Quite a few years ago I started looking for an open source alternative to the web filtering software I was using at the time. I came across Dansguardian, and have been happy using it ever since.
In my environment I wanted a web filter that I could set up groups that had different access levels and I wanted the web filter to be transparent so that I didn’t have to touch every machine that connected to the network.
During my most recent update of the boxes that I run Dansguardian on, I decided to update my documentation and figured I’d post it here for anyone who may be interested. The networks that I use this particular setup on range from 20-300 computers, so you may need to increase hardware specs for your particular setup.
I’m running machines with Intel Dual Core Processors at 2.50 GHz, 4 GB RAM, 100 Gig Hard Drive, two Intel 100/1000 NICS.
I’m running Ubuntu Server 12.04 – I used the 64 bit edition, but either should work. (This could be done via most any version of Linux I believe, Ubuntu is my flavor of choice and I know these directions work there.)
After you’ve installed Ubuntu Server, install the following packages:
sudo aptitude install ebtables
sudo aptitude install bridge-utils
sudo aptitude install squid3
sudo aptitude install dansguardian
sudo apt-get install perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl apt-show-verstions python
Download and install Webmin
sudo dpkg –install webmin_1.610_all.deb
Creating the bridge
Create a file and save it as bridge-up.sh
Edit bridge-up.sh sot that it contains the following:
ifconfig eth0 0.0.0.0 promisc up
ifconfig eth1 0.0.0.0 promisc up
brctl addbr br0
brctl addif br0 eth0
brctl addif br0 eth1
ifconfig br0 192.168.1.2 netmaks 255.255.255.0 up
route add default gw 192.168.1.1 br0