Squid + SquidGuard
2014/09/30 |
Configure Squid + SquidGuard to set contents filtering.
|
|
[1] | Install SquidGuard. |
[root@prox ~]# mv /etc/squid/squidGuard.conf /etc/squid/squidGuard.conf.bk
[root@prox ~]#
vi /etc/squid/squidGuard.conf # create new (simple settings)
dbhome /var/lib/squidGuard/db
logdir /var/log/squidGuard # define 'deny' category dest deny { # define prohibited domain list in 'deny' category domainlist deny/domains # define prohibited URL list in 'deny' category urllist deny/urls }
acl {
default { # permit all except 'deny' category pass !deny all # the redirected URL if matches 'deny' redirect http://www.srv.world/error.html } } mkdir -p /var/lib/squidGuard/db/deny
[root@prox ~]#
vi /var/lib/squidGuard/db/deny/domains # write domains you'd like to prohibit to access
yahoo.co.jp
example.com
[root@prox ~]#
vi /var/lib/squidGuard/db/deny/urls # write URLs you'd like to prohibit to access
www.yahoo.co.jp/deny/
www.example.com/ squidGuard -C all [root@prox ~]# chown -R squid. /var/lib/squidGuard/db/deny
[root@prox ~]#
vi /etc/squid/squid.conf # add follows to the end url_rewrite_program /usr/bin/squidGuard
/etc/rc.d/init.d/squid restart Stopping squid: ................ [ OK ] Starting squid: . [ OK ] |
[2] | If SELinux is enabled, change rules like follows. |
[root@prox ~]# chcon -R -t squid_cache_t /var/lib/squidGuard [root@prox ~]# semanage fcontext -a -t squid_cache_t /var/lib/squidGuard
|
[3] | Try to access to the URL you set as prohibited domains in [1]. |