User login

Blocking websites using Dansguardian

Implementation for kiosk.

1). Changed the homepage of the kiosk user to an allowed website by editing /home/kiosk/.mozilla/firefox//user.js

2). Installed and configured dansguardian using the directions here:
http://ubuntuforums.org/showthread.php?t=207008

a). sudo apt-get install dansguardian tinyproxy firehol
b). Change the user's home page in firefox by editing /home/user/.mozilla/firefox//user.js
c). edit /etc/dansguardian/dansguardian.conf and comment the line that starts with UNCONFIGURED
d). run sudo dpkg-reconfigure dansguardian at the command line
e). Make the file /etc/firehol/firehol.conf have at least these options (without the four dashes at the top and bottom):

----
iptables -t filter -I OUTPUT -d 127.0.0.1 -p tcp --dport 3128 -m owner ! --uid-owner dansguardian -j DROP

transparent_squid 8080 "root root"

interface any world
policy drop
protection strong
client all accept
server cups accept
----

f). Make the file /etc/tinyproxy/tinyproxy.conf have at least these options:

----
User root
Group root

Port 3128

ViaProxyName "tinyproxy"

----

g). Edit /etc/default/firehol and set START_FIREHOL=YES. Run /etc/init.d/firehol restart to restart and run sudo get-iana (if it fails, ignore it)

h). Restart firehol, tinyproxy, and dansguardian (sudo /etc/init.d/ restart)

i). To blanket block, edit /etc/dansguardian/lists/bannedsitelist and uncomment ** under Blanket Block.

j). Add the accepted sites to /etc/dansguardian/lists/exceptionsitelist

3). Edited /etc/dansguardian/languages/ukenglish/template.html to include nothing but a meta refresh and an empty body.

4). Restart dansguardian sudo /etc/init.d/dansguardian restart (sometimes you have to use stop, then start if restart fails)

To view blocked sites:

$ less /var/log/dansguardian/access.log

or

$ grep DENIED /var/log/dansguardian/access.log | less

---

To change the "Access to web site blocked" page, go to /etc/dansguardian/languages and edit the template.html for your language. Use a meta refresh tag to send people back to a specific website.