dansguardian - add multiple select option to dansguardian group acl

4 files changed, 123 insertions, 51 deletions

diff --git a/config/dansguardian/dansguardian.inc b/config/dansguardian/dansguardian.inc
index f61936a7..4bb30cce 100755
--- a/config/dansguardian/dansguardian.inc
+++ b/config/dansguardian/dansguardian.inc
@@ -29,7 +29,7 @@
 */
 
 require_once("util.inc");
-require("globals.inc");
+require_once("globals.inc");
 #require("guiconfig.inc");
 
 $pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
@@ -269,7 +269,7 @@ function sync_package_dansguardian() {
 					"/lists/exceptioniplist",
 					"/lists/pics");
 	
-	$dansguardian_dir="/usr/local/etc/dansguardian";
+	$dansguardian_dir= DANSGUARDIAN_DIR . "/etc/dansguardian";
 	foreach ($files as $file)
 		if (! file_exists($dansguardian_dir.$file.'.sample')){
 			$new_file="";
@@ -333,12 +333,12 @@ function sync_package_dansguardian() {
 	#phrase ACL
 	#create a default setup if not exists
 	if (!is_array($config['installedpackages']['dansguardianphraseacl']['config'])){
-		$banned_file=file("/usr/local/etc/dansguardian/lists/bannedphraselist");
+		$banned_file=file(DANSGUARDIAN_DIR . "/etc/dansguardian/lists/bannedphraselist");
 		foreach($banned_file as $file_line)
 			if (preg_match ("/^.Include<(\S+)>/",$file_line,$matches))
 			 	$banned_includes .= $matches[1].",";
 		
-		$weighted_file=file("/usr/local/etc/dansguardian/lists/weightedphraselist");
+		$weighted_file=file(DANSGUARDIAN_DIR . "/etc/dansguardian/lists/weightedphraselist");
 		foreach($weighted_file as $file_line)
 			if (preg_match ("/^.Include<(\S+)>/",$file_line,$matches))
 			 	$weighted_includes .= $matches[1].",";
@@ -761,6 +761,62 @@ function sync_package_dansguardian() {
 
 		foreach ($groups as $group)
 			$dansguardian_groups[$group]=(preg_match("/$group/",$dansguardian_groups['group_options'])?"on":"off");
+		#create group list files
+		$lists=array("phraseacl"   => array("bannedphrase","weightedphrase","exceptionphrase"),
+					 "siteacl"     => array("bannedsite","greysite","exceptionsite","exceptionfilesite","logsite"),
+					 "urlacl"      => array("bannedurl","greyurl","exceptionurl","exceptionregexpurl","bannedregexpurl","urlregexp","exceptionfileurl","logurl","logregexpurl"),
+					 "contentacl"  => array("contentregexp"),
+					 "extensionacl"=> array("exceptionextension","exceptionmimetype","bannedextension","bannedmimetype"),
+					 "headeracl"   => array("headerregexp","bannedregexpheader"),
+					 "searchacl"   => array("searchengineregexp","bannedsearchterm","weightedsearchterm","exceptionsearchterm")
+					 );
+		foreach ($lists as $list_key => $list_array){
+			foreach ($list_array as $list_value){
+				#read all access lists applied tho this group option
+				foreach (explode(",",$dansguardian_groups[$list_key]) as $dacl){
+					if (! is_array(${$list_value}))
+						${$list_value}=array();
+					$file_temp=file_get_contents(DANSGUARDIAN_DIR . "/etc/dansguardian/lists/{$list_value}list.{$dacl}")."\n";
+					${$list_value}=array_merge(explode("\n",$file_temp),${$list_value});
+				}
+				#add a package warning
+				array_unshift(${$list_value},"#Do not edit this file.","#It's created by dansguardian package and overwrited every config save.");
+				#save group file and unset array
+				file_put_contents(DANSGUARDIAN_DIR . "/etc/dansguardian/lists/{$list_value}list.g_{$dansguardian_groups['name']}",implode("\n",array_unique(${$list_value}))."\n",LOCK_EX);
+				unset(${$list_value});
+				}		
+		}
+		/*
+		bannedphraselist = '/usr/local/etc/dansguardian/lists/bannedphraselist.{$dansguardian_groups['phraseacl']}'
+		weightedphraselist = '/usr/local/etc/dansguardian/lists/weightedphraselist.{$dansguardian_groups['phraseacl']}'
+		exceptionphraselist = '/usr/local/etc/dansguardian/lists/exceptionphraselist.{$dansguardian_groups['phraseacl']}'
+		bannedsitelist = '/usr/local/etc/dansguardian/lists/bannedsitelist.{$dansguardian_groups['siteacl']}'
+		greysitelist = '/usr/local/etc/dansguardian/lists/greysitelist.{$dansguardian_groups['siteacl']}'
+		exceptionsitelist = '/usr/local/etc/dansguardian/lists/exceptionsitelist.{$dansguardian_groups['siteacl']}'
+		bannedurllist = '/usr/local/etc/dansguardian/lists/bannedurllist.{$dansguardian_groups['urlacl']}'
+		greyurllist = '/usr/local/etc/dansguardian/lists/greyurllist.{$dansguardian_groups['urlacl']}'
+		exceptionurllist = '/usr/local/etc/dansguardian/lists/exceptionurllist.{$dansguardian_groups['urlacl']}'
+		exceptionregexpurllist = '/usr/local/etc/dansguardian/lists/exceptionregexpurllist.{$dansguardian_groups['urlacl']}'
+		bannedregexpurllist = '/usr/local/etc/dansguardian/lists/bannedregexpurllist.{$dansguardian_groups['urlacl']}'
+		contentregexplist = '/usr/local/etc/dansguardian/lists/contentregexplist.{$dansguardian_groups['contentacl']}'
+		urlregexplist = '/usr/local/etc/dansguardian/lists/urlregexplist.{$dansguardian_groups['urlacl']}'
+		exceptionextensionlist = '/usr/local/etc/dansguardian/lists/exceptionextensionlist.{$dansguardian_groups['extensionacl']}'
+		exceptionmimetypelist = '/usr/local/etc/dansguardian/lists/exceptionmimetypelist.{$dansguardian_groups['extensionacl']}'
+		bannedextensionlist = '/usr/local/etc/dansguardian/lists/bannedextensionlist.{$dansguardian_groups['extensionacl']}'
+		bannedmimetypelist = '/usr/local/etc/dansguardian/lists/bannedmimetypelist.{$dansguardian_groups['extensionacl']}'
+		exceptionfilesitelist = '/usr/local/etc/dansguardian/lists/exceptionfilesitelist.{$dansguardian_groups['siteacl']}'
+		exceptionfileurllist = '/usr/local/etc/dansguardian/lists/exceptionfileurllist.{$dansguardian_groups['urlacl']}'
+		logsitelist = '/usr/local/etc/dansguardian/lists/logsitelist.{$dansguardian_groups['siteacl']}'
+		logurllist = '/usr/local/etc/dansguardian/lists/logurllist.{$dansguardian_groups['urlacl']}'
+		logregexpurllist = '/usr/local/etc/dansguardian/lists/logregexpurllist.{$dansguardian_groups['urlacl']}'
+		headerregexplist = '/usr/local/etc/dansguardian/lists/headerregexplist.{$dansguardian_groups['headeracl']}'
+		bannedregexpheaderlist = '/usr/local/etc/dansguardian/lists/bannedregexpheaderlist.{$dansguardian_groups['headeracl']}'
+		searchengineregexplist = '/usr/local/etc/dansguardian/lists/searchengineregexplist.{$dansguardian_groups['searchacl']}'
+		bannedsearchtermlist = '/usr/local/etc/dansguardian/lists/bannedsearchtermlist.{$dansguardian_groups['searchacl']}'
+		weightedsearchtermlist = '/usr/local/etc/dansguardian/lists/weightedsearchtermlist.{$dansguardian_groups['searchacl']}'
+		exceptionsearchtermlist = '/usr/local/etc/dansguardian/lists/exceptionsearchtermlist.{$dansguardian_groups['searchacl']}'
+		*/ 
+		$dg_dir=DANSGUARDIAN_DIR;
 		include("/usr/local/pkg/dansguardianfx.conf.template");
 		file_put_contents($dansguardian_dir."/dansguardianf".$count.".conf", $dgf, LOCK_EX);
 		
@@ -833,7 +889,7 @@ EOF;
 			<fielddescr>Users</fielddescr>
 			<fieldname>info_checkbox</fieldname>
 			<type>checkbox</type>
-			<description><![CDATA[Dansguardian users are required only when you have more then one group.<br>All unauthenticated users or unlisted uses will match first filter group.]]></description>
+			<description><![CDATA[Dansguardian users are required only when you have more then one group.<br>All unauthenticated users or unlisted users will match first filter group.]]></description>
 		</field>
 EOF;
 	}
@@ -1050,7 +1106,7 @@ EOF;
 			$replace[0]='YES';
 
 			#clamdscan.conf dansguardian file	
-			$cconf="/usr/local/etc/dansguardian/contentscanners/clamdscan.conf";
+			$cconf=DANSGUARDIAN_DIR . "/etc/dansguardian/contentscanners/clamdscan.conf";
 			$cconf_file=file_get_contents($cconf);
 			if (preg_match('/#clamdudsfile/',$cconf_file)){
 				$cconf_file=preg_replace('/#clamdudsfile/','clamdudsfile',$cconf_file);
@@ -1115,8 +1171,8 @@ EOF;
 			chmod ($script,444);	
 	}
 	
-	if (!file_exists('/usr/local/etc/dansguardian/lists/phraselists/pornography/weighted_russian_utf8'))
-		file_put_contents('/usr/local/etc/dansguardian/lists/phraselists/pornography/weighted_russian_utf8',"",LOCK_EX);
+	if (!file_exists(DANSGUARDIAN_DIR . '/etc/dansguardian/lists/phraselists/pornography/weighted_russian_utf8'))
+		file_put_contents(DANSGUARDIAN_DIR . '/etc/dansguardian/lists/phraselists/pornography/weighted_russian_utf8',"",LOCK_EX);
 	
 	#check ca certs hashes	
 	check_ca_hashes();
@@ -1241,15 +1297,15 @@ function dansguardian_do_xmlrpc_sync($sync_to_ip, $password,$sync_type) {
 		$cli->setCredentials('admin', $password);
 		if($g['debug'])
 			$cli->setDebug(1);
-		/* send our XMLRPC message and timeout after 250 seconds */
-		$resp = $cli->send($msg, "250");
+		/* send our XMLRPC message and timeout after 30 seconds */
+		$resp = $cli->send($msg, "30");
 		if(!$resp) {
 			$error = "A communications error occurred while attempting dansguardian XMLRPC sync with {$url}:{$port}.";
 			log_error($error);
 			file_notice("sync_settings", $error, "dansguardian Settings Sync", "");
 		} elseif($resp->faultCode()) {
 			$cli->setDebug(1);
-			$resp = $cli->send($msg, "250");
+			$resp = $cli->send($msg, "30");
 			$error = "An error code was received while attempting dansguardian XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString();
 			log_error($error);
 			file_notice("sync_settings", $error, "dansguardian Settings Sync", "");
@@ -1272,14 +1328,14 @@ function dansguardian_do_xmlrpc_sync($sync_to_ip, $password,$sync_type) {
 		$msg = new XML_RPC_Message($method, $params);
 		$cli = new XML_RPC_Client('/xmlrpc.php', $url, $port);
 		$cli->setCredentials('admin', $password);
-		$resp = $cli->send($msg, "250");
+		$resp = $cli->send($msg, "30");
 		if(!$resp) {
 			$error = "A communications error occurred while attempting dansguardian XMLRPC sync with {$url}:{$port} (pfsense.exec_php).";
 			log_error($error);
 			file_notice("sync_settings", $error, "dansguardian Settings Sync", "");
 		} elseif($resp->faultCode()) {
 			$cli->setDebug(1);
-			$resp = $cli->send($msg, "250");
+			$resp = $cli->send($msg, "30");
 			$error = "An error code was received while attempting dansguardian XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString();
 			log_error($error);
 			file_notice("sync_settings", $error, "dansguardian Settings Sync", "");
diff --git a/config/dansguardian/dansguardian_about.php b/config/dansguardian/dansguardian_about.php
index e678ede7..07b5768e 100755
--- a/config/dansguardian/dansguardian_about.php
+++ b/config/dansguardian/dansguardian_about.php
@@ -27,7 +27,7 @@
 	POSSIBILITY OF SUCH DAMAGE.
 */
 
-require("guiconfig.inc");
+require_once("guiconfig.inc");
 
 $pfSversion = str_replace("\n", "", file_get_contents("/etc/version"));
 if(strstr($pfSversion, "1.2"))
diff --git a/config/dansguardian/dansguardian_groups.xml b/config/dansguardian/dansguardian_groups.xml
index 96429567..9498ef4c 100755
--- a/config/dansguardian/dansguardian_groups.xml
+++ b/config/dansguardian/dansguardian_groups.xml
@@ -163,6 +163,8 @@
 			<source><![CDATA[$config['installedpackages']['dansguardianpicsacl']['config']]]></source>
 			<source_name>name</source_name>
 			<source_value>name</source_value>
+			<multiple/>
+			<size>5</size>
 		</field>
 		<field>
 			<fielddescr>Phrase</fielddescr>
@@ -172,60 +174,74 @@
 			<source><![CDATA[$config['installedpackages']['dansguardianphraseacl']['config']]]></source>
 			<source_name>name</source_name>
 			<source_value>name</source_value>
+			<multiple/>
+			<size>5</size>
 		</field>
 		<field>
 			<fielddescr>Site</fielddescr>
 			<fieldname>siteacl</fieldname>
-			<description><![CDATA[Select Site Access List to apply on this group.]]></description>
+			<description><![CDATA[Select Site Access Lists to apply on this group.]]></description>
 	    	<type>select_source</type>
 			<source><![CDATA[$config['installedpackages']['dansguardiansiteacl']['config']]]></source>
 			<source_name>name</source_name>
 			<source_value>name</source_value>
+			<multiple/>
+			<size>5</size>
 		</field>
 		<field>
 			<fielddescr>URL</fielddescr>
 			<fieldname>urlacl</fieldname>
-			<description><![CDATA[Select URL Access List to apply on this group.]]></description>
+			<description><![CDATA[Select URL Access Lists to apply on this group.]]></description>
 	    	<type>select_source</type>
 			<source><![CDATA[$config['installedpackages']['dansguardianurlacl']['config']]]></source>
 			<source_name>name</source_name>
 			<source_value>name</source_value>
+			<multiple/>
+			<size>5</size>
 		</field>
 		<field>
 			<fielddescr>Extension</fielddescr>
 			<fieldname>extensionacl</fieldname>
-			<description><![CDATA[Select Extension Access List to apply on this group.]]></description>
+			<description><![CDATA[Select Extension Access Lists to apply on this group.]]></description>
 	    	<type>select_source</type>
 			<source><![CDATA[$config['installedpackages']['dansguardianfileacl']['config']]]></source>
 			<source_name>name</source_name>
 			<source_value>name</source_value>
+			<multiple/>
+			<size>5</size>
 		</field>
 		<field>
 			<fielddescr>Header</fielddescr>
 			<fieldname>headeracl</fieldname>
-			<description><![CDATA[Select Header Access List to apply on this group.]]></description>
+			<description><![CDATA[Select Header Access Lists to apply on this group.]]></description>
 	    	<type>select_source</type>
 			<source><![CDATA[$config['installedpackages']['dansguardianheaderacl']['config']]]></source>
 			<source_name>name</source_name>
 			<source_value>name</source_value>
+			<multiple/>
+			<size>5</size>
 		</field>
 		<field>
 			<fielddescr>Content</fielddescr>
 			<fieldname>contentacl</fieldname>
-			<description><![CDATA[Select Content Access List to apply on this group.]]></description>
+			<description><![CDATA[Select Content Access Lists to apply on this group.]]></description>
 	    	<type>select_source</type>
 			<source><![CDATA[$config['installedpackages']['dansguardiancontentacl']['config']]]></source>
 			<source_name>name</source_name>
 			<source_value>name</source_value>
+			<multiple/>
+			<size>5</size>
 		</field>
 		<field>
 			<fielddescr>Search</fielddescr>
 			<fieldname>searchacl</fieldname>
-			<description><![CDATA[Select Search Access list to apply on this group.]]></description>
+			<description><![CDATA[Select Search Access lists to apply on this group.]]></description>
 	    	<type>select_source</type>
 			<source><![CDATA[$config['installedpackages']['dansguardiansearchacl']['config']]]></source>
 			<source_name>name</source_name>
 			<source_value>name</source_value>
+			<multiple/>
+			<size>5</size>
 		</field>
 		<field>
 			<name>Values</name>
diff --git a/config/dansguardian/dansguardianfx.conf.template b/config/dansguardian/dansguardianfx.conf.template
index 62155217..cfc9645e 100644
--- a/config/dansguardian/dansguardianfx.conf.template
+++ b/config/dansguardian/dansguardianfx.conf.template
@@ -56,20 +56,20 @@ groupmode = {$dansguardian_groups['mode']}
 groupname = '{$dansguardian_groups['name']}'
 
 # Content filtering files location
-bannedphraselist = '/usr/local/etc/dansguardian/lists/bannedphraselist.{$dansguardian_groups['phraseacl']}'
-weightedphraselist = '/usr/local/etc/dansguardian/lists/weightedphraselist.{$dansguardian_groups['phraseacl']}'
-exceptionphraselist = '/usr/local/etc/dansguardian/lists/exceptionphraselist.{$dansguardian_groups['phraseacl']}'
-bannedsitelist = '/usr/local/etc/dansguardian/lists/bannedsitelist.{$dansguardian_groups['siteacl']}'
-greysitelist = '/usr/local/etc/dansguardian/lists/greysitelist.{$dansguardian_groups['siteacl']}'
-exceptionsitelist = '/usr/local/etc/dansguardian/lists/exceptionsitelist.{$dansguardian_groups['siteacl']}'
-bannedurllist = '/usr/local/etc/dansguardian/lists/bannedurllist.{$dansguardian_groups['urlacl']}'
-greyurllist = '/usr/local/etc/dansguardian/lists/greyurllist.{$dansguardian_groups['urlacl']}'
-exceptionurllist = '/usr/local/etc/dansguardian/lists/exceptionurllist.{$dansguardian_groups['urlacl']}'
-exceptionregexpurllist = '/usr/local/etc/dansguardian/lists/exceptionregexpurllist.{$dansguardian_groups['urlacl']}'
-bannedregexpurllist = '/usr/local/etc/dansguardian/lists/bannedregexpurllist.{$dansguardian_groups['urlacl']}'
-picsfile = '/usr/local/etc/dansguardian/lists/{$dansguardian_groups['picsacl']}'
-contentregexplist = '/usr/local/etc/dansguardian/lists/contentregexplist.{$dansguardian_groups['contentacl']}'
-urlregexplist = '/usr/local/etc/dansguardian/lists/urlregexplist.{$dansguardian_groups['urlacl']}'
+bannedphraselist = '{$dg_dir}/etc/dansguardian/lists/bannedphraselist.g_{$dansguardian_groups['name']}'
+weightedphraselist = '{$dg_dir}/etc/dansguardian/lists/weightedphraselist.g_{$dansguardian_groups['name']}'
+exceptionphraselist = '{$dg_dir}/etc/dansguardian/lists/exceptionphraselist.g_{$dansguardian_groups['name']}'
+bannedsitelist = '{$dg_dir}/etc/dansguardian/lists/bannedsitelist.g_{$dansguardian_groups['name']}'
+greysitelist = '{$dg_dir}/etc/dansguardian/lists/greysitelist.g_{$dansguardian_groups['name']}'
+exceptionsitelist = '{$dg_dir}/etc/dansguardian/lists/exceptionsitelist.g_{$dansguardian_groups['name']}'
+bannedurllist = '{$dg_dir}/etc/dansguardian/lists/bannedurllist.g_{$dansguardian_groups['name']}'
+greyurllist = '{$dg_dir}/etc/dansguardian/lists/greyurllist.g_{$dansguardian_groups['name']}'
+exceptionurllist = '{$dg_dir}/etc/dansguardian/lists/exceptionurllist.g_{$dansguardian_groups['name']}'
+exceptionregexpurllist = '{$dg_dir}/etc/dansguardian/lists/exceptionregexpurllist.g_{$dansguardian_groups['name']}'
+bannedregexpurllist = '{$dg_dir}/etc/dansguardian/lists/bannedregexpurllist.g_{$dansguardian_groups['name']}'
+picsfile = '{$dg_dir}/etc/dansguardian/lists/g_{$dansguardian_groups['name']}'
+contentregexplist = '{$dg_dir}/etc/dansguardian/lists/contentregexplist.g_{$dansguardian_groups['name']}'
+urlregexplist = '{$dg_dir}/etc/dansguardian/lists/urlregexplist.g_{$dansguardian_groups['name']}'
 
 # Filetype filtering
 #
@@ -83,28 +83,28 @@ urlregexplist = '/usr/local/etc/dansguardian/lists/urlregexplist.{$dansguardian_
 # (on | off)
 #
 blockdownloads = {$dansguardian_groups['blockdownloads']}
-exceptionextensionlist = '/usr/local/etc/dansguardian/lists/exceptionextensionlist.{$dansguardian_groups['extensionacl']}'
-exceptionmimetypelist = '/usr/local/etc/dansguardian/lists/exceptionmimetypelist.{$dansguardian_groups['extensionacl']}'
+exceptionextensionlist = '{$dg_dir}/etc/dansguardian/lists/exceptionextensionlist.g_{$dansguardian_groups['name']}'
+exceptionmimetypelist = '{$dg_dir}/etc/dansguardian/lists/exceptionmimetypelist.g_{$dansguardian_groups['name']}'
 #
 # Use the following lists to block specific kinds of file downloads.
 # The two exception lists above can be used to override these.
 #
-bannedextensionlist = '/usr/local/etc/dansguardian/lists/bannedextensionlist.{$dansguardian_groups['extensionacl']}'
-bannedmimetypelist = '/usr/local/etc/dansguardian/lists/bannedmimetypelist.{$dansguardian_groups['extensionacl']}'
+bannedextensionlist = '{$dg_dir}/etc/dansguardian/lists/bannedextensionlist.g_{$dansguardian_groups['name']}'
+bannedmimetypelist = '{$dg_dir}/etc/dansguardian/lists/bannedmimetypelist.g_{$dansguardian_groups['name']}'
 #
 # In either file filtering mode, the following list can be used to override
 # MIME type & extension blocks for particular domains & URLs (trusted download sites).
 #
-exceptionfilesitelist = '/usr/local/etc/dansguardian/lists/exceptionfilesitelist.{$dansguardian_groups['siteacl']}'
-exceptionfileurllist = '/usr/local/etc/dansguardian/lists/exceptionfileurllist.{$dansguardian_groups['urlacl']}'
+exceptionfilesitelist = '{$dg_dir}/etc/dansguardian/lists/exceptionfilesitelist.g_{$dansguardian_groups['name']}'
+exceptionfileurllist = '{$dg_dir}/etc/dansguardian/lists/exceptionfileurllist.g_{$dansguardian_groups['name']}'
 
 # Categorise without blocking:
 # Supply categorised lists here and the category string shall be logged against
 # matching requests, but matching these lists does not perform any filtering
 # action.
-logsitelist = '/usr/local/etc/dansguardian/lists/logsitelist.{$dansguardian_groups['siteacl']}'
-logurllist = '/usr/local/etc/dansguardian/lists/logurllist.{$dansguardian_groups['urlacl']}'
-logregexpurllist = '/usr/local/etc/dansguardian/lists/logregexpurllist.{$dansguardian_groups['urlacl']}'
+logsitelist = '{$dg_dir}/etc/dansguardian/lists/logsitelist.g_{$dansguardian_groups['name']}'
+logurllist = '{$dg_dir}/etc/dansguardian/lists/logurllist.g_{$dansguardian_groups['name']}'
+logregexpurllist = '{$dg_dir}/etc/dansguardian/lists/logregexpurllist.g_{$dansguardian_groups['name']}'
 
 # Outgoing HTTP header rules:
 # Optional lists for blocking based on, and modification of, outgoing HTTP
@@ -115,8 +115,8 @@ logregexpurllist = '/usr/local/etc/dansguardian/lists/logregexpurllist.{$dansgua
 # Headers are matched/replaced on a line-by-line basis, not as a contiguous
 # block.
 # Use for example, to remove cookies or prevent certain user-agents.
-headerregexplist = '/usr/local/etc/dansguardian/lists/headerregexplist.{$dansguardian_groups['headeracl']}'
-bannedregexpheaderlist = '/usr/local/etc/dansguardian/lists/bannedregexpheaderlist.{$dansguardian_groups['headeracl']}'
+headerregexplist = '{$dg_dir}/etc/dansguardian/lists/headerregexplist.g_{$dansguardian_groups['name']}'
+bannedregexpheaderlist = '{$dg_dir}/etc/dansguardian/lists/bannedregexpheaderlist.g_{$dansguardian_groups['name']}'
 
 # Weighted phrase mode
 # Optional; overrides the weightedphrasemode option in dansguardian.conf
@@ -143,7 +143,7 @@ naughtynesslimit = {$dansguardian_groups['naughtynesslimit']}
 # List of regular expressions for matching search engine URLs.  It is assumed
 # that the search terms themselves will be contained within the first submatch
 # of each expression.
-searchengineregexplist = '/usr/local/etc/dansguardian/lists/searchengineregexplist.{$dansguardian_groups['searchacl']}'
+searchengineregexplist = '{$dg_dir}/etc/dansguardian/lists/searchengineregexplist.g_{$dansguardian_groups['name']}'
 #
 # Search term limit
 # The limit over which requests will be blocked for containing search terms
@@ -165,9 +165,9 @@ searchtermlimit = {$dansguardian_groups['searchtermlimit']}
 # of text.
 # Please note that all or none of the below should be uncommented, not a
 # mixture.
-bannedsearchtermlist = '/usr/local/etc/dansguardian/lists/bannedsearchtermlist.{$dansguardian_groups['searchacl']}'
-weightedsearchtermlist = '/usr/local/etc/dansguardian/lists/weightedsearchtermlist.{$dansguardian_groups['searchacl']}'
-exceptionsearchtermlist = '/usr/local/etc/dansguardian/lists/exceptionsearchtermlist.{$dansguardian_groups['searchacl']}'
+bannedsearchtermlist = '{$dg_dir}/etc/dansguardian/lists/bannedsearchtermlist.g_{$dansguardian_groups['name']}'
+weightedsearchtermlist = '{$dg_dir}/etc/dansguardian/lists/weightedsearchtermlist.g_{$dansguardian_groups['name']}'
+exceptionsearchtermlist = '{$dg_dir}/etc/dansguardian/lists/exceptionsearchtermlist.g_{$dansguardian_groups['name']}'
 
 # Category display threshold
 # This option only applies to pages blocked by weighted phrase filtering.
@@ -293,12 +293,12 @@ deepurlanalysis = {$dansguardian_groups['deepurlanalysis']}
 # only used in reporting level 3.
 #
 # The default template file path is <languagedir>/<language>/template.html
-# e.g. /usr/local/share/dansguardian/languages/ukenglish/template.html when using 'ukenglish'
+# e.g. {$dg_dir}/share/dansguardian/languages/ukenglish/template.html when using 'ukenglish'
 # language.
 #
 # This option generates a file path of the form:
 # <languagedir>/<language>/<htmltemplate>
-# e.g. /usr/local/share/dansguardian/languages/ukenglish/custom.html
+# e.g. {$dg_dir}/share/dansguardian/languages/ukenglish/custom.html
 #
 #htmltemplate = 'custom.html'