Dansguardian Ubuntu Linux Install how-to

From Kathmann Labs

Jump to: navigation, search
Go back to the main project page
If you are installing to a piece of hardware, skip the first step.

Install Ubuntu in a VM (can also be on physical machine)

Install SSH, Squid cache, and DansGuardian

  • make appropriate changes to the APT sources file
  • vi /etc/apt/sources.list
  • comment out the line starting with 'deb cdrom'
  • uncomment the bottom two lines with 'universe' at the end
  • apt-get update - after making changes to the sources.list file, you need to run update for apt-get to start using those sources
  • apt-get install ssh squid dansguardian - install openssh (optional, for remote administration), Squid cache, and DansGuardian

Configure DansGuardian

  • vi /etc/dansguardian/dansguardian.conf
  • comment out the UNCONFIGURED line
  • change the variable 'virusscan' to off - I'll do instructions soon on how to finish configuring clamav for use with DansGuardian

Add ports to firewall

  • Add ports to firewall - this part is optional, but highly recommended. There are many ways to do this, this was just my preferred way
  • copy the following to the file /etc/network/if-up.d/iptables-config 
  #!/bin/bash
  iptables -F
  # set the default policy for each of the pre-defined chains
  iptables -P INPUT ACCEPT
  iptables -P OUTPUT ACCEPT
  iptables -P FORWARD DROP
  iptables -A INPUT -i lo -j ACCEPT
  iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
  # to allow incoming SSH and Proxy
  iptables -A INPUT -p tcp --dport 22 -j ACCEPT
  iptables -A INPUT -m state --state NEW -p tcp -m tcp -s 127.0.0.1 --dport 3128 -j ACCEPT
  iptables -A INPUT -m state --state NEW -p tcp -m tcp --dport 8080 -j ACCEPT
  # drop everything else
  iptables -A INPUT -i eth+ -p udp -j DROP
  iptables -A INPUT -i eth+ -p tcp -m tcp --syn -j DROP
  • chmod +x /etc/network/if-up.d/iptables-config - makes the iptables-config script executable

Enable SSH, DansGuardian, and Squid cache on system startup

update-rc.d ssh defaults
update-rc.d squid defaults
update-rc.d dansguardian defaults

Restart the daemons

  • /etc/init.d/networking restart - restarts the networking components to firewall changes take effect
  • /etc/init.d/squid restart - restarts the squid daemons
  • /etc/init.d/dansguardian restart - restarts the DansGuardian daemons
Done
Go back to the main project page
Retrieved from "http://www.kathmannlabs.net/mediawiki/index.php/Dansguardian_Ubuntu_Linux_Install_how-to"
Personal tools
extras