1332,6 → 1332,7 |
# Add Bing to the safesearch url regext list (parental control) |
[ -e $DIR_DG/lists/urlregexplist.default ] || cp $DIR_DG/lists/urlregexplist $DIR_DG/lists/urlregexplist.default |
cat <<EOF >> $DIR_DG/lists/urlregexplist |
|
# Bing - add 'adlt=strict' |
#"(^http://[0-9a-z]+\.bing\.[a-z]+[-/%.0-9a-z]*\?)(.*)"->"\1\2&adlt=strict" |
EOF |
1375,6 → 1376,7 |
$SED "s?^# SCANIMAGES.*?SCANIMAGES false?g" /etc/havp/havp.config # doesn't scan image files |
$SED "s?^# SKIPMIME.*?SKIPMIME image\/\* video\/\* audio\/\*?g" /etc/havp/havp.config # doesn't scan some multimedia files |
$SED "s?^# SCANTEMPFILE.*?SCANTEMPFILE /var/tmp/havp/havp-XXXXXX?g" /etc/havp/havp.config # Use our special tmp FS (memfs) |
$SED "s?^# TEMPDIR.*?TEMPDIR /var/tmp/havp?g" /etc/havp/havp.config # Use our special tmp FS (memfs) |
# skip checking of youtube flow (too heavy load / risk too low) |
[ -e /etc/havp/whitelist.default ] || cp /etc/havp/whitelist /etc/havp/whitelist.default |
echo "# Whitelist youtube flow" >> /etc/havp/whitelist |
1504,6 → 1506,8 |
|
[Service] |
Type=exec |
ExecStartPre=/bin/mkdir -p /run/nfcapd |
ExecStartPre=/bin/chown nfcapd:nfcapd /run/nfcapd |
PIDFile=/run/nfcapd/nfcapd.pid |
ExecStart=/usr/bin/nfcapd -w -D -b 127.0.0.1 -p 2055 -u nfcapd -g nfcapd -B 200000 -t 300 -S 7 -z -P /run/nfcapd/nfcapd.pid -I alcasar_netflow -l /var/log/nfsen/profile-data/live/alcasar_netflow |
ExecReload=/bin/kill -HUP $MAINPID |
2029,7 → 2033,7 |
|
# Set permissions monitoring and enforcement |
cat <<EOF > /etc/security/msec/perm.local |
/var/log/firefwall/ root.apache 750 |
/var/log/firewall/ root.apache 750 |
/var/log/firewall/* root.apache 640 |
/etc/security/msec/perm.local root.root 640 |
/etc/security/msec/level.local root.root 640 |