Follow the instructions on this page to install the webstrict package.

DansGuardian (a web content filtering tool) and Tinyproxy (a lightweight HTTP proxy) will be installed with this package.

You have to configure Firefox to use Tinyproxy/Dansguardian for your Internet connection to be filtered. You can do that:

• Automatically

In “System-Administration” you will find a “WebStrict” menu to launch the webstrict tool (or type “webstrict” in a terminal). Click on the “Lock” button: Firefox is now configured to use Dansguardian and nobody (except the root user) can change this configuration.

• Manually

Launch Firefox. In the “Edit→Preferences” menu, “Advanced→Network” tab, click on “Settings”. Check “Manual proxy configuration” and type:

  Proxy HTTP : localhost
  Port : 8080

and check “Use this proxy server for all protocols”.

In order to filter your internet connection the Tinyproxy and Dansguardian services should be started. You can do that:

• Automatically

Launch webstrict and click on the “Start” button. The Tinyproxy and Dansguardian status should display green icons.

• Manually

Open a terminal and execute the following commands:

sudo /etc/init.d/tinyproxy restart
sudo /etc/init.d/dansguardian restart

Check your installation

Launch Firefox and try to access a forbidden web site, an “access denied” message should be displayed:

(result of a Google search about playboy)

Launch webstrict to configure blacklist/whitelist/naughtyness settings. In the list editor window you can add, edit, delete lines and enable/disable them:

Banned files extension list

Lines beginning with a # are commented out. You can add or remove the # using the “enable/disable” button.
You should use the “enable/disable” button instead of the “delete” button because deleting a line is a permanent action.

Don't forget to restart services each time you modify the configuration.

• Banned IPs: only used if Dansguardian is used by several computers. (this is not the IP of web servers you want to filter but client IP in your network)
• Banned Sites: to block entire web sites. (don't bother with the www. or the http://)
• Banned URLs: to block part of a site. (don't bother with the www. or the http://)
• Banned Phrases: to block any page containing specific words.
• Banned MIME Types: to block MIME Types (for example: videos)
• Banned File Extensions: to block file extensions, like .mp3, .exe, .avi

• Banned IPs Exceptions: only used if you have servers on your network that need unfiltered access.
• Banned Sites Exceptions: to allow entire web sites. (don't bother with the www. or the http://)
• Banned URLs Exceptions: to allow part of a site. (don't bother with the www. or the http://)
• Banned Phrases Exceptions: to allow pages containing specific words (for example: education or medical)

This is the limit over which the page will be blocked. Each weighted phrase is given a value either positive or negative and these values are added up. Phrases that are related with good subjects will have negative values whereas those related with bad subjects will have positive values. See the weightedphraselist file for examples.

As a guide:
50 is for young children, 100 for old children, 160 for young adults.

You can view the access log files in two formats: text or HTML (HTML is more readable). You will see the history of all web sites blocked and the reason for the blocking.
You could then adjust the settings depending on your needs.

If you have this error when you launch Firefox (after having clicked on the “lock” button in webstrict), then run this command:

sudo sed -i "s|pref(\"general.config.obscure_value\", 13)|pref(\"general.config.obscure_value\", 0)|" /usr/lib/firefox/greprefs/all.js

and restart Firefox.

Open webstrict, select “Banned File Extensions” in the Blacklist list and click on the Edit button. Locate the line with the extension of the file you want to download and click on the “Enable/Disable” button. The line will be commented out (a # is added), and you will be able to download all files ending with this extension.
(don't forget to restart services)

The HTML log file displays all URLs that have been blocked, with the date and the reason.
For example you could see:

Here, a google search has been blocked because the weighted phrase limit (naughtyness limit) of 60 has been exceeded (the page has a weight of 145).

Here, an attempt to download a ”.bz2” file has been made.

You should know that the filtering is only enabled for Firefox, if you have other web browsers (like Epiphany or Opera) you should configure them manually to use tinyproxy (see manual configuration).
You should also use the “Lock” button in webstrict to prevent your kids from changing the configuration.

Run this command:

sudo sed -i "s|pref(\"general.config.obscure_value\", 13)|pref(\"general.config.obscure_value\", 0)|" /usr/lib/firefox/greprefs/all.js

Open webstrict and click on the “Unlock” button. Then start Firefox and in the “Edit→Preferences” menu, “Advanced→Network” tab, click on “Settings”. Check “Direct connection to the Internet”.

If you want to set up different configurations for different user accounts (for example, a less restrictive configuration for the root user), follow this procedure:

• Open a terminal and execute the following command:

sudo gedit /etc/dansguardian/dansguardianf2.conf

This file will be the second configuration, for example you can set the naughtynesslimit to 200 (for the root user).
You can also change the list files. For example, if you don't want to filter file extensions, change the following line:

bannedextensionlist = '/etc/dansguardian/bannedextensionlist2'

And create an empty bannedextensionlist2 file in /etc/dansguardian.
When you are done with modifying the configuration, save the file.

• Then execute:

sudo gedit /etc/dansguardian/filtergroupslist

And add the user(s) to the second configuration; for example:

mehdi=filter2

Here, user Mehdi belongs to the second filter group and will have a naughtynesslimit of 200. All other users will belong to the first filter group (the one webstrict modifies).