SquidGuard
Content filtering with squidGuard
This page is built on configuring squid page. You will need to have that set up first. This tutorial is tested on Fedora 12.
squidGuard can be used for content filtering. You can use it for Parental control or just to block known malware/warez sites etc.
This tutorial focuses on blocking porn/adult material, but there are more blacklists available, you just need to enable them.
Installing squidGuard
log in as root and issue the following command:
bash code |
---|
bash# yum -y install squidGuard
|
Download the latest blacklist package from MESD (featured on the squidGuard site):
bash code |
---|
bash# cd /root/ bash# wget http://squidguard.mesd.k12.or.us/blacklists.tgz
|
Configuring squidGuard
Now you need to configure squidGuard. Create a backup of /etc/squid/squidGuard.conf first:
bash code |
---|
bash# cp /etc/squid/squidGuard.conf /etc/squid/squidGuard.conf.orig
|
Then open the file in your favorite editor (e.g. vi).
Change the "dbhome" parameter:
dbhome /var/squidGuard
Then change the "dest adult" block.
The expression list can be hashed out, it's optional and not included in the downloaded blacklists.tgz file. Of course you can create your own expression list or search for them on the internet.
The redirect directive is mandatory. You can set it to point to www.disney.com or create your own page. I abused the phpsysinfo package to serve my own page, just create a blocked.html with some info in it in the /var/hda/web-apps/phpsysinfo/html/ directory.
It should end up looking like this:
dest adult { domainlist blacklists/porn/domains urllist blacklists/porn/urls # expressionlist blacklists/porn/expressions redirect http://phpsysinfo/blocked.html }
Then the last modification in /etc/squid/squidGuard.conf, change:
pass local none
to
pass local !adult any
If you have more rules defined (e.g. you've created your own dest malware block) you can add it so it looks like this:
pass local !adult !malware any
Modifying squid to enable squidGuard
Now we need to make Squid aware that it should use squidGuard. First we create a backup:
bash code |
---|
bash# cp /etc/squid/squid.conf /etc/squid/squid.conf.orig
|
Open the file with your favorite editor and add the following line at the end:
url_rewrite_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf
Now we need to extract the blacklist files we've downloaded (they are more up to date than the Fedora maintained versions):
bash code |
---|
bash# cd /var/squidGuard/ bash# tar -xvzf /root/blacklists.tgz
|
The last step is reloading squid with the new settings. You can use a separate terminal to follow the logfile.
bash code |
---|
bash# tail -f /var/log/squidGuard/squidGuard.log other terminal: bash# service squid reload
|
You should see something like this:
init domainlist /var/squidGuard/blacklists/porn/domains init urllist /var/squidGuard/blacklists/porn/urls squidGuard 1.4 started
This can take some time (a few minutes for a large list), don't worry.
Checking the setup
Start up a client computer, configure the browser(s) to use the proxy as explained on the squid configuration page.
Now go to a site you are sure is blocked, and you should see the configured redirect page (e.g. www.disney.com or your own blocked.html).
To see when/how often the redirect (in this case blocked.html) has been triggered you can search the squid access log:
bash code |
---|
bash# grep blocked.html /var/log/squid/access.log
|
Enjoy!