DansGuardian is an award winning Open Source web content filter which currently runs on Linux, FreeBSD, OpenBSD, NetBSD, Mac OS X, HP-UX, and Solaris.
It filters the actual content of pages based on many methods including phrase matching, PICS filtering and URL filtering. It does not purely filter based on a banned list of sites like lesser totally commercial filters.
DansGuardian is designed to be completely flexible and allows you to tailor the filtering to your exact needs. It can be as draconian or as unobstructive as you want.
The default settings are geared towards what a primary school might want but DansGuardian puts you in control of what you want to block.
The content phrase filtering will check for pages that contain profanities and phrases often associated with pornography and other undesirable content. The POST filtering allows you to block or limit web upload. The URL and domain filtering is able to handle huge lists and is significantly faster than squidGuard.
The filtering has configurable domain, user and source ip exception lists. SSL Tunneling is supported.
The configurable logging produces a log in an easy to read format which has the option to only log the text-based pages, thus significantly reducing redundant information such as every image on a page.
All DansGuardian parts are customizable, allowing administrators total control over what is filtered and what not.
Here are some key features of "DansGuardian":
· Significantly cheaper than IGear (one of the best commercial filters).
· Can block adverts by the use of an advert URL block list.
· Can filter text and HTML pages for obscene (sexual, racial, violent, etc) content.
· Uses an advanced phrase weighting system to reduce over or under blocking.
· Can filter sites using the PICS labeling system.
· Can filter according to MIME type and file extension.
· Can filter according to URLs including Regular Expression URLs.
· URL filtering is compatible with squidGuard black lists.
· The URL filtering is able to filter https requests.
· Can work in a 'whitelist' mode where all sites except those listed are blocked.
· Can block all IP based URLs.
· Is able to block sites when users try using the IP address of the site instead.
· Produces a log in a very human readable format.
· Optionally produces a log in CSV format for easy import into databases etc.
· Is able to log the username using either Ident or basic proxy authentication.
· It has the ability to switch off filtering for specified sites, parts of sites, browser IPs and usernames.
· Can block specified source IPs and usernames.
· Can block or limit web uploading (e.g. attachments in Hotmail).
· Has the ability to work in a stealth mode where it logs sites that would have been blocked, but does not block them. This allows you to monitor your users without them knowing.
· Uses a very intelligent algorithm to match phrases in web pages mixed in with HTML code and white space.
· Big5, Unicode and top-bit set characters can be used in search phrases.
· DansGuardian 2.4.0 is over 6 times faster than DansGuardian 1.x.x.
· URL filtering is significantly faster than squidGuard.
· The configuration lists use the same incredibly fast code that allows them all to be hundreds of thousands of entries long.
· 100% C and can compile on GCC 3.
· Can be made to re-read config files with a HUP signal.
· Works perfectly in conjunction with Squid and Oops.
· Has no 3rd party library requirements (no nb as was used in version 1) so can be installed much easier and so is also provided as an RPM.
· Supports (adds) the squid X-Forwarded-For header line.
· Supports compressed (Content-Encoding gzip and deflate) HTML.
· Can be made to only listen on 1 IP.
· GNU C++