SquidGuard

From Amahi Wiki
Revision as of 19:50, 4 December 2011 by Moredruid (talk | contribs) (Created page with "== Content filtering with squidGuard == This page is built on configuring squid page. You will need to have that set up first. This tutorial is tested on Fedora 12. s...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Content filtering with squidGuard

This page is built on configuring squid page. You will need to have that set up first. This tutorial is tested on Fedora 12.

squidGuard can be used for content filtering. You can use it for Parental control or just to block known malware/warez sites etc.

This tutorial focuses on blocking porn/adult material, but there are more blacklists available, you just need to enable them.

Installing squidGuard

log in as root and issue the following command:

bash code
​bash# yum -y install squidGuard​

Download the latest blacklist package from MESD (featured on the squidGuard site):

bash code
​bash# cd /root/ bash# wget http://squidguard.mesd.k12.or.us/blacklists.tgz​


Configuring squidGuard

Now you need to configure squidGuard. Create a backup of /etc/squid/squidGuard.conf first:

bash code
​bash# cp /etc/squid/squidGuard.conf /etc/squid/squidGuard.conf.orig​


Then open the file in your favorite editor (e.g. vi).

Change the "dbhome" parameter:

dbhome /var/squidGuard

Then change the "dest adult" block.

The expression list can be hashed out, it's optional and not included in the downloaded blacklists.tgz file. Of course you can create your own expression list or search for them on the internet.

The redirect directive is mandatory. You can set it to point to www.disney.com or create your own page. I abused the phpsysinfo package to serve my own page, just create a blocked.html with some info in it in the /var/hda/web-apps/phpsysinfo/html/ directory.

It should end up looking like this:

dest adult {
        domainlist      blacklists/porn/domains
        urllist         blacklists/porn/urls
#       expressionlist  blacklists/porn/expressions
        redirect        http://phpsysinfo/blocked.html
}

Then the last modification in /etc/squid/squidGuard.conf, change:

pass    local none

to

pass    local !adult any

If you have more rules defined (e.g. you've created your own dest malware block) you can add it so it looks like this:

pass    local !adult !malware any

Modifying squid to enable squidGuard

Now we need to make Squid aware that it should use squidGuard. First we create a backup:

bash code
​bash# cp /etc/squid/squid.conf /etc/squid/squid.conf.orig​


Open the file with your favorite editor and add the following line at the end:

url_rewrite_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf

Now we need to extract the blacklist files we've downloaded (they are more up to date than the Fedora maintained versions):

bash code
​bash# cd /var/squidGuard/ bash# tar -xvzf /root/blacklists.tgz​


The last step is reloading squid with the new settings. You can use a separate terminal to follow the logfile.

bash code
​bash# tail -f /var/log/squidGuard/squidGuard.log other terminal: bash# service squid reload​


You should see something like this:

init domainlist /var/squidGuard/blacklists/porn/domains
init urllist /var/squidGuard/blacklists/porn/urls
squidGuard 1.4 started

This can take some time (a few minutes for a large list), don't worry.

Checking the setup

Start up a client computer, configure the browser(s) to use the proxy as explained on the squid configuration page.

Now go to a site you are sure is blocked, and you should see the configured redirect page (e.g. www.disney.com or your own blocked.html).

To see when/how often the redirect (in this case blocked.html) has been triggered you can search the squid access log:

bash code
​bash# grep blocked.html /var/log/squid/access.log​


Enjoy!