|
Squid + SquidGuard
2017/07/23 |
|
Configure Squid + SquidGuard to set contents filtering.
|
|
| [1] | Install SquidGuard. |
|
[root@prox ~]#
[root@prox ~]# dnf -y install squidGuard mv /etc/squid/squidGuard.conf /etc/squid/squidGuard.conf.org
[root@prox ~]#
vi /etc/squid/squidGuard.conf # create new
dbhome /var/squidGuard/db
logdir /var/log/squidGuard # define [deny] category dest deny { # define prohibited domain list in [deny] category domainlist deny/domains # define prohibited URL list in [deny] category urllist deny/urls }
acl {
default { # permit all except [deny] category pass !deny all # the redirected URL if matches [deny] redirect http://www.srv.world/error.html } } mkdir -p /var/squidGuard/db/deny
[root@prox ~]#
vi /var/squidGuard/db/deny/domains # write domains you'd like to prohibit to access
yahoo.co.jp
example.com
[root@prox ~]#
vi /var/squidGuard/db/deny/urls # write URLs you'd like to prohibit to access
www.yahoo.co.jp/deny/
www.example.com/ squidGuard -C all [root@prox ~]# chown -R squid. /var/squidGuard/db/deny
[root@prox ~]#
vi /etc/squid/squid.conf # add follows to the end url_rewrite_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf
systemctl restart squid |
| [2] | If SELinux is enabled, change rules like follows. |
|
[root@prox ~]# chcon -R -t squid_cache_t /var/squidGuard [root@prox ~]# semanage fcontext -a -t squid_cache_t /var/squidGuard
|
| [3] | Try to access to the URL you set as prohibited domains in [1]. |
|