Hi Dirk, Am Sonntag, 16. Januar 2005 23:51 schrieb Dirk G�mez: > Using squidguard blacklists in skolelinux > > Hello there, I am looking into putting squidguard blacklists into use > for for the German version of skolelinux. >
thank you for dedicating some time into this feature which is mainly desired by German teachers (and laws) - and therefore has been discussed vehemently on [EMAIL PROTECTED] . One could argue to move this debate there - if it is about users' view. As for "technical" stuff, this is definitely the right place. > There's a few blacklists out there > (http://ftp.teledanmark.no/pub/www/proxy/squidGuard/contrib/blacklist >s.tar.gz, http://www.linugen.com/contentfilter/, > http://cache.univ-tlse1.fr/documentations/cache/squidguard_en.html#co Some people I know would squeak now: "how dare you publish dangerous URLs on an open list like this" :) As a matter of fact, secretaries who are paid for collecting such URLs wouldn't hand them out - in the fear of abuse. But this is not the topic here. ... > A better approach imho is to create a blacklist which is available > from the skolelinux.de site. It should just be a copy from the > teledanmark blacklist with possible postprocessing (e.g. removal of > sites that are known to be ok or adding of sites which are known to > not be ok). We should consider delivering the hash codes only - to evade potential juristical consequences (INAL) > > Skolelinux installations would fetch the blacklist periodically > (which time intervals make sense?) and then there will be some like once a week? once a day? differences versus whole lists? > postprocessing as well: teachers can add whitelist and blacklist > entries through the webmin interface. this interface has to quote out rexexpression stuff: - A teacher bans "kol.de" which would ban everything with "kolade", too => this has to be translated to kol\.de if not to \.kol\.de$ - If such entry is to be corrected later on, it has to be shown as entered Otherwise some regexp-editor could be used, showing verbose meanings of used symbols. We should consider the definition of a set of black-/whitelists that can be activated one by one. Blacklists you find on the web often are ckassified into - adult - violence - illegal We could add a group "chat" and "mail" to disallow such services for special occasions. In praxis, teachers shouldn't tweak around with singular selcetions, but select one of a a list of predefined profiles (allow everything / ban adult stuff / kids only / ...) There had been further discussions to combine squidguard with cronjob to use strict settings in the morning and less strict in the evening (external classes). This feauture is not really necessary, as the usage of your squidmin gets really intuitive... > > What do you folks think of this approach? Good :) Let me cite some locations where suggestions had been made before: *GERMAN* internet only for selected users / no filters for adult people: http://skolelinux.de/pipermail/user/2004-February/000466.html *ENGLISH* Hilaire: "I will work on a tiny skolelinux-squid package to provide automatic update of the Squid blacklists." http://lists.debian.org/debian-edu/2004/06/msg00096.html Thread: Comments on the "Skolelinux - User Requirements Specification" http://lists.debian.org/debian-edu/2004/09/msg00292.html Wishlist in Bugzilla: http://bugs.skolelinux.no/show_bug.cgi?id=385 Regards Ralf > > -- Dirk
