Re: Using squidguard blacklists in skolelinux(.de)
Hi Dirk,
Am Sonntag, 16. Januar 2005 23:51 schrieb Dirk Gómez:
> Using squidguard blacklists in skolelinux
>
> Hello there, I am looking into putting squidguard blacklists into use
> for for the German version of skolelinux.
>
thank you for dedicating some time into this feature which is mainly
desired by German teachers (and laws) - and therefore has been
discussed vehemently on user@skolelinux.de . One could argue to move
this debate there - if it is about users' view. As for "technical"
stuff, this is definitely the right place.
> There's a few blacklists out there
> (http://ftp.teledanmark.no/pub/www/proxy/squidGuard/contrib/blacklist
>s.tar.gz, http://www.linugen.com/contentfilter/,
> http://cache.univ-tlse1.fr/documentations/cache/squidguard_en.html#co
Some people I know would squeak now: "how dare you publish dangerous
URLs on an open list like this" :) As a matter of fact, secretaries who
are paid for collecting such URLs wouldn't hand them out - in the fear
of abuse. But this is not the topic here.
...
> A better approach imho is to create a blacklist which is available
> from the skolelinux.de site. It should just be a copy from the
> teledanmark blacklist with possible postprocessing (e.g. removal of
> sites that are known to be ok or adding of sites which are known to
> not be ok).
We should consider delivering the hash codes only - to evade potential
juristical consequences (INAL)
>
> Skolelinux installations would fetch the blacklist periodically
> (which time intervals make sense?) and then there will be some
like once a week? once a day? differences versus whole lists?
> postprocessing as well: teachers can add whitelist and blacklist
> entries through the webmin interface.
this interface has to quote out rexexpression stuff:
- A teacher bans "kol.de" which would ban everything with "kolade", too
=> this has to be translated to kol\.de if not to \.kol\.de$
- If such entry is to be corrected later on, it has to be shown as
entered
Otherwise some regexp-editor could be used, showing verbose meanings of
used symbols.
We should consider the definition of a set of black-/whitelists that can
be activated one by one. Blacklists you find on the web often are
ckassified into
- adult
- violence
- illegal
We could add a group "chat" and "mail" to disallow such services for
special occasions. In praxis, teachers shouldn't tweak around with
singular selcetions, but select one of a a list of predefined profiles
(allow everything / ban adult stuff / kids only / ...)
There had been further discussions to combine squidguard with cronjob to
use strict settings in the morning and less strict in the evening
(external classes). This feauture is not really necessary, as the usage
of your squidmin gets really intuitive...
>
> What do you folks think of this approach?
Good :)
Let me cite some locations where suggestions had been made before:
*GERMAN*
internet only for selected users / no filters for adult people:
http://skolelinux.de/pipermail/user/2004-February/000466.html
*ENGLISH*
Hilaire: "I will work on a tiny skolelinux-squid package to provide
automatic update of the Squid blacklists."
http://lists.debian.org/debian-edu/2004/06/msg00096.html
Thread: Comments on the "Skolelinux - User Requirements Specification"
http://lists.debian.org/debian-edu/2004/09/msg00292.html
Wishlist in Bugzilla:
http://bugs.skolelinux.no/show_bug.cgi?id=385
Regards
Ralf
>
> -- Dirk
Reply to: