Beide Seiten der vorigen RevisionVorhergehende ÜberarbeitungNächste Überarbeitung | Vorhergehende Überarbeitung |
tachtler:e2guardian_centos_7 [2018/10/29 08:53] – [/etc/e2guardian/e2guardian.conf] klaus | tachtler:e2guardian_centos_7 [2019/05/27 12:21] (aktuell) – [Erster Start clamd.e2guardian] klaus |
---|
* **language** = 'german' | * **language** = 'german' |
| |
**Ab Version 5.22** - Änderung des LOG-Level | **Ab Version 5.2** - Änderung des LOG-Level |
* **loglevel** = 2 | * **loglevel** = 2 |
| |
**Ab Version 5.2** - Änderung des LOG-File-Formats | **Ab Version 5.2** - Änderung des LOG-File-Formats |
* **loglevel** = 1 | * **logfileformat** = 1 |
| |
Filter für die IP-Adresse, an der der [[http://e2guardian.org|E2guardian]] lauschen soll: | Filter für die IP-Adresse, an der der [[http://e2guardian.org|E2guardian]] lauschen soll: |
* **filterip** = 192.168.0.50 | * **filterip** = 192.168.0.50 |
| |
| **Ab Version 5.2** - Proxy IP-Adresse, an der der [[http://e2guardian.org|E2guardian]] weiterreichen soll: |
| * **proxyip** = 127.0.0.1 (**Vorausgesetzt, selber HOST !!!**) |
| |
| **Ab Version 5.2** - Proxy Port, an der der [[http://e2guardian.org|E2guardian]] weiterreichen soll: |
| * **proxyport** = 3128 (**Vorausgesetzt, Standardport z.B. [[http://www.squid-cache.org/|Squid Cache]] !!!**) |
| |
Änderung des Parameterwertes (:!: **gegen die Empfehlung, da sonst das Download-Manager-Plugin "fancy" __NICHT__ funktioniert !!!**) | Änderung des Parameterwertes (:!: **gegen die Empfehlung, da sonst das Download-Manager-Plugin "fancy" __NICHT__ funktioniert !!!**) |
Kein Limit auf bestimmte IP-Adressen setzen | Kein Limit auf bestimmte IP-Adressen setzen |
* **xforwardedforfilterip** = | * **xforwardedforfilterip** = |
| |
| **__Bis Version 4.1.4__**: |
| |
Die Konfigurationsdatei ''/etc/e2guardian/e2guardian.conf'' **__ohne__** Kommentar- und Leerzeichen **inklusive der Änderungen**: | Die Konfigurationsdatei ''/etc/e2guardian/e2guardian.conf'' **__ohne__** Kommentar- und Leerzeichen **inklusive der Änderungen**: |
softrestart = off | softrestart = off |
mailer = '/usr/sbin/sendmail -t' | mailer = '/usr/sbin/sendmail -t' |
| </code> |
| |
| **__Ab Version 5.2__**: |
| |
| Die Konfigurationsdatei ''/etc/e2guardian/e2guardian.conf'' **__ohne__** Kommentar- und Leerzeichen **inklusive der Änderungen**: |
| <code ini> |
| languagedir = '/usr/share/e2guardian/languages' |
| language = 'german' |
| loglevel = 2 |
| logexceptionhits = 2 |
| logfileformat = 1 |
| filterip = 192.168.0.50 |
| filterports = 8080 |
| transparenthttpsport = 8443 |
| proxyip = 127.0.0.1 |
| proxyport = 3128 |
| proxytimeout = 5 |
| connecttimeout = 5 |
| proxyexchange = 61 |
| pcontimeout = 55 |
| originalip = off |
| usecustombannedimage = on |
| custombannedimagefile = '/usr/share/e2guardian/transparent1x1.gif' |
| usecustombannedflash = on |
| custombannedflashfile = '/usr/share/e2guardian/blockedflash.swf' |
| filtergroups = 6 |
| filtergroupslist = '/etc/e2guardian/lists/filtergroupslist' |
| iplist = 'name=bannedclient,messageno=100,logmessageno=103,path=/etc/e2guardian/lists/bannediplist' |
| iplist = 'name=exceptionclient,messageno=600,path=/etc/e2guardian/lists/exceptioniplist' |
| iplist = 'name=authexception,messageno=602,path=/etc/e2guardian/lists/authexceptioniplist' |
| sitelist = 'name=authexception,messageno=602,path=/etc/e2guardian/lists/authexceptionsitelist' |
| urllist = 'name=authexception,messageno=603,path=/etc/e2guardian/lists/authexceptionurllist' |
| showweightedfound = on |
| weightedphrasemode = 2 |
| phrasefiltermode = 2 |
| preservecase = 0 |
| hexdecodecontent = off |
| forcequicksearch = off |
| reverseaddresslookups = off |
| reverseclientiplookups = off |
| logclienthostnames = off |
| maxcontentfiltersize = 256 |
| filecachedir = '/tmp' |
| deletedownloadedtempfiles = on |
| initialtrickledelay = 2 |
| trickledelay = 1 |
| downloadmanager = '/etc/e2guardian/downloadmanagers/default.conf' |
| contentscanner = '/etc/e2guardian/contentscanners/clamdscan.conf' |
| contentscannertimeout = 60 |
| authplugin = '/etc/e2guardian/authplugins/proxy-basic.conf' |
| recheckreplacedurls = off |
| forwardedfor = on |
| usexforwardedfor = on |
| xforwardedforfilterip = |
| logconnectionhandlingerrors = on |
| httpworkers = 500 |
| nodaemon = off |
| nologger = off |
| logadblocks = off |
| loguseragent = off |
| enablessl = off |
| preauthstoryboard = '/etc/e2guardian/preauth.story' |
| searchsitelistforip = on |
</code> | </code> |
==== /etc/e2guardian/e2guardianf1.conf === | ==== /etc/e2guardian/e2guardianf1.conf === |
| |
Da die Konfigurationsdatei ''/etc/e2guardian/e2guardianf1.conf'' aufgrund von Kommentar- und Leerzeichen sehr schnell unübersichtlich ist, kann mit nachfolgendem Befehl, eine Ausgabe **ohne** Kommentar- und Leerzeilen erzeugt werden, welche dann nach der Grundinstallation von [[http://e2guardian.org|E2guardian]] wie folgt aussehen sollte: | Da die Konfigurationsdatei ''/etc/e2guardian/e2guardianf1.conf'' aufgrund von Kommentar- und Leerzeichen sehr schnell unübersichtlich ist, kann mit nachfolgendem Befehl, eine Ausgabe **ohne** Kommentar- und Leerzeilen erzeugt werden, welche dann nach der Grundinstallation von [[http://e2guardian.org|E2guardian]] wie folgt aussehen sollte: |
| |
| **__Bis Version 4.1.4__**: |
<code> | <code> |
# egrep -v '(^#|^$)' /etc/e2guardian/e2guardianf1.conf | # egrep -v '(^#|^$)' /etc/e2guardian/e2guardianf1.conf |
addheaderregexplist = '/etc/e2guardian/lists/addheaderregexplist' | addheaderregexplist = '/etc/e2guardian/lists/addheaderregexplist' |
naughtynesslimit = 50 | naughtynesslimit = 50 |
| |
categorydisplaythreshold = 0 | categorydisplaythreshold = 0 |
embeddedurlweight = 0 | embeddedurlweight = 0 |
mitmcheckcert = on | mitmcheckcert = on |
nocheckcertsitelist = '/etc/e2guardian/lists/nocheckcertsitelist' | nocheckcertsitelist = '/etc/e2guardian/lists/nocheckcertsitelist' |
| </code> |
| |
| |
| **__Ab Version 5.2__**: |
| <code> |
| # egrep -v '(^#|^ #|^$)' /etc/e2guardian/e2guardianf1.conf |
| </code> |
| Die Konfigurationsdatei ''/etc/e2guardian/e2guardianf1.conf'' **__ohne__** Kommentar- und Leerzeichen: |
| <code ini> |
| # egrep -v '(^#|^ #|^$)' /etc/e2guardian/e2guardianf1.conf |
| groupname = 'no_name_group' |
| storyboard = '/etc/e2guardian/examplef1.story' |
| bannedphraselist = '/etc/e2guardian/lists/bannedphraselist' |
| weightedphraselist = '/etc/e2guardian/lists/weightedphraselist' |
| exceptionphraselist = '/etc/e2guardian/lists/exceptionphraselist' |
| sitelist = 'name=banned,messageno=500,path=/etc/e2guardian/lists/bannedsitelist' |
| ipsitelist = 'name=banned,messageno=510,path=/etc/e2guardian/lists/bannedsiteiplist' |
| urllist = 'name=banned,messageno=501,path=/etc/e2guardian/lists/bannedurllist' |
| regexpboollist = 'name=banned,messageno=503,path=/etc/e2guardian/lists/bannedregexpurllist' |
| regexpboollist = 'name=banneduseragent,messageno=522,path=/etc/e2guardian/lists/bannedregexpuseragentlist' |
| sitelist = 'name=bannedssl,messageno=520,path=/etc/e2guardian/lists/bannedsslsitelist' |
| ipsitelist = 'name=bannedssl,messageno=520,path=/etc/e2guardian/lists/bannedsslsiteiplist' |
| sitelist = 'name=grey,path=/etc/e2guardian/lists/greysitelist' |
| ipsitelist = 'name=grey,path=/etc/e2guardian/lists/greysiteiplist' |
| urllist = 'name=grey,path=/etc/e2guardian/lists/greyurllist' |
| sitelist = 'name=greyssl,path=/etc/e2guardian/lists/greysslsitelist' |
| ipsitelist = 'name=greyssl,path=/etc/e2guardian/lists/greysslsiteiplist' |
| sitelist = 'name=exception,messageno=602,path=/etc/e2guardian/lists/exceptionsitelist' |
| ipsitelist = 'name=exception,messageno=602,path=/etc/e2guardian/lists/exceptionsiteiplist' |
| urllist = 'name=exception,messageno=603,path=/etc/e2guardian/lists/exceptionurllist' |
| regexpboollist = 'name=exception,messageno=609,path=/etc/e2guardian/lists/exceptionregexpurllist' |
| regexpboollist = 'name=exceptionuseragent,messageno=610,path=/etc/e2guardian/lists/exceptionregexpuseragentlist' |
| sitelist = 'name=refererexception,messageno=620,path=/etc/e2guardian/lists/refererexceptionsitelist' |
| ipsitelist = 'name=refererexception,messageno=620,path=/etc/e2guardian/lists/refererexceptionsiteiplist' |
| urllist = 'name=refererexception,messageno=620,path=/etc/e2guardian/lists/refererexceptionurllist' |
| sitelist = 'name=embededreferer,path=/etc/e2guardian/lists/embededreferersitelist' |
| ipsitelist = 'name=embededreferer,path=/etc/e2guardian/lists/embededreferersiteiplist' |
| urllist = 'name=embededreferer,path=/etc/e2guardian/lists/embededrefererurllist' |
| regexpreplacelist = 'name=change,path=/etc/e2guardian/lists/urlregexplist' |
| regexpreplacelist = 'name=sslreplace,path=/etc/e2guardian/lists/sslsiteregexplist' |
| regexpreplacelist = 'name=redirect,path=/etc/e2guardian/lists/urlredirectregexplist' |
| contentregexplist = '/etc/e2guardian/lists/contentregexplist' |
| sitelist = 'name=localbanned,messageno=560,path=/etc/e2guardian/lists/localbannedsitelist' |
| searchlist = 'name=localbanned,messageno=581,path=/etc/e2guardian/lists/localbannedsearchlist' |
| sitelist = 'name=localgrey,path=/etc/e2guardian/lists/localgreysitelist' |
| sitelist = 'name=localgreyssl,path=/etc/e2guardian/lists/localgreysslsitelist' |
| sitelist = 'name=localexception,messageno=662,path=/etc/e2guardian/lists/localexceptionsitelist' |
| fileextlist = 'name=exceptionextension,path=/etc/e2guardian/lists/exceptionextensionlist' |
| mimelist = 'name=exceptionmime,path=/etc/e2guardian/lists/exceptionextensionlist' |
| fileextlist = 'name=bannedextension,messageno=900,path=/etc/e2guardian/lists/bannedextensionlist' |
| mimelist = 'name=bannedmime,messageno=800,path=/etc/e2guardian/lists/bannedmimetypelist' |
| sitelist = 'name=exceptionfile,path=/etc/e2guardian/lists/exceptionfilesitelist' |
| ipsitelist = 'name=exceptionfile,path=/etc/e2guardian/lists/exceptionfilesiteiplist' |
| urllist = 'name=exceptionfile,path=/etc/e2guardian/lists/exceptionfileurllist' |
| maxuploadsize = -1 |
| regexpreplacelist = 'name=headermods,path=/etc/e2guardian/lists/headerregexplist' |
| regexpboollist = 'name=bannedheader,path=/etc/e2guardian/lists/bannedregexpheaderlist' |
| regexpboollist = 'name=exceptionheader,path=/etc/e2guardian/lists/exceptionregexpheaderlist' |
| regexpreplacelist = 'name=addheader,path=/etc/e2guardian/lists/addheaderregexplist' |
| naughtynesslimit = 50 |
| |
| regexpreplacelist = 'name=searchterms,path=/etc/e2guardian/lists/searchregexplist' |
| searchlist = 'name=banned,path=/etc/e2guardian/lists/bannedsearchlist' |
| searchlist = 'name=override,path=/etc/e2guardian/lists/bannedsearchoveridelist' |
| categorydisplaythreshold = 0 |
| embeddedurlweight = 0 |
| bypass = 0 |
| bypasskey = '' |
| sitelist = 'name=bannedbypass,messageno=500,path=/etc/e2guardian/lists/bannedsitelistwithbypass' |
| infectionbypass = 0 |
| infectionbypasskey = '' |
| infectionbypasserrorsonly = on |
| disablecontentscan = off |
| disablecontentscanerror = off |
| contentscanexceptions = off |
| deepurlanalysis = off |
| reportinglevel = 3 |
| usesmtp = off #NOT YET TESTED |
| mailfrom = '' |
| avadmin = '' |
| contentadmin = '' |
| avsubject = 'e2guardian virus block' |
| contentsubject = 'e2guardian violation' |
| notifyav = off |
| notifycontent = off |
| thresholdbyuser = off |
| violations = 0 |
| threshold = 0 |
| sslmitm = off |
| mitmcheckcert = on |
| sitelist = 'name=nocheckcert,path=/etc/e2guardian/lists/nocheckcertsitelist' |
| ipsitelist = 'name=nocheckcert,path=/etc/e2guardian/lists/nocheckcertsiteiplist' |
</code> | </code> |
| |
* **groupname** = 'default' | * **groupname** = 'default' |
| |
Aktivieren des Bilderbewertung: | ** Ab Version 5.2** - Änderung bzw. Kopie des **storyboard** |
* **enablepics** = on | * **storyboard** = '/etc/e2guardian/f1.story' |
| |
| :!: **WICHTIG** - Damit die Änderungen auf **''f1.story''** möglich ist, sollte mit nachfolgendem Befehl eine Kopie des **originalen** ''examplef1.story'' durchgeführt werden. Dadurch können später Änderungen leichter durchgeführt werden, da immer die Originaldatei noch verfügbar bleibt: |
| <code> |
| # cp -a /etc/e2guardian/examplef1.story /etc/e2guardian/f1.story |
| </code> |
| |
Setzen eines eigenen HTML-Templates für gebannte Inhalte: | Setzen eines eigenen HTML-Templates für gebannte Inhalte: |
# cp -a /usr/share/e2guardian/languages/german/template.html /usr/share/e2guardian/languages/german/templatef1.html | # cp -a /usr/share/e2guardian/languages/german/template.html /usr/share/e2guardian/languages/german/templatef1.html |
</code> | </code> |
| |
| **__Bis Version 4.1.4__**: |
| |
Die Konfigurationsdatei ''/etc/e2guardian/e2guardianf1.conf'' **__ohne__** Kommentar- und Leerzeichen **inklusive der Änderungen**: | Die Konfigurationsdatei ''/etc/e2guardian/e2guardianf1.conf'' **__ohne__** Kommentar- und Leerzeichen **inklusive der Änderungen**: |
mitmcheckcert = on | mitmcheckcert = on |
nocheckcertsitelist = '/etc/e2guardian/lists/nocheckcertsitelist' | nocheckcertsitelist = '/etc/e2guardian/lists/nocheckcertsitelist' |
</code>e2guardian | </code> |
| |
| **__Ab Version 5.2__**: |
| |
| Die Konfigurationsdatei ''/etc/e2guardian/e2guardianf1.conf'' **__ohne__** Kommentar- und Leerzeichen **inklusive der Änderungen**: |
| <code ini> |
| # egrep -v '(^#|^ #|^$)' /etc/e2guardian/e2guardianf1.conf |
| groupname = 'default' |
| storyboard = '/etc/e2guardian/f1.story' |
| bannedphraselist = '/etc/e2guardian/lists/bannedphraselist' |
| weightedphraselist = '/etc/e2guardian/lists/weightedphraselist' |
| exceptionphraselist = '/etc/e2guardian/lists/exceptionphraselist' |
| sitelist = 'name=banned,messageno=500,path=/etc/e2guardian/lists/bannedsitelist' |
| ipsitelist = 'name=banned,messageno=510,path=/etc/e2guardian/lists/bannedsiteiplist' |
| urllist = 'name=banned,messageno=501,path=/etc/e2guardian/lists/bannedurllist' |
| regexpboollist = 'name=banned,messageno=503,path=/etc/e2guardian/lists/bannedregexpurllist' |
| regexpboollist = 'name=banneduseragent,messageno=522,path=/etc/e2guardian/lists/bannedregexpuseragentlist' |
| sitelist = 'name=bannedssl,messageno=520,path=/etc/e2guardian/lists/bannedsslsitelist' |
| ipsitelist = 'name=bannedssl,messageno=520,path=/etc/e2guardian/lists/bannedsslsiteiplist' |
| sitelist = 'name=grey,path=/etc/e2guardian/lists/greysitelist' |
| ipsitelist = 'name=grey,path=/etc/e2guardian/lists/greysiteiplist' |
| urllist = 'name=grey,path=/etc/e2guardian/lists/greyurllist' |
| sitelist = 'name=greyssl,path=/etc/e2guardian/lists/greysslsitelist' |
| ipsitelist = 'name=greyssl,path=/etc/e2guardian/lists/greysslsiteiplist' |
| sitelist = 'name=exception,messageno=602,path=/etc/e2guardian/lists/exceptionsitelist' |
| ipsitelist = 'name=exception,messageno=602,path=/etc/e2guardian/lists/exceptionsiteiplist' |
| urllist = 'name=exception,messageno=603,path=/etc/e2guardian/lists/exceptionurllist' |
| regexpboollist = 'name=exception,messageno=609,path=/etc/e2guardian/lists/exceptionregexpurllist' |
| regexpboollist = 'name=exceptionuseragent,messageno=610,path=/etc/e2guardian/lists/exceptionregexpuseragentlist' |
| sitelist = 'name=refererexception,messageno=620,path=/etc/e2guardian/lists/refererexceptionsitelist' |
| ipsitelist = 'name=refererexception,messageno=620,path=/etc/e2guardian/lists/refererexceptionsiteiplist' |
| urllist = 'name=refererexception,messageno=620,path=/etc/e2guardian/lists/refererexceptionurllist' |
| sitelist = 'name=embededreferer,path=/etc/e2guardian/lists/embededreferersitelist' |
| ipsitelist = 'name=embededreferer,path=/etc/e2guardian/lists/embededreferersiteiplist' |
| urllist = 'name=embededreferer,path=/etc/e2guardian/lists/embededrefererurllist' |
| regexpreplacelist = 'name=change,path=/etc/e2guardian/lists/urlregexplist' |
| regexpreplacelist = 'name=sslreplace,path=/etc/e2guardian/lists/sslsiteregexplist' |
| regexpreplacelist = 'name=redirect,path=/etc/e2guardian/lists/urlredirectregexplist' |
| contentregexplist = '/etc/e2guardian/lists/contentregexplist' |
| sitelist = 'name=localbanned,messageno=560,path=/etc/e2guardian/lists/localbannedsitelist' |
| searchlist = 'name=localbanned,messageno=581,path=/etc/e2guardian/lists/localbannedsearchlist' |
| sitelist = 'name=localgrey,path=/etc/e2guardian/lists/localgreysitelist' |
| sitelist = 'name=localgreyssl,path=/etc/e2guardian/lists/localgreysslsitelist' |
| sitelist = 'name=localexception,messageno=662,path=/etc/e2guardian/lists/localexceptionsitelist' |
| fileextlist = 'name=exceptionextension,path=/etc/e2guardian/lists/exceptionextensionlist' |
| mimelist = 'name=exceptionmime,path=/etc/e2guardian/lists/exceptionextensionlist' |
| fileextlist = 'name=bannedextension,messageno=900,path=/etc/e2guardian/lists/bannedextensionlist' |
| mimelist = 'name=bannedmime,messageno=800,path=/etc/e2guardian/lists/bannedmimetypelist' |
| sitelist = 'name=exceptionfile,path=/etc/e2guardian/lists/exceptionfilesitelist' |
| ipsitelist = 'name=exceptionfile,path=/etc/e2guardian/lists/exceptionfilesiteiplist' |
| urllist = 'name=exceptionfile,path=/etc/e2guardian/lists/exceptionfileurllist' |
| maxuploadsize = -1 |
| regexpreplacelist = 'name=headermods,path=/etc/e2guardian/lists/headerregexplist' |
| regexpboollist = 'name=bannedheader,path=/etc/e2guardian/lists/bannedregexpheaderlist' |
| regexpboollist = 'name=exceptionheader,path=/etc/e2guardian/lists/exceptionregexpheaderlist' |
| regexpreplacelist = 'name=addheader,path=/etc/e2guardian/lists/addheaderregexplist' |
| naughtynesslimit = 50 |
| regexpreplacelist = 'name=searchterms,path=/etc/e2guardian/lists/searchregexplist' |
| searchlist = 'name=banned,path=/etc/e2guardian/lists/bannedsearchlist' |
| searchlist = 'name=override,path=/etc/e2guardian/lists/bannedsearchoveridelist' |
| categorydisplaythreshold = 0 |
| embeddedurlweight = 0 |
| bypass = 0 |
| bypasskey = '' |
| sitelist = 'name=bannedbypass,messageno=500,path=/etc/e2guardian/lists/bannedsitelistwithbypass' |
| infectionbypass = 0 |
| infectionbypasskey = '' |
| infectionbypasserrorsonly = on |
| disablecontentscan = off |
| disablecontentscanerror = off |
| contentscanexceptions = off |
| deepurlanalysis = off |
| reportinglevel = 3 |
| htmltemplate = 'templatef1.html' |
| usesmtp = off #NOT YET TESTED |
| mailfrom = '' |
| avadmin = '' |
| contentadmin = '' |
| avsubject = 'e2guardian virus block' |
| contentsubject = 'e2guardian violation' |
| notifyav = off |
| notifycontent = off |
| thresholdbyuser = off |
| violations = 0 |
| threshold = 0 |
| sslmitm = off |
| mitmcheckcert = off |
| sitelist = 'name=nocheckcert,path=/etc/e2guardian/lists/nocheckcertsitelist' |
| ipsitelist = 'name=nocheckcert,path=/etc/e2guardian/lists/nocheckcertsiteiplist' |
| </code> |
| |
==== /etc/logrotate.d/e2guardian ==== | ==== /etc/logrotate.d/e2guardian ==== |
* **groupname** = 'eltern' | * **groupname** = 'eltern' |
| |
Aktivieren des Bilderbewertung: | ** Ab Version 5.2** - Änderung bzw. Kopie des **storyboard** |
* **enablepics** = on | * **storyboard** = '/etc/e2guardian/f2.story' |
| |
| :!: **WICHTIG** - Damit die Änderungen auf **''f2.story''** möglich ist, sollte mit nachfolgendem Befehl eine Kopie des **originalen** ''examplef1.story'' durchgeführt werden. Dadurch können später Änderungen leichter durchgeführt werden, da immer die Originaldatei noch verfügbar bleibt: |
| <code> |
| # cp -a /etc/e2guardian/examplef1.story /etc/e2guardian/f2.story |
| </code> |
| |
Setzen eines eigenen HTML-Templates für gebannte Inhalte: | Setzen eines eigenen HTML-Templates für gebannte Inhalte: |
| |
Die Konfigurationsdatei ''/etc/e2guardian/e2guardianf2.conf'' **__ohne__** Kommentar- und Leerzeichen **inklusive der Änderungen**, könnte dann wie folgt aussehen: | Die Konfigurationsdatei ''/etc/e2guardian/e2guardianf2.conf'' **__ohne__** Kommentar- und Leerzeichen **inklusive der Änderungen**, könnte dann wie folgt aussehen: |
| |
| **__Bis Version 4.1.4__** |
<code ini> | <code ini> |
# egrep -v '(^#|^$)' /etc/e2guardian/e2guardianf2.conf | # egrep -v '(^#|^$)' /etc/e2guardian/e2guardianf2.conf |
addheaderregexplist = '/etc/e2guardian/lists/addheaderregexplist_f2' | addheaderregexplist = '/etc/e2guardian/lists/addheaderregexplist_f2' |
naughtynesslimit = 160 | naughtynesslimit = 160 |
| |
categorydisplaythreshold = 0 | categorydisplaythreshold = 0 |
embeddedurlweight = 0 | embeddedurlweight = 0 |
mitmcheckcert = on | mitmcheckcert = on |
nocheckcertsitelist = '/etc/e2guardian/lists/nocheckcertsitelist_f2' | nocheckcertsitelist = '/etc/e2guardian/lists/nocheckcertsitelist_f2' |
| </code> |
| |
| **__Ab Version 5.2__**: |
| Die Konfigurationsdatei ''/etc/e2guardian/e2guardianf2.conf'' **__ohne__** Kommentar- und Leerzeichen **inklusive der Änderungen**, könnte dann wie folgt aussehen: |
| <code ini> |
| # egrep -v '(^#|^ #|^$)' /etc/e2guardian/e2guardianf2.conf |
| groupname = 'eltern' |
| storyboard = '/etc/e2guardian/f2.story' |
| bannedphraselist = '/etc/e2guardian/lists/bannedphraselist_f2' |
| weightedphraselist = '/etc/e2guardian/lists/weightedphraselist_f2' |
| exceptionphraselist = '/etc/e2guardian/lists/exceptionphraselist_f2' |
| sitelist = 'name=banned,messageno=500,path=/etc/e2guardian/lists/bannedsitelist_f2' |
| ipsitelist = 'name=banned,messageno=510,path=/etc/e2guardian/lists/bannedsiteiplist_f2' |
| urllist = 'name=banned,messageno=501,path=/etc/e2guardian/lists/bannedurllist_f2' |
| regexpboollist = 'name=banned,messageno=503,path=/etc/e2guardian/lists/bannedregexpurllist_f2' |
| regexpboollist = 'name=banneduseragent,messageno=522,path=/etc/e2guardian/lists/bannedregexpuseragentlist_f2' |
| sitelist = 'name=bannedssl,messageno=520,path=/etc/e2guardian/lists/bannedsslsitelist_f2' |
| ipsitelist = 'name=bannedssl,messageno=520,path=/etc/e2guardian/lists/bannedsslsiteiplist_f2' |
| sitelist = 'name=grey,path=/etc/e2guardian/lists/greysitelist_f2' |
| ipsitelist = 'name=grey,path=/etc/e2guardian/lists/greysiteiplist_f2' |
| urllist = 'name=grey,path=/etc/e2guardian/lists/greyurllist_f2' |
| sitelist = 'name=greyssl,path=/etc/e2guardian/lists/greysslsitelist_f2' |
| ipsitelist = 'name=greyssl,path=/etc/e2guardian/lists/greysslsiteiplist' |
| sitelist = 'name=exception,messageno=602,path=/etc/e2guardian/lists/exceptionsitelist_f2' |
| ipsitelist = 'name=exception,messageno=602,path=/etc/e2guardian/lists/exceptionsiteiplist_f2' |
| urllist = 'name=exception,messageno=603,path=/etc/e2guardian/lists/exceptionurllist_f2' |
| regexpboollist = 'name=exception,messageno=609,path=/etc/e2guardian/lists/exceptionregexpurllist_f2' |
| regexpboollist = 'name=exceptionuseragent,messageno=610,path=/etc/e2guardian/lists/exceptionregexpuseragentlist_f2' |
| sitelist = 'name=refererexception,messageno=620,path=/etc/e2guardian/lists/refererexceptionsitelist_f2' |
| ipsitelist = 'name=refererexception,messageno=620,path=/etc/e2guardian/lists/refererexceptionsiteiplist_f2' |
| urllist = 'name=refererexception,messageno=620,path=/etc/e2guardian/lists/refererexceptionurllist_f2' |
| sitelist = 'name=embededreferer,path=/etc/e2guardian/lists/embededreferersitelist_f2' |
| ipsitelist = 'name=embededreferer,path=/etc/e2guardian/lists/embededreferersiteiplist_f2' |
| urllist = 'name=embededreferer,path=/etc/e2guardian/lists/embededrefererurllist_f2' |
| regexpreplacelist = 'name=change,path=/etc/e2guardian/lists/urlregexplist_f2' |
| regexpreplacelist = 'name=sslreplace,path=/etc/e2guardian/lists/sslsiteregexplist_f2' |
| regexpreplacelist = 'name=redirect,path=/etc/e2guardian/lists/urlredirectregexplist_f2' |
| contentregexplist = '/etc/e2guardian/lists/contentregexplist_f2' |
| sitelist = 'name=localbanned,messageno=560,path=/etc/e2guardian/lists/localbannedsitelist_f2' |
| searchlist = 'name=localbanned,messageno=581,path=/etc/e2guardian/lists/localbannedsearchlist_f2' |
| sitelist = 'name=localgrey,path=/etc/e2guardian/lists/localgreysitelist_f2' |
| sitelist = 'name=localgreyssl,path=/etc/e2guardian/lists/localgreysslsitelist_f2' |
| sitelist = 'name=localexception,messageno=662,path=/etc/e2guardian/lists/localexceptionsitelist_f2' |
| fileextlist = 'name=exceptionextension,path=/etc/e2guardian/lists/exceptionextensionlist_f2' |
| mimelist = 'name=exceptionmime,path=/etc/e2guardian/lists/exceptionextensionlist_f2' |
| fileextlist = 'name=bannedextension,messageno=900,path=/etc/e2guardian/lists/bannedextensionlist_f2' |
| mimelist = 'name=bannedmime,messageno=800,path=/etc/e2guardian/lists/bannedmimetypelist_f2' |
| sitelist = 'name=exceptionfile,path=/etc/e2guardian/lists/exceptionfilesitelist_f2' |
| ipsitelist = 'name=exceptionfile,path=/etc/e2guardian/lists/exceptionfilesiteiplist_f2' |
| urllist = 'name=exceptionfile,path=/etc/e2guardian/lists/exceptionfileurllist_f2' |
| maxuploadsize = -1 |
| regexpreplacelist = 'name=headermods,path=/etc/e2guardian/lists/headerregexplist_f2' |
| regexpboollist = 'name=bannedheader,path=/etc/e2guardian/lists/bannedregexpheaderlist_f2' |
| regexpboollist = 'name=exceptionheader,path=/etc/e2guardian/lists/exceptionregexpheaderlist_f2' |
| regexpreplacelist = 'name=addheader,path=/etc/e2guardian/lists/addheaderregexplist_f2' |
| naughtynesslimit = 160 |
| regexpreplacelist = 'name=searchterms,path=/etc/e2guardian/lists/searchregexplist_f2' |
| searchlist = 'name=banned,path=/etc/e2guardian/lists/bannedsearchlist_f2' |
| searchlist = 'name=override,path=/etc/e2guardian/lists/bannedsearchoveridelist_f2' |
| categorydisplaythreshold = 0 |
| embeddedurlweight = 0 |
| bypass = 0 |
| bypasskey = '' |
| sitelist = 'name=bannedbypass,messageno=500,path=/etc/e2guardian/lists/bannedsitelistwithbypass_f2' |
| infectionbypass = 0 |
| infectionbypasskey = '' |
| infectionbypasserrorsonly = on |
| disablecontentscan = off |
| disablecontentscanerror = off |
| contentscanexceptions = off |
| deepurlanalysis = off |
| reportinglevel = 3 |
| usesmtp = off #NOT YET TESTED |
| mailfrom = '' |
| avadmin = '' |
| contentadmin = '' |
| avsubject = 'e2guardian virus block' |
| contentsubject = 'e2guardian violation' |
| notifyav = off |
| notifycontent = off |
| thresholdbyuser = off |
| violations = 0 |
| threshold = 0 |
| sslmitm = off |
| mitmcheckcert = on |
| sitelist = 'name=nocheckcert,path=/etc/e2guardian/lists/nocheckcertsitelist_f2' |
| ipsitelist = 'name=nocheckcert,path=/etc/e2guardian/lists/nocheckcertsiteiplist_f2' |
</code> | </code> |
| |
#pathprefix = '/var/clamdchroot' | #pathprefix = '/var/clamdchroot' |
| |
| # Only used until version 4.1.4 |
exceptionvirusmimetypelist = '/etc/e2guardian/lists/contentscanners/exceptionvirusmimetypelist' | exceptionvirusmimetypelist = '/etc/e2guardian/lists/contentscanners/exceptionvirusmimetypelist' |
exceptionvirusextensionlist = '/etc/e2guardian/lists/contentscanners/exceptionvirusextensionlist' | exceptionvirusextensionlist = '/etc/e2guardian/lists/contentscanners/exceptionvirusextensionlist' |
-- | -- |
-- The start-up result is done. | -- The start-up result is done. |
| </code> |
| |
| ==== Ignore/Whitelist erstellen: /var/lib/clamav/whitelist.ign2 ==== |
| |
| Um z.B. bei dem Verdacht auf ein **"false-positive"** eine Erkennung eines bestimmten Treffers aus dem **"pattern"** von [[http://www.clamav.net/|ClamAV]] **ignorieren bzw. "whitelisten"** zu können, ist nachfolgendes Vorgehen notwendig. |
| |
| Mit nachfolgendem Befehl ist im Verzeichnis |
| * **''/var/lib/clamav''** |
| eine Datei mit dem Namen |
| * **''whitelist.ign2''** |
| zu erzeugen. |
| <code> |
| # touch /var/lib/clamav/whitelist.ign2 |
| </code> |
| |
| Der Inhalt ist dann mit dem **Namen** des zu **ignorierenden bzw. "whitelistenden"** Treffers aus dem **"pattern"** von [[http://www.clamav.net/|ClamAV]] als einfacher Eintrag zu erstellen, wie nachfolgendes Beispiel zeigt: |
| <code> |
| Win.Exploit.CVE_2019_0903-6966169-0 |
| </code> |
| |
| Anschliessend ist, wenn der [[http://www.clamav.net/|ClamAV]] bereits gestartet wurde, ein **Neustart** mit nachfolgendem Befehl durchzuführen: |
| <code> |
| # systemctl restart clamd.e2guardian.service |
</code> | </code> |
| |