[squid-users] Dansguardian 2.9.4.0 released

From: Kai Geek <kaigeek@dont-contact.us>
Date: Thu, 26 Jan 2006 16:25:29 +0800

Hello,
DansGuardian 2.9.4.0 is released. This version adds a whole bunch of
improvements and features as well as a lot of bug fixing.

We had planned that this would be a beta release (i.e. feature complete
but not bug tested) however there are still a number of things we want to
add first. For example there is an idea of an exceptionmimesitelist and
extension. This would allow you to say ban all non web files except for
a few trusted software update domains. Also we'd like to add things like
blanket IP SSL block and blancket SSL block. Too many SSL proxy sites are
out there allowing people to bypass Guardian. The idea is deny them all
and only allow known good sites like banking and shopping. It's also
good for blocking Skype if you're into that sort of thing.

This version's config is not compatible with previous versions so a fresh
install and manual migration is needed. This is the nature of alpha
software unfortunately. It should not be too long now before a beta.

This version has the following changes since 2.9.3.1:

- NTLM and proxy auth plugins renamed to "proxy-ntlm" and "proxy-basic"

- Fixed child process failure after -g

- Changed clamav's memory scanning method (uses more reliable parts of
  Clam API; both clamav and clamdscan should now detect the same viruses)

- Unfortunately the new method does involve saving to file first;
  however, you can use POSIX shared memory on supported platforms, or
  specify a ramfs/tmpfs location, with a fallback to using the standard
  filecachedir.

- Also, the temp directory used internally by libclamav can be configured.

- zlib can optionally be statically linked

- Improved handling of HEAD requests and HTTP redirects

- Improved error logging in clamav & clamdscan

- clamdscan now issues "SCAN" command instead of "CONTSCAN" (stops
  scanning after the first error/virus is found)

- kavdscan can handle archive files containing multiple viruses (patch
  submitted by littlecahya)

- More verbose output in debug mode

- Improved default & fancy download managers handling of files larger
  than maxcontentfiltersize (or maxcontentfilecachescansize)

- Filter groups can be named

- Only load filter group 1's settings if no auth plugins are loaded

- Changed -FILTERGROUP- placeholder to return group name

- Added -RAWFILTERGROUP- placeholder for retrieving group number

- Added -SERVERIP- placeholder; returns the IP on which the filter is
  running (returns correct address if using multiple filterip options;
  returns 0.0.0.0 if filterip is blank)

- URL cache now stores the group(s) for which a URL is clean, in
  addition to URLs themselves (cannot access a page with a score beyond
  your naughtiness limit if someone in a group with higher limit/different
  phrases has previously accessed it)

- Fixed child process crashes when using maxips option, and add logging of
  IP usage statistics (new statlocation option)

+-+-+-+ BEGIN PGP SIGNATURE +-+-+-+
Version: GnuPG v1.4.2 (GNU/Linux)
   .-. .-. _
   : : : : :_;
 .-' : .--. : `-. .-. .--. ,-.,-.
' .; :' '_.'' .; :: :' .; ; : ,. :
`.__.'`.__.'`.__.':_;`.__,_;:_;:_;

Kai "Ozgur" Geek
Network Engineer
PGP ID: B1B63B6E
+-+-+-+ END PGP SIGNATURE +-+-+-+

-- 
_______________________________________________
Check out the latest SMS services @ http://www.linuxmail.org
This allows you to send and receive SMS through your mailbox.
Powered by Outblaze
Received on Thu Jan 26 2006 - 01:25:35 MST

This archive was generated by hypermail pre-2.1.9 : Wed Feb 01 2006 - 12:00:01 MST