⬆️ ⬇️

Installation Instructions for Content Filter in School Linux 5.0

In all schools in the Russian Federation, a mandatory requirement is the installation of a Content Filter to filter sites that are “incompatible with the objectives of education.”



For these purposes, the SCF was used, but 3 weeks ago with a regular update, the SCF was independently replaced with the NetPolice system.



When introducing School Linux in Nizhny Novgorod, the issue of Content Filter availability is one of the main ones. NetPolice system exists in the version for Linux and has a repository specifically for School Linux.

')

Unfortunately, the NetPolice website contains instructions for installing and configuring the system only for School Linux 4.0, which is not fully suitable for platform 5. We tried to correct this situation.



Instructions on the NNLUG School Project website





1. Connection of repositories



For School Linux 5.0.1, we need to enable the Alt Linux p5 i586 and noarch repositories. To do this, open the console and get the superuser rights



su - now open the /etc/apt/sources.list.d/alt.list file for editing and uncomment the first two repositories (delete the grid at the beginning of the line)



nano /etc/apt/sources.list.d/alt.list

# ALT Linux Platform 5

rpm [p5] ftp.altlinux.org/pub/distributions/ALTLinux/p5/branch i586 classic

rpm [p5] ftp.altlinux.org/pub/distributions/ALTLinux/p5/branch noarch classic



Now we need to connect the NetPolice repository for the school Linux 5th platform. To do this in the file /etc/apt/sources.list add the address of the repository



nano /etc/apt/sources.list



rpm update.netpolice.ru

altlinux / p5 / branch / netpolice / i586 netpolice



2. Install NetPolice

After connecting the repositories, we need to update the list of packages available for installation.



apt-get update



After downloading files with lists of packages in the repositories, you can proceed to the installation of the NetPolice complex



apt-get install netpolice-main



waiting for all the necessary packages to be downloaded from the repositories and installed in the system. After that, you can proceed to configure.



3. Basic configuration of NetPolice

Following the instructions on the NetPolice site, the first thing we need to do is to register the address of the dns server for the host2cat system, which, as I understand it, will respond to blocking sites by domain names. To do this, edit the file / etc / sysconfig / host2cat and set one of the NetPolice servers in the DNS_LIST field. As it turned out, when using DNS for home users, you get more blocking lists than on the server for schools. Therefore, we use the server dnsc1.netpolice.ru



nano / etc / sysconfig / host2cat



MEMCACHED_LIST = 127.0.0.1: 11211

UDP_PORT = 6666

# DNS LIST SERVER IP

#for example DNS_LIST = 127.0.0.1

DNS_LIST = dnsc1.netpolice.ru

TTL = 3600

HOST2CAT_OPTIONS = "- m $ MEMCACHED_LIST -u $ UDP_PORT -s $ DNS_LIST -t $ TTL"





After making changes, you need to restart the services included in the complex NetPolice. To do this, run the following commands:



/etc/rc.d/init.d/memcached restart

/etc/rc.d/init.d/host2cat restart

/etc/rc.d/init.d/c-icap restart

/etc/rc.d/init.d/squid restart



4. Configure customers

NetPolice can filter online content for all computers in a computer lab and does not require installation on each computer!

To use the NetPolice system running and configured on School Linux 5.0.1, you need to configure your web browser on your computer to work with the Internet through Proxy.



For FireFox, this is the “Edit” -> “Settings” -> “Advanced” tab -> “Network” -> “Configure” button. In the window that appears, choose “Configure proxy connection settings manually” and enter the IP address of the proxy server and port (usually 3128), then click “ok” and exit Firefox settings.



But for the School Junior 5.0.1 distribution, Ephiphany is used as the main web browser, which has no proxy settings and uses system-wide proxy settings. For this distribution, go to the “System” -> “Settings” -> “Proxy Server Settings” menu and specify the IP address of the computer on which NetPolice is installed and specify port 3128.



5. Checking the operation of the content filter

After specifying the IP address and port in a web browser, enter the site www.f-games.ru in the address bar

You should see the inscription “Permition deny!”. This indicates the correct operation of the installed NetPolice. Site f-games.ru "not compatible with the objectives of education."



6. Start Administration Console

The NetPolice system is configured using a web interface. To do this, run the http-server



/etc/rc.d/init.d/httpd2 start



Launch a web browser and go to localhost / cgi-bin / login.cgi



Login: root

Password: root



7. Creating a new administrator

To create a new administrator account, click on the link "Create a new administrator." Enter the login and password for the new administrator. After saving, return to the login and password entry page localhost / cgi-bin / login.cgi . Log in with a new login and admin password.



8. Creating a new user

When trying to access the Internet, NetPolice will ask you for a login and password code. Unfortunately, it is not possible to configure the system in a transparent mode. Therefore, we create user user with password 1.

To do this, click on the link "Create a new user."

Enter username for new user

IP address: 192.168.1.0 (your subnet address)

Subnet mask / suffix: / 24

Role: my_student (select from list)



To set a password for a user in the console as root, run the command:



htpasswd2 / etc / squid / passwd user



9. Configuring Access Policies

To configure access policies in the main menu, click the link my_student -> Edit



The “list of rejects” is a list of prohibited categories of Internet resources.

For our own implementations, we use the following set of reggits:



1 Propaganda of war, incitement of hatred and enmity, propaganda of pornography and antisocial behavior

8 Crimes

24 Ensuring user anonymity, crawling content filters

34 Murder, violence

54 killings, violence, corpses

57 terrorism

101 erotica pornography

102 social networks

104 file sharing networks and sites

107 illegal help to schoolchildren and students

109 ensuring anonymity, crawling content filters

110 online casinos



A full list of redgets can be found on the NetPolice website in the Appendix 2 section.

Source: https://habr.com/ru/post/96951/



All Articles