squidguard 1.5-beta: Added switch for DNS Blacklist
Message ID | 20170122132425.1942-1-matthias.fischer@ipfire.org |
---|---|
State | Superseded |
Headers |
Return-Path: <development-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (unknown [172.28.1.200]) by web02.ipfire.org (Postfix) with ESMTP id 0CF9B61CEB for <patchwork@ipfire.org>; Sun, 22 Jan 2017 14:24:36 +0100 (CET) Received: from mail01.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id DE34713C1; Sun, 22 Jan 2017 14:24:34 +0100 (CET) Received: from Devel.localdomain (p5DD82631.dip0.t-ipconnect.de [93.216.38.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id A0433EFA for <development@lists.ipfire.org>; Sun, 22 Jan 2017 14:24:30 +0100 (CET) From: Matthias Fischer <matthias.fischer@ipfire.org> To: development@lists.ipfire.org Subject: [PATCH] squidguard 1.5-beta: Added switch for DNS Blacklist Date: Sun, 22 Jan 2017 14:24:25 +0100 Message-Id: <20170122132425.1942-1-matthias.fischer@ipfire.org> X-Mailer: git-send-email 2.11.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: IPFire development talk <development.lists.ipfire.org> List-Unsubscribe: <http://lists.ipfire.org/mailman/options/development>, <mailto:development-request@lists.ipfire.org?subject=unsubscribe> List-Archive: <http://lists.ipfire.org/pipermail/development/> List-Post: <mailto:development@lists.ipfire.org> List-Help: <mailto:development-request@lists.ipfire.org?subject=help> List-Subscribe: <http://lists.ipfire.org/mailman/listinfo/development>, <mailto:development-request@lists.ipfire.org?subject=subscribe> Errors-To: development-bounces@lists.ipfire.org Sender: "Development" <development-bounces@lists.ipfire.org> |
Message
Matthias Fischer
Jan. 23, 2017, 12:24 a.m. UTC
squidguard 1.5 has this feature, so I thought I could test this:
This patch adds the option to block against dns based blacklists.
For details see:
http://www.squidguard.org/Doc/extended.html
"Attention:
This feature requires squidGuard 1.5 or later or the dnsbl
patch for squidGuard 1.4 provided by INL - http://www.inl.fr/.
If you want to use external dns based blacklists such as black.uribl.com
for blocking you can use !dnsbl to dynamically check domain names against such services."
Example (squidGuard.conf):
...
acl {
default {
pass !dnsbl:your.preferred.blacklist.domain.com all
redirect http://localhost/block.html
}
}
...
"If you use !dnsbl without specifying a domain, black.uribl.com is used as default."
This is what I did for testing.
Discussion in german IPFire-Forum:
https://forum.ipfire.org/viewtopic.php?f=17&t=18083&sid=94b26f24a3d97891af84286ed939e3bb
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
---
html/cgi-bin/urlfilter.cgi | 15 +++++++++++++++
langs/de/cgi-bin/de.pl | 1 +
langs/en/cgi-bin/en.pl | 5 ++++-
langs/es/cgi-bin/es.pl | 1 +
langs/fr/cgi-bin/fr.pl | 1 +
langs/it/cgi-bin/it.pl | 1 +
langs/nl/cgi-bin/nl.pl | 1 +
langs/pl/cgi-bin/pl.pl | 1 +
langs/ru/cgi-bin/ru.pl | 1 +
langs/tr/cgi-bin/tr.pl | 1 +
lfs/squidguard | 2 +-
11 files changed, 28 insertions(+), 2 deletions(-)