Koozali.org: home of the SME Server
Obsolete Releases => SME Server 7.x => Topic started by: radbrad on February 13, 2007, 12:13:56 AM
-
I would like to build a stand alone content filter box. I have a router, firewall etc in place as do most companies.
I would like to put it between the router and the network switch.
I do not want to have to configure each and every brower with a proxy setting.
I guess I want it to filter packets for websites like myspace.com, xxx.com etc and be easy to administer and deploy.
If I can make this a stand alone box, it will work for any network out there kind of plug and play,
I can also make it into a VM to help others like me (but not until I have it working in real life).
Thank you ahead of time!
-
search for 'content filter' on the forum
-
I would like to build a stand alone content filter box. I have a router, firewall etc in place as do most companies.
It's not SME, but what has worked well for me is IPCop with the Cop+ addon. It's a standalone firewall distribution using Dansguardian content filter.
-
radbrad
Dansguardian can be installed on sme7.
There is a free implementation of Dansguardian (command prompt controlled only) and a commercial at cost version which has a server manager panel.
See this How To which uses a slightly older version
http://mirror.contribs.org/smeserver/contribs/rmitchell/smeserver/howto/dansguardian%20instal%20&%20configure%20HOWTO%20for%20sme%20server.htm
and newer details/rpms are at the dungog web site or just search here on dansguardian for yum install methods.
You have to learn to search Brad, there are many answers already provided.
-
I have found a Distro. It is Endian firewall. The community editiion (free). You can chose what parts to have running, so you do not have to have another firewall, but can have just content filtering. Nice GUI. Easy install from a boot distro.
Setup seperate zones for users, servers, wireless all with different access possabilities.
They are located here: http://www.endian.com/en/community/about/
Regards
radbrad
-
Can the endian software be used with SME server.. Will its installation on the SME server conflict with the existing firewall....
Do you recommend installing it or not...
Presently I am running SME in server mode.... and I find that a lot of ports are open... on the SME... I thought of using endian to block these ports.. if there is another way please recommend....
Regards
Ronald
-
resently I am running SME in server mode.... and I find that a lot of ports are open...
Firewall will be active if you run your server in server/gateway mode.
-
I dont have the need of running it in server/gateway as my sme is connected to the router lan port... i am using usr 9110 as the router...
-
Why do you want to block the ports then. The router should be capable to do that for you.
-
Router will only block ports from WAN.
What I was looking for was protect my SME from LAN users
-
Endian doesn't install on SME server, it's a separate distribution either as an Endian appliance or installed like IPCop on a separate server, typically an older "obsolete" pc. It's a stand-alone firewall distribution forked from IPCop which originally came from Smoothwall.
If it was me, I would set your server to server/gateway mode so you'll have the added security but you don't have to let it act as a gateway.
-
The beautiful thing about endian is you can pick and chose the things you want it to do. For example if you want the firewall you can turn it on or off. If you want content filering you can do the same. You enable spam, virus or any of the other functions. You can mix or match.
It does require a seperate computer. It also requires you use it as either a DHCP server or a DNS server for the content filer to work.
I will say though, the GUI interface is well laid out, and easy to understand and use. You can enable filtering on the fly and the transparent proxy works like a charm.
radbrad