Dans Guardian
I still think it should be calls Danns Guardian…
Notes taken from this site, with my notes added in:
Install dans guardian with:
sudo apt-get install dansguardian tinyproxy firehol
Configure dansguardian (I use vim here but use whatever if you want)
sudo vim /etc/dansguardian/dansguardian.conf
You will need to remove the ‘UNCONFIGURED’ line, but you may want to check the rest. I didn’t change anything (yet) but we will see. Then restart dansguardian with
sudo dpkg-reconfigure dansguardian
and it should be good to go. Point firefox (or whichever browser) to port 8080 (preferences -> advanced -> network -> manual proxy 127.0.0.1 port 8080).
Now there is more, but I couldn’t get it to work (yet). Below is straight from that page, but I will go through as I figure it out. I followed these instructions but it didn’t work – I could simply use ‘no proxy’ in firefox to get around this. I will play more and update it I figure it out.
UPDATE: To stop anyone on your computer from going to dirty pages, it is perhaps the easiest to use FireHOL so you can avoid most of the iptables headaches. To force unconfigured browsers to use dansguardian: In /etc/firehol/firehol.conf you will need
transparent_squid 8080 “proxy root”
(note that squid/tinyproxy runs as username proxy in Ubuntu – and probably in Debian, too). Also, you will have to allow at least access to the outside world in FireHOL:
interface any world
policy drop
protection strong
client all accept
To stop people from using just squid/tinyproxy as a proxy, thus again bypassing dansguardian, you will need to add the following in the beginning of your /etc/firehol/firehol.conf.
iptables -t filter -I OUTPUT -d 127.0.0.1 -p tcp –dport 3128 -m owner ! –uid-owner dansguardian -j DROP
(Thanks to Costa Tsaousis at FireHOL help forums. Also note: dansguardian runs as user dansguardian on Ubuntu.)
From DansGuardian with Tinyproxy:
Now that the programme is installed, change the following 4 lines in /etc/tinyproxy/tinyproxy.conf
User root
Group root
Port 3128
ViaProxyName “tinyproxy”
Squid was much slower than tinyproxy for me. Still, if you choose to use Squid instead of tinyproxy, I understand that you need to set up Squid as an intercepting proxy, so see those instructions as well.
An additional tip: to make dansguardian, tinyproxy, squid or firehol reread their configuration files, I found it easiest to say sudo /etc/init.d/PROGRAMNAME restart
There’s good documentation on the dansguardian site, and as a last resort feel free to ask me help in the installation, though I’m no expert. You might also try the FireHOL help forum for any filtering-specific questions, which I’m a novice at. Also, please comment. I must have forgotten a step or two. 
