tinyproxy + dansguardian

beyes · 发表于 2015-7-14 17:28:51

tinyproxy 是一款轻型的代理服务器软件。dansguardian 是一款内容过滤软件。

测试硬件平台：MT7620A + 16M FLASH + 128M 内存 + BB 14.07

效果一般，有时不稳定，还会导致某些页面无法显示以及显示错乱。

安装：

opkg update
opkg install tinyproxy luci-app-tinyproxy dansguardian

复制代码

删除 luci 缓存：

rm /tmp/luci-indexcache

复制代码

tinyproxy 的配置：

root@OpenWrt:~# cat /etc/config/tinyproxy

config tinyproxy
option User 'nobody'
option Group 'nogroup'
option Port '3128'
option Listen '127.0.0.1'
option Timeout '600'
option DefaultErrorFile '/usr/share/tinyproxy/default.html'
option StatFile '/usr/share/tinyproxy/stats.html'
option MaxClients '100'
option MinSpareServers '5'
option MaxSpareServers '20'
option StartServers '10'
option MaxRequestsPerChild '0'
option ViaProxyName 'tinyproxy'
list ConnectPort '443'
list ConnectPort '563'
option enabled '1'
option FilterExtended '1'
option FilterURLs '1'
option LogLevel 'Connect'
option Syslog '1'
option Allow '127.0.0.1'
option Allow '192.168.1.0/24'

做成透明代理(编辑 /etc/config/firewall ，增加下面部分)：

config redirect
option name 'transparent proxy'
option src 'lan'
option proto 'tcp'
option src_dport '80'
option dest_port '3128'
option src_dip '!192.168.1.1'
option dest_ip '192.168.1.1'

初始化 tinyproxy 的 log 文件：

root@OpenWrt:~# touch /var/log/tinyproxy.log
root@OpenWrt:~# chown nobody.nogroup /var/log/tinyproxy.log

做计划任务，定时重启 tinyproxy ：

root@OpenWrt:~# crontab -e<
0 22 * * * root /etc/init.d/tinyproxy restart

初始化 dansguardian 的 log 文件：

root@OpenWrt:~# mkdir /var/log/dansguardian
root@OpenWrt:~# touch /var/log/dansguardian/access.log
root@OpenWrt:~# touch /var/log/dansguardian/stats

dansguardian 的配置文件：

root@OpenWrt:~# root@OpenWrt:~# grep ^[^#] /etc/dansguardian/dansguardian.conf
reportinglevel = 2
languagedir = '/usr/share/dansguardian/languages'
language = 'ukenglish'
loglevel = 2
logexceptionhits = 2
logfileformat = 1
loglocation = '/var/log/dansguardian_access.log'
statlocation = '/var/log/dansguardian_stats'
filterip =
filterport = 8888
proxyip = 127.0.0.1
proxyport = 3128 #this have to match tinyproxy port
accessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/cgi-bin/dansguardian.pl'
nonstandarddelimiter = on
usecustombannedimage = off
custombannedimagefile = '/usr/share/dansguardian/transparent1x1.gif'
filtergroups = 1
filtergroupslist = '/etc/dansguardian/lists/filtergroupslist'
bannediplist = '/etc/dansguardian/lists/bannediplist'
exceptioniplist = '/etc/dansguardian/lists/exceptioniplist'
showweightedfound = on
weightedphrasemode = 2
urlcachenumber = 1000
urlcacheage = 900
scancleancache = on
phrasefiltermode = 2
preservecase = 0
hexdecodecontent = off
forcequicksearch = off
reverseaddresslookups = off
reverseclientiplookups = off
logclienthostnames = off
createlistcachefiles = on
maxuploadsize = -1
maxcontentfiltersize = 256
maxcontentramcachescansize = 2000
maxcontentfilecachescansize = 20000
filecachedir = '/tmp'
deletedownloadedtempfiles = on
initialtrickledelay = 20
trickledelay = 10
downloadmanager = '/etc/dansguardian/downloadmanagers/fancy.conf'
downloadmanager = '/etc/dansguardian/downloadmanagers/default.conf'
contentscannertimeout = 60
contentscanexceptions = off
recheckreplacedurls = off
forwardedfor = off
usexforwardedfor = off
logconnectionhandlingerrors = on
logchildprocesshandling = off
maxchildren = 120
minchildren = 8
minsparechildren = 4
preforkchildren = 6
maxsparechildren = 32
maxagechildren = 500
maxips = 0
ipcfilename = '/tmp/.dguardianipc'
urlipcfilename = '/tmp/.dguardianurlipc'
ipipcfilename = '/tmp/.dguardianipipc'
nodaemon = off
nologger = off
logadblocks = off
loguseragent = off
daemonuser = 'root'
daemongroup = 'root'
softrestart = off

还有 dansguardian 的 dansguardianf1.conf 配置文件：

root@OpenWrt:# grep ^[^#] /etc/dansguardian/dansguardianf1.conf
groupmode = 1
groupname = 'group_one'
bannedphraselist = '/etc/dansguardian/lists/bannedphraselist'
weightedphraselist = '/etc/dansguardian/lists/weightedphraselist'
exceptionphraselist = '/etc/dansguardian/lists/exceptionphraselist'
bannedsitelist = '/etc/dansguardian/lists/bannedsitelist'
greysitelist = '/etc/dansguardian/lists/greysitelist'
exceptionsitelist = '/etc/dansguardian/lists/exceptionsitelist'
bannedurllist = '/etc/dansguardian/lists/bannedurllist'
greyurllist = '/etc/dansguardian/lists/greyurllist'
exceptionurllist = '/etc/dansguardian/lists/exceptionurllist'
exceptionregexpurllist = '/etc/dansguardian/lists/exceptionregexpurllist'
bannedregexpurllist = '/etc/dansguardian/lists/bannedregexpurllist'
picsfile = '/etc/dansguardian/lists/pics'
contentregexplist = '/etc/dansguardian/lists/contentregexplist'
urlregexplist = '/etc/dansguardian/lists/urlregexplist'
blockdownloads = off
exceptionextensionlist = '/etc/dansguardian/lists/exceptionextensionlist'
exceptionmimetypelist = '/etc/dansguardian/lists/exceptionmimetypelist'
bannedextensionlist = '/etc/dansguardian/lists/bannedextensionlist'
bannedmimetypelist = '/etc/dansguardian/lists/bannedmimetypelist'
exceptionfilesitelist = '/etc/dansguardian/lists/exceptionfilesitelist'
exceptionfileurllist = '/etc/dansguardian/lists/exceptionfileurllist'
headerregexplist = '/etc/dansguardian/lists/headerregexplist'
bannedregexpheaderlist = '/etc/dansguardian/lists/bannedregexpheaderlist'
naughtynesslimit = 160
categorydisplaythreshold = 0
embeddedurlweight = 0
enablepics = off
bypass = 0
bypasskey = ''
infectionbypass = 0
infectionbypasskey = ''
infectionbypasserrorsonly = on
disablecontentscan = off
deepurlanalysis = off

运行 tinyproxy 和 dansguardian ：

root@OpenWrt:~# /etc/init.d/tinyproxy enable
root@OpenWrt:~# /etc/init.d/tinyproxy start
root@OpenWrt:~# /etc/init.d/firewall restart

在运行 dansguardian 时可能会看到：

Error reading custom image file: /usr/share/dansguardian/transparent1x1.gif

复制代码

这个不要紧，不影响运行。

重启 dansguardian 的话，只需要运行：

dansguardian -r

复制代码

可以查看一下 tinyproxy 和 dansguardian 之间的状况：

root@OpenWrt:~# tinyproxy -d -c /var/etc/tinyproxy.conf

复制代码

		自动登录	找回密码
密码			立即注册

[系统应用] tinyproxy + dansguardian

浏览过的版块