14
edits
m (Protected "CollabNet Guide": Official page ([Edit=Allow only administrators] (indefinite) [Move=Allow only administrators] (indefinite))) |
m (update e2g) |
||
(6 intermediate revisions by 2 users not shown) | |||
=== Systemd ===
All network configuration is done in the <code>/etc/systemd/network</code> directory. We'll start by
{{code|▼
sudo systemctl enable --now systemd-networkd
}}▼
Next, create the bridge. The following simply creates a network bridge named <code>collabnet</code>
'''/etc/systemd/network/collabnet.netdev'''
Now, we can set up basic routing. First, install some required packages
{{code|
sudo apt-get install -y nftables dnsmasq curl resolvconf
}}
E2Guardian can be used to implement network filtering on your VM. It supports transparent HTTP and HTTPS filtering making it ideal for a setup like CollabVM where the client can't be trusted to always use a proxy or DNS server. Here's how to set it up.
=== Installation ===
Run the following command:
{{code|
wget https://e2guardian.numsys.eu/v5.5/
sudo apt-get install ./
▲}}
▲You can then install e2guardian:
▲{{code|
▲wget https://e2guardian.numsys.eu/v5.5/e2debian_bullseye_V5.5.4r_20231113.deb # IF THERE'S A NEWER VERSION AVAILABLE AT https://e2guardian.numsys.eu/, USE THAT INSTEAD
}}
Install some other dependencies:
useoriginalip = on
</nowiki>}}
{{ombox
| type = speedy
| image = [[File:Ambox_important_red.svg|40px]]
| text = If your router VM has 4GB of RAM or less, set the <code>httpworkers</code> option to <code>300</code> to avoid out-of-memory issues!
}}
Now open e2guardianf1.conf in an editor, then find and set the following values:
{{code|<nowiki>
Now you can download the collabnet filter lists:
{{code|
cd /etc/e2guardian/lists
git clone --depth 1 https://git.computernewb.com/collabvm/e2guardian.git group1
}}
}}
==== Updating the filter lists ====
To enable automatic updates of the filter lists, run <code>sudo crontab -e</code> and add the following to the bottom of the file:
{{code|
▲# cd /etc/e2guardian/lists/group1
}}
This will check for filter list updates once an hour.
=== Start it up ===
You should now be able to start e2guardian without error using the following command:
|