CentOS 7
Ads

Squid + SquidGuard
2014/09/30
 
Configure Squid + SquidGuard to set contents filtering.
[1] Install SquidGuard.
# install from EPEL

[root@prox ~]#
yum --enablerepo=epel -y install squidGuard
[root@prox ~]#
mv /etc/squid/squidGuard.conf /etc/squid/squidGuard.conf.org

[root@prox ~]#
vi /etc/squid/squidGuard.conf
# create new

dbhome /var/lib/squidGuard/db
logdir /var/log/squidGuard
# define 'deny' category

dest deny {
   
# define prohibited domain list in 'deny' category

    domainlist deny/domains
   
# define prohibited URL list in 'deny' category

    urllist deny/urls
    }
acl {
    default {
       
# permit all except 'deny' category

        pass !deny all
       
# the redirected URL if matches 'deny'

        redirect http://www.srv.world/error.html
    }
}
[root@prox ~]#
mkdir -p /var/lib/squidGuard/db/deny

[root@prox ~]#
vi /var/lib/squidGuard/db/deny/domains
# write domains you'd like to prohibit to access

yahoo.co.jp
example.com
[root@prox ~]#
vi /var/lib/squidGuard/db/deny/urls
# write URLs you'd like to prohibit to access

www.yahoo.co.jp/deny/
www.example.com/
[root@prox ~]#
squidGuard -C all

[root@prox ~]#
chown -R squid. /var/lib/squidGuard/db/deny

[root@prox ~]#
vi /etc/squid/squid.conf
# add follows to the end

url_rewrite_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf
[root@prox ~]#
systemctl restart squid

[2] If SELinux is enabled, change rules like follows.
[root@prox ~]#
chcon -R -t squid_cache_t /var/lib/squidGuard

[root@prox ~]#
semanage fcontext -a -t squid_cache_t /var/lib/squidGuard
[3] Try to access to the URL you set as prohibited domains in [1].
 
Tweet