E2guardian no CentOS 7
  1. No diretório /root/download, execute:
    wget -c http://mailserver.guru/7/os/x86_64/Packages/e2guardian-5.3.2-2.el7.x86_64.rpm
    wget -c http://www.shallalist.de/Downloads/shallalist.tar.gz
  2. Instale o /root/download/e2guardian-5.3.2-2.el7.x86_64.rpm.
  3. Edite o arquivo /etc/logrotate.d/e2guardian:
    /var/log/e2guardian/access.log {
      rotate 4
      weekly
      sharedscripts
      prerotate
        systemctl stop e2guardian.service > /dev/null 2>&1 || true
      endscript
      postrotate
        systemctl start e2guardian.service > /dev/null 2>&1
      endscript
    }
  4. Extraia o conteúdo do arquivo /root/download/shallalist.tar.gz no diretório /etc/e2guardian/lists.
  5. No diretório /etc/e2guardian/lists, mude o owner do diretório BL para e2guardian:e2guardian recursivamente:
    chown -R e2guardian:e2guardian BL
  6. Crie o diretório /etc/e2guardian/ssl/generatedcerts:
    mkdir -p /etc/e2guardian/ssl/generatedcerts
  7. Mude o mode do diretório /etc/e2guardian/ssl/generatedcerts para 777:
    chmod 777 /etc/e2guardian/ssl/generatedcerts
  8. Crie o arquivo /etc/e2guardian/ssl/mkcert e o execute:
    #!/bin/bash
    
    openssl genrsa 4096 > ca.key
    openssl req -new -x509 -days 3650 -key ca.key -out ca.pem
    openssl x509 -in ca.pem -outform DER -out ca.der
    openssl genrsa 4096 > cert.key
  9. Edite os arquivos:
    • /etc/e2guardian/e2guardian.conf:
      ...
      # Enable SSL support
      # This must be present to enable MITM and/or Cert checking
      # default is off
      enablessl = on
      ...
      #SSL man in the middle
      #CA certificate path
      #Path to the CA certificate to use as a signing certificate for
      #generated certificates.
      # default is blank - required if ssl_mitm is enabled.
      cacertificatepath = '/etc/e2guardian/ssl/ca.pem'
      
      #CA private key path
      #path to the private key that matches the public key in the CA certificate.
      # default is blank - required if ssl_mitm is enabled.
      caprivatekeypath = '/etc/e2guardian/ssl/ca.key'
      
      #Cert private key path
      #The public / private key pair used by all generated certificates
      # default is blank - required if ssl_mitm is enabled.
      certprivatekeypath = '/etc/e2guardian/ssl/cert.key'
      
      #Generated cert path
      #The location where generated certificates will be saved for future use.
      #(must be writable by the dg user)
      # default is blank - required if ssl_mitm is enabled.
      generatedcertpath = '/etc/e2guardian/ssl/generatedcerts/'
      ...
    • /etc/e2guardian/lists/bannedsitelist:
      ...
      #List other sites to block:
      
      # badboys.com
      xxxbucetas.net
      bucetas.b-cdn.net
      xvideos.blog
      ...
      # You will need to edit to add and remove categories you want
      .Include</etc/e2guardian/lists/BL/porn/domains>
      .Include</etc/e2guardian/lists/BL/aggressive/domains>
  10. Habilite e inicie o serviço e2guardian.service:
    systemctl enable e2guardian.service
    systemctl start e2guardian.service
IP
3.236.51.151