e2guardianf1.conf 18 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430
  1. # e2guardian filter group config file for version 3.1.2
  2. # Filter group mode
  3. # This option determines whether members of this group have their web access
  4. # unfiltered, filtered, or banned.
  5. #
  6. # 0 = banned
  7. # 1 = filtered
  8. # 2 = unfiltered (exception)
  9. #
  10. # Only filter groups with a mode of 1 need to define phrase, URL, site, extension,
  11. # mimetype and PICS lists; in other modes, these options are ignored to conserve
  12. # memory.
  13. #
  14. # Defaults to 0 if unspecified.
  15. # Unauthenticated users are treated as being in the first filter group.
  16. groupmode = 1
  17. # Filter group name
  18. # Used to fill in the -FILTERGROUP- placeholder in the HTML template file, and to
  19. # name the group in the access logs
  20. # Defaults to empty string
  21. #groupname = ''
  22. groupname = ''
  23. # Content filtering files location
  24. bannedphraselist = '/etc/e2guardian/lists/bannedphraselist'
  25. weightedphraselist = '/etc/e2guardian/lists/weightedphraselist'
  26. exceptionphraselist = '/etc/e2guardian/lists/exceptionphraselist'
  27. bannedsitelist = '/etc/e2guardian/lists/bannedsitelist'
  28. greysitelist = '/etc/e2guardian/lists/greysitelist'
  29. bannedsslsitelist = '/etc/e2guardian/lists/bannedsslsitelist'
  30. greysslsitelist = '/etc/e2guardian/lists/greysslsitelist'
  31. exceptionsitelist = '/etc/e2guardian/lists/exceptionsitelist'
  32. bannedurllist = '/etc/e2guardian/lists/bannedurllist'
  33. greyurllist = '/etc/e2guardian/lists/greyurllist'
  34. exceptionurllist = '/etc/e2guardian/lists/exceptionurllist'
  35. exceptionregexpurllist = '/etc/e2guardian/lists/exceptionregexpurllist'
  36. bannedregexpurllist = '/etc/e2guardian/lists/bannedregexpurllist'
  37. picsfile = '/etc/e2guardian/lists/pics'
  38. contentregexplist = '/etc/e2guardian/lists/contentregexplist'
  39. urlregexplist = '/etc/e2guardian/lists/urlregexplist'
  40. refererexceptionsitelist = '/etc/e2guardian/lists/refererexceptionsitelist'
  41. refererexceptionurllist = '/etc/e2guardian/lists/refererexceptionurllist'
  42. embededreferersitelist = '/etc/e2guardian/lists/embededreferersitelist'
  43. embededrefererurllist = '/etc/e2guardian/lists/embededrefererurllist'
  44. urlredirectregexplist = '/etc/e2guardian/lists/urlredirectregexplist'
  45. # local versions of lists (where LOCAL_LISTS enabled)
  46. #localbannedsitelist = '/etc/e2guardian/lists/localbannedsitelist'
  47. #localgreysitelist = '/etc/e2guardian/lists/localgreysitelist'
  48. #localexceptionsitelist = '/etc/e2guardian/lists/localexceptionsitelist'
  49. #localbannedurllist = '/etc/e2guardian/lists/localbannedurllist'
  50. #localgreyurllist = '/etc/e2guardian/lists/localgreyurllist'
  51. #localexceptionurllist = '/etc/e2guardian/lists/localexceptionurllist'
  52. #localbannedsslsitelist = '/etc/e2guardian/lists/localbannedsslsitelist'
  53. #localgreysslsitelist = '/etc/e2guardian/lists/localgreysslsitelist'
  54. #localbannedsearchlist = '/etc/e2guardian/lists/localbannedsearchlist'
  55. !! Not compiled !! authexceptionsitelist = '/etc/e2guardian/lists/authexceptionsitelist'
  56. !! Not compiled !! authexceptionurllist = '/etc/e2guardian/lists/authexceptionurllist'
  57. # Filetype filtering
  58. #
  59. # Allow bannedregexpurllist with grey list mode
  60. # bannedregexpheaderlist and bannedregexpurllist
  61. #
  62. # bannedregexwithblanketblock = off
  63. #
  64. # Blanket download blocking
  65. # If enabled, all files will be blocked, unless they match the
  66. # exceptionextensionlist or exceptionmimetypelist.
  67. # These lists do not override virus scanning.
  68. # Exception lists defined above override all types of filtering, including
  69. # the blanket download block.
  70. # Defaults to disabled.
  71. # (on | off)
  72. #
  73. blockdownloads = off
  74. exceptionextensionlist = '/etc/e2guardian/lists/exceptionextensionlist'
  75. exceptionmimetypelist = '/etc/e2guardian/lists/exceptionmimetypelist'
  76. #
  77. # Use the following lists to block specific kinds of file downloads.
  78. # The two exception lists above can be used to override these.
  79. #
  80. bannedextensionlist = '/etc/e2guardian/lists/bannedextensionlist'
  81. bannedmimetypelist = '/etc/e2guardian/lists/bannedmimetypelist'
  82. #
  83. # In either file filtering mode, the following list can be used to override
  84. # MIME type & extension blocks for particular domains & URLs (trusted download sites).
  85. #
  86. exceptionfilesitelist = '/etc/e2guardian/lists/exceptionfilesitelist'
  87. exceptionfileurllist = '/etc/e2guardian/lists/exceptionfileurllist'
  88. # POST protection (web upload and forms)
  89. # does not block forms without any file upload, i.e. this is just for
  90. # blocking or limiting uploads
  91. # measured in kibibytes after MIME encoding and header bumph
  92. # use 0 for a complete block
  93. # use higher (e.g. 512 = 512Kbytes) for limiting
  94. # use -1 for no blocking
  95. #maxuploadsize = 512
  96. #maxuploadsize = 0
  97. maxuploadsize = -1
  98. # Categorise without blocking:
  99. # Supply categorised lists here and the category string shall be logged against
  100. # matching requests, but matching these lists does not perform any filtering
  101. # action.
  102. #logsitelist = '/etc/e2guardian/lists/logsitelist'
  103. #logurllist = '/etc/e2guardian/lists/logurllist'
  104. #logregexpurllist = '/etc/e2guardian/lists/logregexpurllist'
  105. # Outgoing HTTP header rules:
  106. # Optional lists for blocking based on, and modification of, outgoing HTTP
  107. # request headers. Format for headerregexplist is one modification rule per
  108. # line, similar to content/URL modifications. Format for
  109. # bannedregexpheaderlist is one regular expression per line, with matching
  110. # headers causing a request to be blocked.
  111. # Headers are matched/replaced on a line-by-line basis, not as a contiguous
  112. # block.
  113. # Use for example, to remove cookies or prevent certain user-agents.
  114. headerregexplist = '/etc/e2guardian/lists/headerregexplist'
  115. bannedregexpheaderlist = '/etc/e2guardian/lists/bannedregexpheaderlist'
  116. addheaderregexplist = '/etc/e2guardian/lists/addheaderregexplist'
  117. # Weighted phrase mode
  118. # Optional; overrides the weightedphrasemode option in e2guardian.conf
  119. # for this particular group. See documentation for supported values in
  120. # that file.
  121. #weightedphrasemode = 0
  122. # Naughtiness limit
  123. # This the limit over which the page will be blocked. Each weighted phrase is given
  124. # a value either positive or negative and the values added up. Phrases to do with
  125. # good subjects will have negative values, and bad subjects will have positive
  126. # values. See the weightedphraselist file for examples.
  127. # As a guide:
  128. # 50 is for young children, 100 for old children, 160 for young adults.
  129. naughtynesslimit = 50
  130. # Search term blocking
  131. # Search terms can be extracted from search URLs and filtered using one or
  132. # both of two different methods.
  133. # Method 1 is that developed by Protex where specific
  134. # search terms are contained in a bannedsearchlist.
  135. # (localbannedsearchlist and bannedsearchoveridelist can be used to suppliment
  136. # and overide this list as required.)
  137. # These lists contain banned search words combinations on each line.
  138. # Words are separated by '+' and must be in sorted order within a line.
  139. # so to block 'sexy girl' then the list must contain the line
  140. # girl+sexy
  141. # and this will block both 'sexy girl' and 'girl sexy'
  142. # To use this method, the searchregexplist must be enabled and the bannedsearchlist(s) defined
  143. # Method 2 is uses the
  144. # bannedphraselist, weightedphraselist and exceptionphraselist, with a separate
  145. # threshold for blocking than that used for normal page content.
  146. # To do this, the searchregexplist must be enabled and searchtermlimit
  147. # must be grater than 0.
  148. #
  149. # Search engine regular expression list (need for both options)
  150. # List of regular expressions for matching search engine URLs. It is assumed
  151. # that the search terms themselves will be contained in the
  152. # of output of each expression.
  153. #searchregexplist = '/etc/e2guardian/lists/searchregexplist'
  154. #
  155. # Banned Search Term list(s) for option 1
  156. #bannedsearchlist = '/etc/e2guardian/lists/bannedsearchlist'
  157. #bannedsearchoveridelist = '/etc/e2guardian/lists/bannedsearchoveridelist'
  158. # Search term limit (for Option 2)
  159. # The limit over which requests will be blocked for containing search terms
  160. # which match the weightedphraselist. This should usually be lower than the
  161. # 'naughtynesslimit' value above, because the amount of text being filtered
  162. # is only a few words, rather than a whole page.
  163. # This option must be uncommented if searchregexplist is uncommented.
  164. # A value of 0 here indicates that search terms should be extracted,
  165. # but no phrase filtering should be performed on the resulting text.
  166. #searchtermlimit = 0
  167. #
  168. # Search term phrase lists (for Option 2)
  169. # If the three lines below are uncommented, search term blocking will use
  170. # the banned, weighted & exception phrases from these lists, instead of using
  171. # the same phrase lists as for page content. This is optional but recommended,
  172. # as weights for individual phrases in the "normal" lists may not be
  173. # appropriate for blocking when those phrases appear in a much smaller block
  174. # of text.
  175. # Please note that all or none of the below should be uncommented, not a
  176. # mixture.
  177. #bannedsearchtermlist = '/etc/e2guardian/lists/bannedsearchtermlist'
  178. #weightedsearchtermlist = '/etc/e2guardian/lists/weightedsearchtermlist'
  179. #exceptionsearchtermlist = '/etc/e2guardian/lists/exceptionsearchtermlist'
  180. # Category display threshold
  181. # This option only applies to pages blocked by weighted phrase filtering.
  182. # Defines the minimum score that must be accumulated within a particular
  183. # category in order for it to show up on the block pages' category list.
  184. # All categories under which the page scores positively will be logged; those
  185. # that were not displayed to the user appear in brackets.
  186. #
  187. # -1 = display only the highest scoring category
  188. # 0 = display all categories (default)
  189. # > 0 = minimum score for a category to be displayed
  190. categorydisplaythreshold = 0
  191. # Embedded URL weighting
  192. # When set to something greater than zero, this option causes URLs embedded within a
  193. # page's HTML (from links, image tags, etc.) to be extracted and checked against the
  194. # bannedsitelist and bannedurllist. Each link to a banned page causes the amount set
  195. # here to be added to the page's weighting.
  196. # The behaviour of this option with regards to multiple occurrences of a site/URL is
  197. # affected by the weightedphrasemode setting.
  198. #
  199. # NB: Currently, this feature uses regular expressions that require the PCRE library.
  200. # As such, it is only available if you compiled DansGuardian with '--enable-pcre=yes'.
  201. # You can check compile-time options by running 'e2guardian -v'.
  202. #
  203. # Set to 0 to disable.
  204. # Defaults to 0.
  205. # WARNING: This option is highly CPU intensive!
  206. embeddedurlweight = 0
  207. # Enable PICS rating support
  208. #
  209. # Defaults to disabled
  210. # (on | off)
  211. enablepics = off
  212. # Temporary Denied Page Bypass
  213. # This provides a link on the denied page to bypass the ban for a few minutes. To be
  214. # secure it uses a random hashed secret generated at daemon startup. You define the
  215. # number of seconds the bypass will function for before the deny will appear again.
  216. # To allow the link on the denied page to appear you will need to edit the template.html
  217. # or e2guardian.pl file for your language.
  218. # 300 = enable for 5 minutes
  219. # 0 = disable ( defaults to 0 )
  220. # -1 = enable but you require a separate program/CGI to generate a valid link
  221. bypass = 0
  222. # Temporary Denied Page Bypass Secret Key
  223. # Rather than generating a random key you can specify one. It must be more than 8 chars.
  224. # '' = generate a random one (recommended and default)
  225. # 'Mary had a little lamb.' = an example
  226. # '76b42abc1cd0fdcaf6e943dcbc93b826' = an example
  227. bypasskey = ''
  228. # Infection/Scan Error Bypass
  229. # Similar to the 'bypass' setting, but specifically for bypassing files scanned and found
  230. # to be infected, or files that trigger scanner errors - for example, archive types with
  231. # recognised but unsupported compression schemes, or corrupt archives.
  232. # The option specifies the number of seconds for which the bypass link will be valid.
  233. # 300 = enable for 5 minutes
  234. # 0 = disable (default)
  235. # -1 = enable, but require a separate program/CGI to generate a valid link
  236. infectionbypass = 0
  237. # Infection/Scan Error Bypass Secret Key
  238. # Same as the 'bypasskey' option, but used for infection bypass mode.
  239. infectionbypasskey = ''
  240. # Infection/Scan Error Bypass on Scan Errors Only
  241. # Enable this option to allow infectionbypass links only when virus scanning fails,
  242. # not when a file is found to contain a virus.
  243. # on = enable (default and highly recommended)
  244. # off = disable
  245. infectionbypasserrorsonly = on
  246. # Disable content scanning
  247. # If you enable this option you will disable content scanning for this group.
  248. # Content scanning primarily is AV scanning (if enabled) but could include
  249. # other types.
  250. # (on|off) default = off.
  251. disablecontentscan = off
  252. # Enable Deep URL Analysis
  253. # When enabled, DG looks for URLs within URLs, checking against the bannedsitelist and
  254. # bannedurllist. This can be used, for example, to block images originating from banned
  255. # sites from appearing in Google Images search results, as the original URLs are
  256. # embedded in the thumbnail GET requests.
  257. # (on|off) default = off
  258. deepurlanalysis = off
  259. # reportinglevel
  260. #
  261. # -1 = log, but do not block - Stealth mode
  262. # 0 = just say 'Access Denied'
  263. # 1 = report why but not what denied phrase
  264. # 2 = report fully
  265. # 3 = use HTML template file (accessdeniedaddress ignored) - recommended
  266. #
  267. # If defined, this overrides the global setting in e2guardian.conf for
  268. # members of this filter group.
  269. #
  270. reportinglevel = 3
  271. # accessdeniedaddress is the address of your web server to which the cgi
  272. # e2guardian reporting script was copied. Only used in reporting levels
  273. # 1 and 2.
  274. #
  275. # This webserver must be either:
  276. # 1. Non-proxied. Either a machine on the local network, or listed as an
  277. # exception in your browser's proxy configuration.
  278. # 2. Added to the exceptionsitelist. Option 1 is preferable; this option is
  279. # only for users using both transparent proxying and a non-local server
  280. # to host this script.
  281. #
  282. # If defined, this overrides the global setting in e2guardian.conf for
  283. # members of this filter group.
  284. #
  285. #accessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/cgi-bin/e2guardian.pl'
  286. # sslaccessdeniedaddress is the address of your web server to which the static page
  287. # e2guardian reporting was copied. Only used in reporting levels 3 (avoid blank page)
  288. # Work only in firefox with ssldeniedrewrite off
  289. # sslaccessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/denyssl.htm'
  290. # Break SSL protocol and redirect to another HTTPS website for denied page (sslaccessdeniedaddress url)
  291. #ssldeniedrewrite = 'on'
  292. # HTML Template override
  293. # If defined, this specifies a custom HTML template file for members of this
  294. # filter group, overriding the global setting in e2guardian.conf. This is
  295. # only used in reporting level 3.
  296. #
  297. # The default template file path is <languagedir>/<language>/template.h
  298. # e.g. /share/e2guardian/languages/ukenglish/template.html when using 'ukenglish'
  299. # language.
  300. #
  301. # This option generates a file path of the form:
  302. # <languagedir>/<language>/<htmltemplate>
  303. # e.g. /share/e2guardian/languages/ukenglish/custom.html
  304. #
  305. #htmltemplate = 'custom.html'
  306. # Non standard delimiter (only used with accessdeniedaddress)
  307. # To help preserve the full banned URL, including parameters, the variables
  308. # passed into the access denied CGI are separated using non-standard
  309. # delimiters. This can be useful to ensure correct operation of the filter
  310. # bypass modes. Parameters are split using "::" in place of "&", and "==" in
  311. # place of "=".
  312. # Default is enabled, but to go back to the standard mode, disable it.
  313. #nonstandarddelimiter = off
  314. # Email reporting - original patch by J. Gauthier
  315. # Use SMTP
  316. # If on, will enable system wide events to be reported by email.
  317. # need to configure mail program (see 'mailer' in global config)
  318. # and email recipients
  319. # default usesmtp = off
  320. #!! Not compiled !!usesmtp = off
  321. # mailfrom
  322. # who the email would come from
  323. # example: mailfrom = 'e2guardian@mycompany.com'
  324. #!! Not compiled !!mailfrom = ''
  325. # avadmin
  326. # who the virus emails go to (if notify av is on)
  327. # example: avadmin = 'admin@mycompany.com'
  328. #!! Not compiled !!avadmin = ''
  329. # contentdmin
  330. # who the content emails go to (when thresholds are exceeded)
  331. # and contentnotify is on
  332. # example: contentadmin = 'admin@mycompany.com'
  333. #!! Not compiled !!contentadmin = ''
  334. # avsubject
  335. # Subject of the email sent when a virus is caught.
  336. # only applicable if notifyav is on
  337. # default avsubject = 'e2guardian virus block'
  338. #!! Not compiled !!avsubject = 'e2guardian virus block'
  339. # content
  340. # Subject of the email sent when violation thresholds are exceeded
  341. # default contentsubject = 'e2guardian violation'
  342. #!! Not compiled !!contentsubject = 'e2guardian violation'
  343. # notifyAV
  344. # This will send a notification, if usesmtp/notifyav is on, any time an
  345. # infection is found.
  346. # Important: If this option is off, viruses will still be recorded like a
  347. # content infraction.
  348. #!! Not compiled !!notifyav = off
  349. # notifycontent
  350. # This will send a notification, if usesmtp is on, based on thresholds
  351. # below
  352. #!! Not compiled !!notifycontent = off
  353. # thresholdbyuser
  354. # results are only predictable with user authenticated configs
  355. # if enabled the violation/threshold count is kept track of by the user
  356. #!! Not compiled !!thresholdbyuser = off
  357. #violations
  358. # number of violations before notification
  359. # setting to 0 will never trigger a notification
  360. #!! Not compiled !!violations = 0
  361. #threshold
  362. # this is in seconds. If 'violations' occur in 'threshold' seconds, then
  363. # a notification is made.
  364. # if this is set to 0, then whenever the set number of violations are made a
  365. # notifaction will be sent.
  366. #!! Not compiled !!threshold = 0
  367. #SSL certificate checking
  368. # Check that ssl certificates for servers on https connections are valid
  369. # and signed by a ca in the configured path
  370. sslcertcheck = off
  371. #SSL man in the middle
  372. # Forge ssl certificates for all non-exception sites, decrypt the data then re encrypt it
  373. # using a different private key. Used to filter ssl sites
  374. sslmitm = off
  375. #Limit SSL MITM to sites in greysslsitelist(s)
  376. # ignored if sslmitm is off
  377. # SSL sites not matching greysslsitelist will be treat as if sslmitm is off.
  378. onlymitmsslgrey = off