** What is this? ** cen|sù|ra: controllo esercitato da un'autorità civile o religiosa su pubblicazioni, spettacoli, mezzi di informazione, per adeguarli ai principi della legge, di una religione o di una dottrina morale. (Tullio De Mauro, il dizionario della lingua italiana.) censor [transitive verb]: to suppress or delete as objectionable. (Merriam-Webster's Online dictionary.) Censorship is the removal or withholding of information from the public by a controlling group or body. (Wikipedia entry for Censorship.) This suite of programs implements by-domain and by-IP censorship of the Internet. It is designed to be able to accomodate multiple blacklists and be easily extensible. ** Lists of Modules Supported by this software ** - aams - Agenzia Dogane e Monopoli - Gambling - list available on https://www.adm.gov.it/portale/siti-web-inibiti-giochi - tabacchi - Agenzia Dogane e Monopoli - Tobacco Control - list available on https://www.adm.gov.it/portale/siti-inibiti-tabacchi - agcom - Autorita' per le garanzie nelle comunicazioni - Copyright infringment - list available on https://www.agcom.it/provvedimenti-a-tutela-del-diritto-d-autore - cncpo - Centro Nazionale Controllo Peodopornografia Online - Child Pornography - list NOT available to the public - consob - Commissione Nazionale per le Società e la Borsa - Trading - list available on https://www.consob.it/web/area-pubblica/oscuramenti (BROKEN due Anti-Bot protection) - pscaiip - Piracy Shield Client implementation by A.I.I.P. - Copyright infringment - list not available yet - manuale - Self-managed list for custom entries ** Requirements ** install-routes-linux: iproute parse_aams: Regexp::Common >= 2013031201, List::MoreUtils, File::Slurp parse_agcom: Regexp::Common >= 2013031201, List::MoreUtils, File::Slurp parse_cncpo: Text::CSV >= 0.32 update_*: wget curl upload-bind-config: rsync (local and remote), BIND (remote) upload-unbound-config: rsync (local and remote), Unbound (remote) python version >= 3.0 if you are using debian or ubuntu you can install all dependencies with the following command: # apt-get install python3 python3-openssl python3-requests-unixsocket \ python3-urllib3 python3-bs4 python3-requests libfile-slurp-perl \ rsync wget perl libregexp-common-perl liblist-moreutils-perl \ python3-click python3-soupsieve python3-orderedattrdict \ python3-tldextract pip curl python3-yaml python3-imaplib2 iproute2 and since url extract and ua-generator aren't available as a package: # pip install urlextract ; pip install ua-generator or # pip install urlextract --break-system-packages ; pip install ua-generator --break-system-packages if needed by your system. ** External sources ** Download helpers download_agcom.py and download_consob.py initial version from https://github.com/mphilosopher/censura Download helpers updated by Federico Santulli - NHM S.r.l. (thanks!) ** Author ** Copyright 2008-2024 by Seeweb s.r.l. Originally Written by Marco d'Itri <md@Linux.IT>. Alerting and Logging by Antonio Bartolini <antonio.bartolini@connesi.it> Privacy Shield Client by AAIP integration by Antonio Bartolini <antonio.bartolini@connesi.it> CNCPO PEC Download Helper by Antonio Bartolini <antonio.bartolini@connesi.it> supernets.py script from https://github.com/grelleum/supernets The authors will appreciate receiving success or failure reports about the deployment this software. ** License ** This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. ** Usage ** Many scripts contain configuration variables that are stored in config.sh. Read and understand each one before before running them. Start from censorship-get and then censorship-apply. Before starting make sure to run the bootstrap script in working path: # bash bootstrap.sh The install-routes-linux script can be run directly on a border router or on a system where a dynamic routing protocol will redistribute the static routes it installs. BIG WARNING: This project is meant to be a TOOLKIT to meet the legal requirements of censorship in Italy and IT IS NOT meant to be used as it is or as a stand-alone all-in-one solution. It must be adapted and customised to YOUR systems and needs. Feel free to modify, enable and disable features as needed. ** Cron requirements ** censorship-cron is the script to be called via cron: # run every 6 hours 27 */6 * * * root /root/kit-censura/censorship-cron &> /dev/null If you are using the Piracy Shield Client by AIIP see README.pscaiip ** Logging and Alerting ** You can enable Logging and Alerting by changing config.sh file. By default the log file is placed on /var/log/kit-censura.log If log rotation is needed there is a template for logrotate in kit-censura.logrotate file ready to be edited and moved on logrotate.d directory. Alerting is triggered only when downloads fails for some reasons and send an email of warning at the address specified in config.sh file. Just be sure that sendmail tool is working propely. ** Name servers configuration ** Something like this should be added to the main configuration file of your name server daemon: # named.conf (BIND) include "/etc/bind/censura/named.conf"; # unbound.conf (Unbound) include: "/etc/unbound/censura.conf" and the db.* files need to be copied in the $CONFDIR directory configured in the build-bind-config script (default: /etc/bind/censura/). The list of your name servers must be configured in the upload-bind-config script.