DansGuardian - Web content filtering


Dans Guardian is a content filter that works together with existing proxy servers. Although simple to install and configure, it's still very powerful in that it will scan URLs, page content, reference PICS ratings, and more. I installed it on my home network.

Here are the basic steps I followed, as well as a plain english description of the path a web request follows. Some knowledge of basic TCP/IP networking, the HTTP protocol, proxies, and firewalling with the Linux kernel may help. Some of these steps are based on using the Netmaster GG-Blade (http://www.netmaster.com) but should work in a variety of environments.

First, some other links that may be useful:

Installation & Configuration

Transparent Proxy configuration

In my setup, I have a Linux firewall (http://www.netmaster.com) that only provides firewalling services. Squid and Dansguardian are running on a seperate Linux server on the internal network. The ultimate goal of setting up content filtering is to have everybody use it, without being able to get around it. One way to do this is to block all out going web (port 80) requests, and only allow them from the proxy server. This will force every user to specify a port in their browser configuration if their browser supports it. An easier method is to set up some firewall rules:

In plain english

... here is what will happen to outgoing HTTP requests if a proxy server is not set in your browser:

Read more about Linux, LinuxSecurity, Squid, Debian, ContentFiltering