net/e2guardian/files/e2guardianf1.conf

   1 # e2guardian filter group config file for version 3.0.4
   2
   3
   4 # Filter group mode
   5 # This option determines whether members of this group have their web access
   6 # unfiltered, filtered, or banned.
   7 #
   8 # 0 = banned
   9 # 1 = filtered
  10 # 2 = unfiltered (exception)
  11 #
  12 # Only filter groups with a mode of 1 need to define phrase, URL, site, extension,
  13 # mimetype and PICS lists; in other modes, these options are ignored to conserve
  14 # memory.
  15 #
  16 # Defaults to 0 if unspecified.
  17 # Unauthenticated users are treated as being in the first filter group.
  18 groupmode = 1
  19
  20 # Filter group name
  21 # Used to fill in the -FILTERGROUP- placeholder in the HTML template file, and to
  22 # name the group in the access logs
  23 # Defaults to empty string
  24 #groupname = ''
  25 groupname = ''
  26
  27 # Content filtering files location
  28 bannedphraselist = 'etc/e2guardian/lists/bannedphraselist'
  29 weightedphraselist = 'etc/e2guardian/lists/weightedphraselist'
  30 exceptionphraselist = 'etc/e2guardian/lists/exceptionphraselist'
  31 bannedsitelist = 'etc/e2guardian/lists/bannedsitelist'
  32 greysitelist = 'etc/e2guardian/lists/greysitelist'
  33 bannedsslsitelist = 'etc/e2guardian/lists/bannedsslsitelist'
  34 greysslsitelist = 'etc/e2guardian/lists/greysslsitelist'
  35 exceptionsitelist = 'etc/e2guardian/lists/exceptionsitelist'
  36 bannedurllist = 'etc/e2guardian/lists/bannedurllist'
  37 greyurllist = 'etc/e2guardian/lists/greyurllist'
  38 exceptionurllist = 'etc/e2guardian/lists/exceptionurllist'
  39 exceptionregexpurllist = 'etc/e2guardian/lists/exceptionregexpurllist'
  40 bannedregexpurllist = 'etc/e2guardian/lists/bannedregexpurllist'
  41 picsfile = 'etc/e2guardian/lists/pics'
  42 contentregexplist = 'etc/e2guardian/lists/contentregexplist'
  43 urlregexplist = 'etc/e2guardian/lists/urlregexplist'
  44 refererexceptionsitelist = 'etc/e2guardian/lists/refererexceptionsitelist'
  45 refererexceptionurllist = 'etc/e2guardian/lists/refererexceptionurllist'
  46 embededreferersitelist = 'etc/e2guardian/lists/embededreferersitelist'
  47 embededrefererurllist = 'etc/e2guardian/lists/embededrefererurllist'
  48 urlredirectregexplist = 'etc/e2guardian/lists/urlredirectregexplist'
  49
  50 # local versions of lists (where LOCAL_LISTS enabled)
  51 #localbannedsitelist = 'etc/e2guardian/lists/localbannedsitelist'
  52 #localgreysitelist = 'etc/e2guardian/lists/localgreysitelist'
  53 #localexceptionsitelist = 'etc/e2guardian/lists/localexceptionsitelist'
  54 #localbannedurllist = 'etc/e2guardian/lists/localbannedurllist'
  55 #localgreyurllist = 'etc/e2guardian/lists/localgreyurllist'
  56 #localexceptionurllist = 'etc/e2guardian/lists/localexceptionurllist'
  57 #localbannedsslsitelist = 'etc/e2guardian/lists/localbannedsslsitelist'
  58 #localgreysslsitelist = 'etc/e2guardian/lists/localgreysslsitelist'
  59 #localbannedsearchlist = 'etc/e2guardian/lists/localbannedsearchlist'
  60
  61 !! Not compiled !! authexceptionsitelist = 'etc/e2guardian/lists/authexceptionsitelist'
  62 !! Not compiled !! authexceptionurllist = 'etc/e2guardian/lists/authexceptionurllist'
  63
  64 # Filetype filtering
  65 #
  66 # Allow bannedregexpurllist with grey list mode
  67 # bannedregexpheaderlist and bannedregexpurllist
  68 #
  69 # bannedregexwithblanketblock = off
  70 #
  71 # Blanket download blocking
  72 # If enabled, all files will be blocked, unless they match the
  73 # exceptionextensionlist or exceptionmimetypelist.
  74 # These lists do not override virus scanning.
  75 # Exception lists defined above override all types of filtering, including
  76 # the blanket download block.
  77 # Defaults to disabled.
  78 # (on | off)
  79 #
  80 blockdownloads = off
  81 exceptionextensionlist = 'etc/e2guardian/lists/exceptionextensionlist'
  82 exceptionmimetypelist = 'etc/e2guardian/lists/exceptionmimetypelist'
  83 #
  84 # Use the following lists to block specific kinds of file downloads.
  85 # The two exception lists above can be used to override these.
  86 #
  87 bannedextensionlist = 'etc/e2guardian/lists/bannedextensionlist'
  88 bannedmimetypelist = 'etc/e2guardian/lists/bannedmimetypelist'
  89 #
  90 # In either file filtering mode, the following list can be used to override
  91 # MIME type & extension blocks for particular domains & URLs (trusted download sites).
  92 #
  93 exceptionfilesitelist = 'etc/e2guardian/lists/exceptionfilesitelist'
  94 exceptionfileurllist = 'etc/e2guardian/lists/exceptionfileurllist'
  95
  96 # POST protection (web upload and forms)
  97 # does not block forms without any file upload, i.e. this is just for
  98 # blocking or limiting uploads
  99 # measured in kibibytes after MIME encoding and header bumph
 100 # use 0 for a complete block
 101 # use higher (e.g. 512 = 512Kbytes) for limiting
 102 # use -1 for no blocking
 103 #maxuploadsize = 512
 104 #maxuploadsize = 0
 105 maxuploadsize = -1
 106
 107 # Categorise without blocking:
 108 # Supply categorised lists here and the category string shall be logged against
 109 # matching requests, but matching these lists does not perform any filtering
 110 # action.
 111 #logsitelist = 'etc/e2guardian/lists/logsitelist'
 112 #logurllist = 'etc/e2guardian/lists/logurllist'
 113 #logregexpurllist = 'etc/e2guardian/lists/logregexpurllist'
 114
 115 # Outgoing HTTP header rules:
 116 # Optional lists for blocking based on, and modification of, outgoing HTTP
 117 # request headers.  Format for headerregexplist is one modification rule per
 118 # line, similar to content/URL modifications.  Format for
 119 # bannedregexpheaderlist is one regular expression per line, with matching
 120 # headers causing a request to be blocked.
 121 # Headers are matched/replaced on a line-by-line basis, not as a contiguous
 122 # block.
 123 # Use for example, to remove cookies or prevent certain user-agents.
 124 headerregexplist = 'etc/e2guardian/lists/headerregexplist'
 125 bannedregexpheaderlist = 'etc/e2guardian/lists/bannedregexpheaderlist'
 126 addheaderregexplist = 'etc/e2guardian/lists/addheaderregexplist'
 127
 128 # Weighted phrase mode
 129 # Optional; overrides the weightedphrasemode option in e2guardian.conf
 130 # for this particular group.  See documentation for supported values in
 131 # that file.
 132 #weightedphrasemode = 0
 133
 134 # Naughtiness limit
 135 # This the limit over which the page will be blocked.  Each weighted phrase is given
 136 # a value either positive or negative and the values added up.  Phrases to do with
 137 # good subjects will have negative values, and bad subjects will have positive
 138 # values.  See the weightedphraselist file for examples.
 139 # As a guide:
 140 # 50 is for young children,  100 for old children,  160 for young adults.
 141 naughtynesslimit = 50
 142
 143 # Search term blocking
 144 # Search terms can be extracted from search URLs and filtered using one or
 145 # both of two different methods.
 146
 147 # Method 1 is that developed by Protex where specific
 148 # search terms are contained in a bannedsearchlist.
 149 # (localbannedsearchlist and bannedsearchoveridelist can be used to suppliment
 150 # and overide this list as required.)
 151 # These lists contain banned search words combinations on each line.
 152 # Words are separated by '+' and must be in sorted order within a line.
 153 #    so to block 'sexy girl' then the list must contain the line
 154 #       girl+sexy
 155 #    and this will block both 'sexy girl' and 'girl sexy'
 156 # To use this method, the searchregexplist must be enabled and the bannedsearchlist(s) defined
 157
 158 # Method 2 is uses the
 159 # bannedphraselist, weightedphraselist and exceptionphraselist, with a separate
 160 # threshold for blocking than that used for normal page content.
 161 # To do this, the searchregexplist must be enabled and searchtermlimit
 162 # must be grater than 0.
 163
 164 #
 165 # Search engine regular expression list (need for both options)
 166 # List of regular expressions for matching search engine URLs.  It is assumed
 167 # that the search terms themselves will be contained in the
 168 # of output of each expression.
 169 #searchregexplist = 'etc/e2guardian/lists/searchregexplist'
 170 #
 171 # Banned Search Term list(s) for option 1
 172 #bannedsearchlist = 'etc/e2guardian/lists/bannedsearchlist'
 173 #bannedsearchoveridelist = 'etc/e2guardian/lists/bannedsearchoveridelist'
 174
 175
 176 # Search term limit (for Option 2)
 177 # The limit over which requests will be blocked for containing search terms
 178 # which match the weightedphraselist.  This should usually be lower than the
 179 # 'naughtynesslimit' value above, because the amount of text being filtered
 180 # is only a few words, rather than a whole page.
 181 # This option must be uncommented if searchregexplist is uncommented.
 182 # A value of 0 here indicates that search terms should be extracted,
 183 # but no phrase filtering should be performed on the resulting text.
 184 #searchtermlimit = 0
 185 #
 186 # Search term phrase lists (for Option 2)
 187 # If the three lines below are uncommented, search term blocking will use
 188 # the banned, weighted & exception phrases from these lists, instead of using
 189 # the same phrase lists as for page content.  This is optional but recommended,
 190 # as weights for individual phrases in the "normal" lists may not be
 191 # appropriate for blocking when those phrases appear in a much smaller block
 192 # of text.
 193 # Please note that all or none of the below should be uncommented, not a
 194 # mixture.
 195 #bannedsearchtermlist = 'etc/e2guardian/lists/bannedsearchtermlist'
 196 #weightedsearchtermlist = 'etc/e2guardian/lists/weightedsearchtermlist'
 197 #exceptionsearchtermlist = 'etc/e2guardian/lists/exceptionsearchtermlist'
 198
 199 # Category display threshold
 200 # This option only applies to pages blocked by weighted phrase filtering.
 201 # Defines the minimum score that must be accumulated within a particular
 202 # category in order for it to show up on the block pages' category list.
 203 # All categories under which the page scores positively will be logged; those
 204 # that were not displayed to the user appear in brackets.
 205 #
 206 # -1 = display only the highest scoring category
 207 # 0 = display all categories (default)
 208 # > 0 = minimum score for a category to be displayed
 209 categorydisplaythreshold = 0
 210
 211 # Embedded URL weighting
 212 # When set to something greater than zero, this option causes URLs embedded within a
 213 # page's HTML (from links, image tags, etc.) to be extracted and checked against the
 214 # bannedsitelist and bannedurllist. Each link to a banned page causes the amount set
 215 # here to be added to the page's weighting.
 216 # The behaviour of this option with regards to multiple occurrences of a site/URL is
 217 # affected by the weightedphrasemode setting.
 218 #
 219 # NB: Currently, this feature uses regular expressions that require the PCRE library.
 220 # As such, it is only available if you compiled DansGuardian with '--enable-pcre=yes'.
 221 # You can check compile-time options by running 'e2guardian -v'.
 222 #
 223 # Set to 0 to disable.
 224 # Defaults to 0.
 225 # WARNING: This option is highly CPU intensive!
 226 embeddedurlweight = 0
 227
 228 # Enable PICS rating support
 229 #
 230 # Defaults to disabled
 231 # (on | off)
 232 enablepics = off
 233
 234 # Temporary Denied Page Bypass
 235 # This provides a link on the denied page to bypass the ban for a few minutes.  To be
 236 # secure it uses a random hashed secret generated at daemon startup.  You define the
 237 # number of seconds the bypass will function for before the deny will appear again.
 238 # To allow the link on the denied page to appear you will need to edit the template.html
 239 # or e2guardian.pl file for your language.
 240 # 300 = enable for 5 minutes
 241 # 0 = disable ( defaults to 0 )
 242 # -1 = enable but you require a separate program/CGI to generate a valid link
 243 bypass = 0
 244
 245 # Temporary Denied Page Bypass Secret Key
 246 # Rather than generating a random key you can specify one.  It must be more than 8 chars.
 247 # '' = generate a random one (recommended and default)
 248 # 'Mary had a little lamb.' = an example
 249 # '76b42abc1cd0fdcaf6e943dcbc93b826' = an example
 250 bypasskey = ''
 251
 252 # Infection/Scan Error Bypass
 253 # Similar to the 'bypass' setting, but specifically for bypassing files scanned and found
 254 # to be infected, or files that trigger scanner errors - for example, archive types with
 255 # recognised but unsupported compression schemes, or corrupt archives.
 256 # The option specifies the number of seconds for which the bypass link will be valid.
 257 # 300 = enable for 5 minutes
 258 # 0 = disable (default)
 259 # -1 = enable, but require a separate program/CGI to generate a valid link
 260 infectionbypass = 0
 261
 262 # Infection/Scan Error Bypass Secret Key
 263 # Same as the 'bypasskey' option, but used for infection bypass mode.
 264 infectionbypasskey = ''
 265
 266 # Infection/Scan Error Bypass on Scan Errors Only
 267 # Enable this option to allow infectionbypass links only when virus scanning fails,
 268 # not when a file is found to contain a virus.
 269 # on = enable (default and highly recommended)
 270 # off = disable
 271 infectionbypasserrorsonly = on
 272
 273 # Disable content scanning
 274 # If you enable this option you will disable content scanning for this group.
 275 # Content scanning primarily is AV scanning (if enabled) but could include
 276 # other types.
 277 # (on|off) default = off.
 278 disablecontentscan = off
 279
 280 # Enable Deep URL Analysis
 281 # When enabled, DG looks for URLs within URLs, checking against the bannedsitelist and
 282 # bannedurllist. This can be used, for example, to block images originating from banned
 283 # sites from appearing in Google Images search results, as the original URLs are
 284 # embedded in the thumbnail GET requests.
 285 # (on|off) default = off
 286 deepurlanalysis = off
 287
 288 # reportinglevel
 289 #
 290 # -1 = log, but do not block - Stealth mode
 291 #  0 = just say 'Access Denied'
 292 #  1 = report why but not what denied phrase
 293 #  2 = report fully
 294 #  3 = use HTML template file (accessdeniedaddress ignored) - recommended
 295 #
 296 # If defined, this overrides the global setting in e2guardian.conf for
 297 # members of this filter group.
 298 #
 299 reportinglevel = 3
 300
 301 # accessdeniedaddress is the address of your web server to which the cgi
 302 # e2guardian reporting script was copied. Only used in reporting levels
 303 # 1 and 2.
 304 #
 305 # This webserver must be either:
 306 #  1. Non-proxied. Either a machine on the local network, or listed as an
 307 #     exception in your browser's proxy configuration.
 308 #  2. Added to the exceptionsitelist. Option 1 is preferable; this option is
 309 #     only for users using both transparent proxying and a non-local server
 310 #     to host this script.
 311 #
 312 # If defined, this overrides the global setting in e2guardian.conf for
 313 # members of this filter group.
 314 #
 315 #accessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/cgi-bin/e2guardian.pl'
 316
 317 # sslaccessdeniedaddress is the address of your web server to which the static page
 318 # e2guardian reporting was copied. Only used in reporting levels 3 (avoid blank page)
 319 # Work only in firefox with ssldeniedrewrite off
 320
 321 # sslaccessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/denyssl.htm'
 322
 323 # Break SSL protocol and redirect to another HTTPS website for denied page (sslaccessdeniedaddress url)
 324
 325 #ssldeniedrewrite = 'on'
 326
 327 # HTML Template override
 328 # If defined, this specifies a custom HTML template file for members of this
 329 # filter group, overriding the global setting in e2guardian.conf. This is
 330 # only used in reporting level 3.
 331 #
 332 # The default template file path is <languagedir>/<language>/template.h
 333 # e.g. share/e2guardian/languages/ukenglish/template.html when using 'ukenglish'
 334 # language.
 335 #
 336 # This option generates a file path of the form:
 337 # <languagedir>/<language>/<htmltemplate>
 338 # e.g. share/e2guardian/languages/ukenglish/custom.html
 339 #
 340 #htmltemplate = 'custom.html'
 341
 342 # Non standard delimiter (only used with accessdeniedaddress)
 343 # To help preserve the full banned URL, including parameters, the variables
 344 # passed into the access denied CGI are separated using non-standard
 345 # delimiters. This can be useful to ensure correct operation of the filter
 346 # bypass modes. Parameters are split using "::" in place of "&", and "==" in
 347 # place of "=".
 348 # Default is enabled, but to go back to the standard mode, disable it.
 349
 350 #nonstandarddelimiter = off
 351
 352 # Email reporting - original patch by J. Gauthier
 353
 354 # Use SMTP
 355 # If on, will enable system wide events to be reported by email.
 356 # need to configure mail program (see 'mailer' in global config)
 357 # and email recipients
 358 # default usesmtp = off
 359 #!! Not compiled !!usesmtp = off
 360
 361 # mailfrom
 362 # who the email would come from
 363 # example: mailfrom = 'e2guardian@mycompany.com'
 364 #!! Not compiled !!mailfrom = ''
 365
 366 # avadmin
 367 # who the virus emails go to (if notify av is on)
 368 # example: avadmin = 'admin@mycompany.com'
 369 #!! Not compiled !!avadmin = ''
 370
 371 # contentdmin
 372 # who the content emails go to (when thresholds are exceeded)
 373 # and contentnotify is on
 374 # example: contentadmin = 'admin@mycompany.com'
 375 #!! Not compiled !!contentadmin = ''
 376
 377 # avsubject
 378 # Subject of the email sent when a virus is caught.
 379 # only applicable if notifyav is on
 380 # default avsubject = 'e2guardian virus block'
 381 #!! Not compiled !!avsubject = 'e2guardian virus block'
 382
 383 # content
 384 # Subject of the email sent when violation thresholds are exceeded
 385 # default contentsubject = 'e2guardian violation'
 386 #!! Not compiled !!contentsubject = 'e2guardian violation'
 387
 388 # notifyAV
 389 # This will send a notification, if usesmtp/notifyav is on, any time an
 390 # infection is found.
 391 # Important: If this option is off, viruses will still be recorded like a
 392 # content infraction.
 393 #!! Not compiled !!notifyav = off
 394
 395 # notifycontent
 396 # This will send a notification, if usesmtp is on, based on thresholds
 397 # below
 398 #!! Not compiled !!notifycontent = off
 399
 400 # thresholdbyuser
 401 # results are only predictable with user authenticated configs
 402 # if enabled the violation/threshold count is kept track of by the user
 403 #!! Not compiled !!thresholdbyuser = off
 404
 405 #violations
 406 # number of violations before notification
 407 # setting to 0 will never trigger a notification
 408 #!! Not compiled !!violations = 0
 409
 410 #threshold
 411 # this is in seconds. If 'violations' occur in 'threshold' seconds, then
 412 # a notification is made.
 413 # if this is set to 0, then whenever the set number of violations are made a
 414 # notifaction will be sent.
 415 #!! Not compiled !!threshold = 0
 416
 417 #SSL certificate checking
 418 # Check that ssl certificates for servers on https connections are valid
 419 # and signed by a ca in the configured path
 420 sslcertcheck = off
 421
 422 #SSL man in the middle
 423 # Forge ssl certificates for all sites, decrypt the data then re encrypt it
 424 # using a different private key. Used to filter ssl sites
 425 sslmitm = off
 426