative values, and bad subjects will have positive
  153. # values. See the weightedphraselist file for examples.
  154. # As a guide:
  155. # 50 is for young children, 100 for old children, 160 for young adults.
  156. naughtynesslimit = 50
  157.  
  158. # Search term blocking
  159. # Search terms can be extracted from search URLs and filtered using one or
  160. # both of two different methods.
  161.  
  162. # Method 1 is that developed by Protex where specific
  163. # search terms are contained in a bannedsearchlist.
  164. # (localbannedsearchlist and bannedsearchoveridelist can be used to suppliment
  165. # and overide this list as required.)
  166. # These lists contain banned search words combinations on each line.
  167. # Words are separated by '+' and must be in sorted order within a line.
  168. # so to block 'sexy girl' then the list must contain the line
  169. # girl+sexy
  170. # and this will block both 'sexy girl' and 'girl sexy'
  171. # To use this method, the searchregexplist must be enabled and the bannedsearchlist(s) defined
  172.  
  173. # Method 2 is uses the
  174. # bannedphraselist, weightedphraselist and exceptionphraselist, with a separate
  175. # threshold for blocking than that used for normal page content.
  176. # To do this, the searchregexplist must be enabled and searchtermlimit
  177. # must be greater than 0.
  178.  
  179. #
  180. # Search engine regular expression list (need for both options)
  181. # List of regular expressions for matching search engine URLs. It is assumed
  182. # that the search terms themselves will be contained in the
  183. # of output of each expression.
  184. searchregexplist = '/etc/e2guardian/lists/searchregexplist'
  185. #
  186. # Banned Search Term list(s) for option 1
  187.  
  188. bannedsearchlist = '/etc/e2guardian/lists/bannedsearchlist'
  189. bannedsearchoveridelist = '/etc/e2guardian/lists/bannedsearchoveridelist'
  190.  
  191.  
  192. # Search term limit (for Option 2)
  193. # The limit over which requests will be blocked for containing search terms
  194. # which match the weightedphraselist. This should usually be lower than the
  195. # 'naughtynesslimit' value above, because the amount of text being filtered
  196. # is only a few words, rather than a whole page.
  197. # This option must be uncommented if searchregexplist is uncommented.
  198. # A value of 0 here indicates that search terms should be extracted,
  199. # but no phrase filtering should be performed on the resulting text.
  200. #searchtermlimit = 0
  201. #
  202. # Search term phrase lists (for Option 2)
  203. # If the three lines below are uncommented, search term blocking will use
  204. # the banned, weighted & exception phrases from these lists, instead of using
  205. # the same phrase lists as for page content. This is optional but recommended,
  206. # as weights for individual phrases in the "normal" lists may not be
  207. # appropriate for blocking when those phrases appear in a much smaller block
  208. # of text.
  209. # Please note that all or none of the below should be uncommented, not a
  210. # mixture.
  211. #bannedsearchtermlist = '/etc/e2guardian/lists/bannedsearchtermlist'
  212. #weightedsearchtermlist = '/etc/e2guardian/lists/weightedsearchtermlist'
  213. #exceptionsearchtermlist = '/etc/e2guardian/lists/exceptionsearchtermlist'
  214.  
  215. # Category display threshold
  216. # This option only applies to pages blocked by weighted phrase filtering.
  217. # Defines the minimum score that must be accumulated within a particular
  218. # category in order for it to show up on the block pages' category list.
  219. # All categories under which the page scores positively will be logged; those
  220. # that were not displayed to the user appear in brackets.
  221. #
  222. # -1 = display only the highest scoring category
  223. # 0 = display all categories (default)
  224. # > 0 = minimum score for a category to be displayed
  225. categorydisplaythreshold = 0
  226.  
  227. # Embedded URL weighting
  228. # When set to something greater than zero, this option causes URLs embedded within a
  229. # page's HTML (from links, image tags, etc.) to be extracted and checked against the
  230. # bannedsitelist and bannedurllist. Each link to a banned page causes the amount set
  231. # here to be added to the page's weighting.
  232. # The behaviour of this option with regards to multiple occurrences of a site/URL is
  233. # affected by the weightedphrasemode setting.
  234. #
  235. # NB: Currently, this feature uses regular expressions that require the PCRE library.
  236. # As such, it is only available if you compiled e2guardian with '--enable-pcre=yes'.
  237. # You can check compile-time options by running 'e2guardian -v'.
  238. #
  239. # Set to 0 to disable.
  240. # Defaults to 0.
  241. # WARNING: This option is highly CPU intensive!
  242. embeddedurlweight = 1
  243.  
  244. # Enable PICS rating support - PICS support withdrawn
  245.  
  246. # Temporary Denied Page Bypass
  247. # This provides a link on the denied page to bypass the ban for a few minutes. To be
  248. # secure it uses a random hashed secret generated at daemon startup. You define the
  249. # number of seconds the bypass will function for before the deny will appear again.
  250. # To allow the link on the denied page to appear you will need to edit the template.html
  251. # or e2guardian.pl file for your language.
  252. # 300 = enable for 5 minutes
  253. # 0 = disable ( defaults to 0 )
  254. # -1 = enable but you require a separate program/CGI to generate a valid link
  255. bypass = 0
  256.  
  257. # Temporary Denied Page Bypass Secret Key
  258. # Rather than generating a random key you can specify one. It must be more than 8 chars.
  259. # '' = generate a random one (recommended and default)
  260. # 'Mary had a little lamb.' = an example
  261. # '76b42abc1cd0fdcaf6e943dcbc93b826' = an example
  262. bypasskey = ''
  263.  
  264. # Infection/Scan Error Bypass
  265. # Similar to the 'bypass' setting, but specifically for bypassing files scanned and found
  266. # to be infected, or files that trigger scanner errors - for example, archive types with
  267. # recognised but unsupported compression schemes, or corrupt archives.
  268. # The option specifies the number of seconds for which the bypass link will be valid.
  269. # 300 = enable for 5 minutes
  270. # 0 = disable (default)
  271. # -1 = enable, but require a separate program/CGI to generate a valid link
  272. infectionbypass = 0
  273.  
  274. # Infection/Scan Error Bypass Secret Key
  275. # Same as the 'bypasskey' option, but used for infection bypass mode.
  276. infectionbypasskey = ''
  277.  
  278. # Infection/Scan Error Bypass on Scan Errors Only
  279. # Enable this option to allow infectionbypass links only when virus scanning fails,
  280. # not when a file is found to contain a virus.
  281. # on = enable (default and highly recommended)
  282. # off = disable
  283. infectionbypasserrorsonly = on
  284.  
  285. # Disable content scanning
  286. # If you enable this option you will disable content scanning for this group.
  287. # Content scanning primarily is AV scanning (if enabled) but could include
  288. # other types.
  289. # (on|off) default = off.
  290. disablecontentscan = off
  291.  
  292. # Enable Deep URL Analysis
  293. # When enabled, DG looks for URLs within URLs, checking against the bannedsitelist and
  294. # bannedurllist. This can be used, for example, to block images originating from banned
  295. # sites from appearing in Google Images search results, as the original URLs are
  296. # embedded in the thumbnail GET requests.
  297. # (on|off) default = off
  298. deepurlanalysis = on
  299.  
  300. # reportinglevel
  301. #
  302. # -1 = log, but do not block - Stealth mode
  303. # 0 = just say 'Access Denied'
  304. # 1 = report why but not what denied phrase
  305. # 2 = report fully
  306. # 3 = use HTML template file (accessdeniedaddress ignored) - recommended
  307. #
  308. # If defined, this overrides the global setting in e2guardian.conf for
  309. # members of this filter group.
  310. #
  311. reportinglevel = 3
  312.  
  313. # accessdeniedaddress is the address of your web server to which the cgi
  314. # e2guardian reporting script was copied. Only used in reporting levels
  315. # 1 and 2.
  316. #
  317. # This webserver must be either:
  318. # 1. Non-proxied. Either a machine on the local network, or listed as an
  319. # exception in your browser's proxy configuration.
  320. # 2. Added to the exceptionsitelist. Option 1 is preferable; this option is
  321. # only for users using both transparent proxying and a non-local server
  322. # to host this script.
  323. #
  324. #accessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/cgi-bin/e2guardian.pl'
  325.  
  326. # sslaccessdeniedaddress is the address of your web server to which the static page
  327. # e2guardian reporting was copied.
  328.  
  329. # With ssldeniedrewrite 'off' it works only with firefox
  330. # With ssldeniedrewrite 'on' there are several limitations, SSL warning, basic page, etc, eg this webserver can't be listed as an
  331. # exception in your browser's proxy configuration.
  332. # Keep in mind, this is only a trick to avoid blank page, the best way still to use SSLMITM
  333. #
  334. sslaccessdeniedaddress = 'http://192.168.20.8/denyssl.htm'
  335.  
  336. # Break SSL protocol and redirect to another HTTPS website for denied page (sslaccessdeniedaddress url)
  337.  
  338. ssldeniedrewrite = 'on'
  339.  
  340. # HTML Template override
  341. # If defined, this specifies a custom HTML template file for members of this
  342. # filter group, overriding the global setting in e2guardian.conf. This is
  343. # only used in reporting level 3.
  344. #
  345. # The default template file path is <languagedir>/<language>/template.h
  346. # e.g. /usr/share/e2guardian/languages/ukenglish/template.html when using 'ukenglish'
  347. # language.
  348. #
  349. # This option generates a file path of the form:
  350. # <languagedir>/<language>/<htmltemplate>
  351. # e.g. /usr/share/e2guardian/languages/ukenglish/custom.html
  352. #
  353. #htmltemplate = 'custom.html'
  354.  
  355. # Non standard delimiter (only used with accessdeniedaddress)
  356. # To help preserve the full banned URL, including parameters, the variables
  357. # passed into the access denied CGI are separated using non-standard
  358. # delimiters. This can be useful to ensure correct operation of the filter
  359. # bypass modes. Parameters are split using "::" in place of "&", and "==" in
  360. # place of "=".
  361. # Default is enabled, but to go back to the standard mode, disable it.
  362.  
  363. #nonstandarddelimiter = off
  364.  
  365. # Email reporting - original patch by J. Gauthier
  366.  
  367. # Use SMTP
  368. # If on, will enable system wide events to be reported by email.
  369. # need to configure mail program (see 'mailer' in global config)
  370. # and email recipients
  371. # default usesmtp = off
  372. usesmtp = off #NOT YET TESTED
  373.  
  374. # mailfrom
  375. # who the email would come from
  376. # example: mailfrom = 'e2guardian@mycompany.com'
  377. mailfrom = ''
  378.  
  379. # avadmin
  380. # who the virus emails go to (if notify av is on)
  381. # example: avadmin = 'admin@mycompany.com'
  382. avadmin = ''
  383.  
  384. # contentdmin
  385. # who the content emails go to (when thresholds are exceeded)
  386. # and contentnotify is on
  387. # example: contentadmin = 'admin@mycompany.com'
  388. contentadmin = ''
  389.  
  390. # avsubject
  391. # Subject of the email sent when a virus is caught.
  392. # only applicable if notifyav is on
  393. # default avsubject = 'e2guardian virus block'
  394. avsubject = 'e2guardian virus block'
  395.  
  396. # content
  397. # Subject of the email sent when violation thresholds are exceeded
  398. # default contentsubject = 'e2guardian violation'
  399. contentsubject = 'e2guardian violation'
  400.  
  401. # notifyAV
  402. # This will send a notification, if usesmtp/notifyav is on, any time an
  403. # infection is found.
  404. # Important: If this option is off, viruses will still be recorded like a
  405. # content infraction.
  406. notifyav = off
  407.  
  408. # notifycontent
  409. # This will send a notification, if usesmtp is on, based on thresholds
  410. # below
  411. notifycontent = off
  412.  
  413. # thresholdbyuser
  414. # results are only predictable with user authenticated configs
  415. # if enabled the violation/threshold count is kept track of by the user
  416. thresholdbyuser = off
  417.  
  418. #violations
  419. # number of violations before notification
  420. # setting to 0 will never trigger a notification
  421. violations = 0
  422.  
  423. #threshold
  424. # this is in seconds. If 'violations' occur in 'threshold' seconds, then
  425. # a notification is made.
  426. # if this is set to 0, then whenever the set number of violations are made a
  427. # notifaction will be sent.
  428. threshold = 0
  429.  
  430. #NOTE to enable SSL MITM or CERT checking
  431. # enablessl must be defined as 'yes' in e2guardian.conf
  432.  
  433. #SSL certificate checking
  434. # Check that ssl certificates for servers on https connections are valid
  435. # and signed by a ca in the configured path
  436. sslcertcheck = off
  437.  
  438. #SSL man in the middle
  439. # Forge ssl certificates for all non-exception sites, decrypt the data then re encrypt it
  440. # using a different private key. Used to filter ssl sites
  441. sslmitm = on
  442.  
  443. #Limit SSL MITM to sites in greysslsitelist(s)
  444. # ignored if sslmitm is off
  445. # SSL sites not matching greysslsitelist will be treat as if sslmitm is off.
  446. onlymitmsslgrey = off
  447.  
  448. # Enable MITM site certificate checking
  449. # ignored if sslmitm is off
  450. # default (recommended) is 'on'
  451. mitmcheckcert = off
  452.  
  453. #Do not check ssl certificates for sites listed
  454. # Can be used to allow sites with self-signed or invalid certificates
  455. # or to reduced CPU load by not checking certs on heavily used sites (e.g. Google, Bing)
  456. # Use with caution!
  457. # Ignored if mitmcheckcert is 'off'
  458. nocheckcertsitelist = '/etc/e2guardian/lists/nocheckcertsitelist'
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!