DansGuardian Documentation Wiki

You are here: Main Index » patches_and_hacks


|

Wiki Information

Patches and Hacks

:!: This document was created for the 2.8 series whose stable tip was version 2.8.0.6. Most features have been incorporated into the 2.10 series, so patching the newer series is hardly ever necessary.

:!:Most of the following were source code patches. And they cannot be applied directly to the 2.10 series (in fact they are seldom even relevant). They may be most useful as guides in constructing your own source code modifications.

Introduction

There are several community-contributed patches that can be applied to the DansGuardian source prior to compiling the software. These patches add functionality to the current version and if regarded as stable and useful will generally be added to the main DansGuardian distribution in a future release.

AV Patch For 2.8 (AV Feature Standard In 2.10)

[http://www.harvest.com.br/asp/afn/dg.nsf Patch Web Site]

Patches DansGuardian to allow scanning web content for viruses.

Supported virus scanning engines include: * ClamAV * ClamDScan * Kaspersky * Sophie * Trophie

Google Patch For 2.8 (URL Modification [Including Forcing SafeSearch] Standard In 2.10)

[http://assets.e2bn.net/misc/patches/dg/ Patch Web Site]

Patches Dansguardian to enable URL blocking of thumbnail images and cached pages on Google and potentially on other sites. Where the URL matches any in the anonregexplist file, the remainder of the url is re-submitted for url checks against the blacklists.

Examples are given for google image thumbnails and for google cached pages, but the file could be extended to work with other search/anonimizer engines that supply the source url as an argument.

Version 1.3.1.1 can be regarded as beta as the base code (v1.3.1) has been successfully tested in production.

<i><b>Note</b> the general ability to modify URLs, and thus to do things like force Google “safe search” on, was included in DansGuardian beginning with version 2.9.0.1. Likewise the ability to find and filter URLs embedded within URLs was included in DansGuardian beginning with version 2.9.1.0. As a result, this patch is no longer needed unless you're still using version 2.8.0.6.

(If like many you consider the “important” part of this patch to be the URL modifying part, you're good to go with any 2.9.x version. But the standard DansGuardian “Deep URL Analysis” was first very easy to fool, then difficult to control, so although it blocked some objectionable Google thumbnail images it didn't become fully usable until version 2.9.9.0.)

The final DansGuardian implementations are more general than this patch, so it may be a bit tricky to upgrade your configuration from 2.8.x with this patch to 2.9.x with the standard features.</i>

Combined Tarballs For 2.8 (Both Patches Standard In 2.10)

Adam Kennedy makes source available that already have the AntiVirus patch and the Google patch applied to them.

DansGuardian 2.8.0.3 w/ AntiVirus 6.3.8 and Google 1.3.1.1 DansGuardian 2.8.0.4 w/ AntiVirus 6.3.8 and Google 1.3.1.1

Patches are available on the site as well to add Google to the DGAV 6.3.8 tarball. There is is also a patch for DansGuardian 2.8.0.4 to add AV and Google.

All files are available from http://www.niesc.k12.in.us/linux/dansguardian/

Dansguardian LDAP interface

[http://www.prompt.nl/uc/index.php?option=com_content&task=view&id=53&Itemid=80 Web Site]

Prompt (R.J. Baart) has created a few tools to store the authentication- and groupfilters of DansGardian (+ the antivirus plugin) in a LDAP directory. One tool converts the current DansGardian config files into a LDIF file, the other tool writes the Dansguardian config files based on the information strored in the LDAP. Part of each configuration stored in the LDAP is a md5 digest. It is used to detect a difference between the Dansguardian configuration stored in the LDAP and the “real” Dansguardian config files. Based on a comparison of the real and the stored configuration a cronjob is responsible of gently restarting Dansguardian (the -g option). Scripts are written in the perl language. The cronjob is based on a shell script.

The main reason we developed these tools is to create a simple administration tool suitable for any system or network administrator. Beside this, the total setup of a proxy server can be quite complex as shown in the schema below. Our tools support more than one Dansguardian configuration and more groups per configuration.

Please note: these tools are new. No garantee that they will work for you. We are very interested in feedback. We have very limited manpower and lots of customers, but as far as we can we will answers questions about these tools.

Please report success or failure to: dansguardian{at}prompt{dot}nl