|
Contributed by Chad Brandt
|
|
|
|
Friday, 23 July 2004
DansGuardian is an award winning Open Source web content filter which currently runs on Linux, FreeBSD, OpenBSD, NetBSD, Mac OS X, HP-UX, and Solaris.DansGuardian 2.8 has been 15 months in development and testing and is finally ready for production servers. It contains many new features over version 2.6 which was the last stable version
For the improved performance alone, it is recommended that users still using
2.6.x upgrade to 2.8.
Perhaps some people would be kind enough as to post the news to Slashdot?
DansGuardian 2.8 has many massive improvements over version 2.6, the last
stable release. Just *some* of those new features include:
- A changed process model from fork-on-connect to fork-pool. This
dramatically improves the performance and allows it to scale to many more
concurrent users.
- Improved internationalisation language file support.
- Image replacement for advert removal.
- Added support for HP/UX.
- Added support for fully qualified addresses in banned and exception IP
lists.
- Improved run-time options.
- Improved logging.
- Added URL Greylists.
- Added filter group support so different filtering settings can be used for
different groups of users.
- Added a '-g' gentle restart that does not kill current connections but
filter group config is re-read.
- Added intelligent list managing so that if different filter groups use the
same file they will share one copy of it. It also means it does not need
to read in two copies. The list managing also caches the lists between
restarts thus reducing restart speed dramatically.
- Ident now uses X-Forwarded-For when DansGuardian is configured to use it.
- Added a temporal denied page bypass facility.
- Added feature where when a user is not found the IP is checked for in the
filter group list.
- Added support for unescaping HTML content.
- It is no longer needed to run as root to bind to a low port.
Over the 15 months a lot of people have put effort into writing, testing and
supporting this software. Far too many to mention here. I would like to
extend my gratitude to those people. I hope you like the software and you
can look forward to many new exciting features in the future.
The very next features that I and some other people are working on are
blocking popups, removing HTML vulnerabilities and a standard anti-virus
plugin system for on-the-fly AV checking of browsed content.
The detailed changes since the last announced release (2.7.7-9) are:
- Fixed a typo in the FreeBSD Makefile.
- Added new googlesearches phrase file.
- Fixed a terrible DoS bug in the file download buffering so that large
binary files with no length header but are marked as text no longer eat up
all the RAM. An upgrade to zlib 1.2.1 was required to do this.
- gzip or zlib compressed pages are now no longer sent to the client
uncompressed if they are not modified with content replacement. This is
extra good if the clients are remote to the filter as it will save
bandwidth. This was a pleasant side effect of fixing the DoS bug.
- Updated to use zlib 1.2.1 for gzip in-memory decompression but will fail
gracefully if an older version is installed. This change was *required* to
fix the DoS bug.
- Slightly improved socket handling so it's a tiny bit quicker and takes up
less file descriptors. This was a result of the DoS bug fixing.
- Made parameter checking more durable and less messy.
- Included zlib static building info in INSTALL file.
Get it from here:
http://dansguardian.org/?page=download2
It is to be found in the stable directory.
Only registered users can write comments.
Please login or register. Powered by AkoComment 1.0 beta 2! |
Home 
