Software-update: DansGuardian 2.9.6.2

DansGuardian helpt je helaas niet met het verbeteren of beheren van jouw danspasjes maar helpt je wel bij het filteren van internetcontent. Voor het filteren wordt gebruik gemaakt van meerdere methodes waardoor je onder andere op url, domein, content phrase, PICS, MIME en bestandsextenties kan filteren. Daarnaast kan het POST gegevens filteren en limiteren die gebruikers naar buiten sturen. Voor meer informatie verwijzen we jullie door naar deze pagina. De ontwikkelaars hebben versie 2.9.6.2 vrijgegeven in de development-branch met de volgende veranderingen sinds de vorige vermelding in de meuktracker:

Version 2.9.6.2:

• NTLM username strings are correctly terminated after conversion from UTF-16LE.
• Spelling mistake fixed in ukenglish template.html.
• Fixed "-c" option (Jason Gauthier).
• Slightly tweaked handling of exception CONNECT (HTTPS) requests - should help those with IE & SSL problems.
• Tweaked detection of persistent connections (HTTP 1.1 requests are assumed persistent unless marked otherwise, as per standards).
• Buffered network input in BaseSocket::getLine (fewer system calls during HTTP header retrieval).
• Optional logging of child process handling operations (logchildprocesshandling).
• Conditional installation of contentscanners, lists/contentscanners and lists/downloadmanagers directories.
• Fancy DM has managedextensionlist enabled by default, not managedmimetypelist.

Version 2.9.6.1:

• Improvements/fixes to filter group range checking (auth by IP plugin usable again - sorry!).
• URL cache sorting & searching fixed.
• Workaround for clients that send lowercase "host:" headers.
• Workaround for certain types of Squid-unfriendly request (allows more clients to work with DG+Squid used as a transparent proxy).
• Updated Turkish language files (Ozgur Karatas).
• Confusing "--with-libiconv=yes" configure option removed; iconv check now looks for library in standard search path automatically if a platform-native iconv function is not found.
• Iconv library check looks for both "iconv" and "libiconv" functions - should help OS X 10.3 users.
• Time limits are applied hierarchically to included list files, as has been the intention for a while now (obviously the feature is not widely used :P).
• Case-insensitive handling of HTTP headers (Nerijus Baliunas).

Version 2.9.6.0:

• "ident" auth plugin supports usexforwardedfor when determining client IPs.
• Range checking on filtergroup returned from auth plugins (pointed out by Götz Babin-Ebell).
• Auth by IP plugin ignores entries in ipgroups which specify an out-of-range filtergroup, and prints warning messages when it encounters them.
• Fixed "SafeNetalcoholtobacco" typo in PICS settings file.
• Changed handling of POST uploads; large files should no longer cause timeouts.
• There are now default managed extension/MIME type lists under. "/etc/dansguardian/lists/downloadmanagers", and the latter is enabled by default in the fancy download manager's config file.Götz Babin-Ebell.
• Optional blanket download blocking, with new exception MIME and extension lists for overriding the block (existing banned MIME & extension lists not used in this mode - everything not excepted is banned).
• New "exceptionfilesites" list, for defining domains which are not subject to filtering by MIME type or extension, i.e. trusted download sites.
• Log format changes: IP and hostname are both logged (instead of using one field for either); group name & number are now separate fields.
• Connections are correctly closed after being sent a download link from the fancy download manager.

Version 2.9.5.0:

• Auth by IP plugin works without PCRE.
• When using auth by IP, credentials are cached for the lifetime of a persistent connection, instead of querying the plugin for every request (unless usexforwarded for is enabled).
• Added blanket SSL block (**s) and blanket SSL IP block (*ips).
• All usernames show up as lowercase in the logs.
• Auth plugins get reloaded on -g (allows changes to IP plugin's. ipgroups file to take effect as well as changes to the filtergroupslist).
• Added allow per-group override of reportinglevel (hence per-group choice between HTML template & external access denied address).
• Fixed a few memory leaks & some minor memory corruption.

Version 2.9.4.0:

• NTLM and proxy auth plugins renamed to "proxy-ntlm" and "proxy-basic"
• Fixed child process failure after -g
• Changed clamav's memory scanning method (uses more reliable parts of Clam API; both clamav and clamdscan should now detect the same viruses)
• Unfortunately the new method does involve saving to file first; however, you can use POSIX shared memory on supported platforms, or specify a ramfs/tmpfs location, with a fallback to using the standard filecachedir.
• Also, the temp directory used internally by libclamav can be configured.
• zlib can optionally be statically linked
• Improved handling of HEAD requests and HTTP redirects
• Improved error logging in clamav & clamdscan
• clamdscan now issues "SCAN" command instead of "CONTSCAN" (stops scanning after the first error/virus is found)
• kavdscan can handle archive files containing multiple viruses (patch submitted by littlecahya)
• More verbose output in debug mode
• Improved default & fancy download managers handling of files larger than maxcontentfiltersize (or maxcontentfilecachescansize)
• Filter groups can be named
• Only load filter group 1's settings if no auth plugins are loaded
• Changed -FILTERGROUP- placeholder to return group name
• Added -RAWFILTERGROUP- placeholder for retrieving group number
• Added -SERVERIP- placeholder; returns the IP on which the filter is running (returns correct address if using multiple filterip options; returns 0.0.0.0 if filterip is blank)
• URL cache now stores the group(s) for which a URL is clean, in addition to URLs themselves (cannot access a page with a score beyond your naughtiness limit if someone in a group with higher limit/different phrases has previously accessed it)
• Fixed child process crashes when using maxips option, and add logging of IP usage statistics (new statlocation option)

Version 2.9.3.2:

• Adds logging of upstream proxy return code & user's filter group number
• Fixes/improvements to configure script (FreeBSD users: try '--with-libiconv=/usr/local')

Version 2.9.3.1:

• Fixed x-forwarded-for support in Auth by IP plugin.
• NTLM plugin now compiles on FreeBSD.
• Can now log in using NTLM when browsing HTTPS sites.
• Fixed mis-authentication with downstream proxies.
• Fixed log all usernames, even those not in the filtergroupslist.
• NTLM plugin handles UTF-16 usernames.
• Improved child process responsiveness when using tunnels.