Installing and configuring the squidGuard web filter

squidguard
Installing and configuring the squidGuard web filter

Intro

This page was originally hosted by the official SquidGuard maintainers, however since they refuse to add our referral link as a reputable blacklist provider, we will do it for them. This howto, well it has not been updated in many years, but I’ll modify and update it here, as the information may still be useful. The definitive place to fetch the blacklists is: http://www.squidblacklist.org Use the “DG/SG Compatible Standard Format”.

and now back to the “vintage” documentation….

With the passage of the Children’s Internet Protection Act, schools are required to filter access to the internet in order to be eligible for E-Rate funds. E-Rate can be a substantial amount of money. With tightening budgets, foregoing the E-Rate funds will not be an option in most cases.

Unfortunately, commerical web filtering software is very expensive.

This puts quite a burdon on under-funded schools. They need the E-Rate funds to help pay for internet access, but in turn must spend a significant amount of money on filtering software.

The good news is that there exists free content filtering software. Until recently, MESD had been using expensive commercial content filtering software. We are very pleased with the performance of SquidGuard, the schools we support report that they much prefer SquidGuard.

Official Site
The official squidGuard web site is located here:

http://www.squidguard.org

Installation
First and foremost, you need to start off with a properly configured system that supports the Squid proxy server. Squid is licensed under the GNU General Public License which means that is free, both in the sense of free beer and free speach. Squid runs on a number of operating systems. Currently Linux, *BSD, Tru64, IRIX, Solaris, SCO, AIX, HP-UX, and NextStep are officially supported. MESD recommends Linux or OpenBSD. MESD uses the Immunix version of Linux. Most versions of *BSD and Linux include Squid.

If you are running Red Hat 7.2 server, you can download a squidGuard RPM here:

ftp://k12linux.mesd.k12.or.us/pub/squidGuard/

After installing this package, you can activate squidGuard by adding the following line to the squid configuration file (/etc/squid/squid.conf):

redirect_program /usr/sbin/squidGuard -c /etc/squid/squidGuard.conf

and restart squid:

/sbin/service squid restart
/sbin/chkconfig squid on

For full instructions on installing squidGuard, see the squidGuard website: http://www.squidguard.org/install/

Configuration
Configuring squidGuard is very straight-forward. The default location for the block lists is /usr/local/squidGuard/db/. Each category is located in a different directory. Currently, the categories available are ads, aggresive, audio-video, drugs, gambling, hacking, porn, violence, and warez. The configure file is /etc/squid/squidGuard.conf. Here is a sample configuration file:

dbhome /usr/local/squidGuard/db
logdir /usr/local/squidGuard/log

dest gambling{
log gambling
domainlist gambling/dg-gambling.acl
}

dest porn{
log porn
domainlist porn/dg-porn.acl
}

acl {
default {
pass !gambling !porn all
redirect 302:http://www.google.com
}
}

dbhome defines where the block list databases are located
logdir defines where to log blocked requests
dest defines a category
acl defines the access control lists.

This example configuration defines two categories, gambling and warez. The acl line says that the default action is to block (!=don’t pass) gambling and warez categories and to permit everything else. The redirect line says to send requests to blocked sites to http://www.google.com, change this to fit your needs.

The default configuration file, /etc/squid/squidGuard.conf is much more extensive. See the squidGuard homepage, http://www.squidguard.org/config/ for all of the configuration options available.

Updates
The Red Hat 7.2 RPM is not configured to automatically download the Squidblacklist.org blacklists every night, this can easily be done using cron and wget with a simple bash script. Squidblacklist.org combines al of the blacklists they publish into a single file or individually, compressed or decompressed, and they are available from the following url. http://www.squidblacklist.org/downloads.html.

Making changes to the blacklists is very easy. The squidGuard RPM is prefconfigured with two locally-modifable databases, /var/squidguard/blacklists/local-ok/ and /var/squidguard/blacklists/local-block/. Each database has two files: domains and urls. Squidblacklist.org publishes domain based blacklists, NOT URLS. Regardless, if you want to block/unblock a whole web site, append the domain name to the domains file or you could just create your own custom acl by creating a new entry in your conf.

To easily whitelist a site, for example, if you want to make sure that web pages at CNN’s web site are never blocked, you can append cnn.com to the end of /var/squidguard/blacklists/local-ok/domains. If you want to make sure that all of the pages at somebadsite.com are blocked, append that to /var/squidguard/blacklists/local-block/domains. If there is just a specific portion of a website you want blocked, say http://www.yahoo.com/adult-stuff/, you can add “yahoo.com/adult-stuff” to /var/squidguard/blacklists/local-block/urls.

Once you’ve made the modifications, you need to run a command or two for the changes to take. If you are using the pre-built RPM, you can run:

/usr/sbin/update_squidguard_blacklists

If you are not using the pre-built RPM, these commands should do the trick for you:

su squid -s /bin/sh -c “/usr/sbin/squidGuard -c /etc/squid/squidGuard.conf -C all”
/usr/bin/killall -HUP squid

Contact us webmaster@squidblacklist.org for clarification on any others issues or questions regarding this topic, or for more information regarding Squidguard and domain blacklists by Squidblacklist.org see our blog for more tutorials and resources on the subject.


Subscribe Today – Paypal or Credit Card Accepted.

Flat rate subscription. Select a membership option & subscribe.



Select Payment Option



  • You will be issued a username and password.
  • You will be granted access to our member area.
  • 5 Year Membership Option now available.
  • For lifetime membership options click here.clipart
  • Contact us if you would like a pre order invoice.

Disclaimer: All sales are final, we do not issue refunds. Cancel your subscription anytime.


How to setup and use Blacklists with Websense and Squidblacklist.org.

How do I set up a filtering blacklist with Websense & Squidblacklist.org?

Websense Web Filter
Websense Web Filter

Applies To:Websense Web Filter, Web Security, Web Security Gateway, and Web Security Gateway Anywhere Version 7.6

Step 1.
Download and decompress blacklists from Squidblacklist.org by singing up for an account here. Fees apply.

Step 2.
The easiest way to block (or “blacklist”) a list of URLs is to create a custom category and recategorize the URLs you want to block into that category.

Step 3.
On the Policy Management > Filter Components > Edit Categories > Add Category page add a category name, description and parent category (optional).

Step 4.
Enter the sites (URLs or IP addresses) that you want to add to this category.You can also edit this list after creating the category.

Step 5.
Select Block as the default filtering Action to apply to this category in all existing category filters.

Enable any desired Advanced Filtering actions (optional). Then click OK to cache your changes. Changes are not implemented until you click Save All.


Subscribe Today – Paypal or Credit Card Accepted.

Flat rate subscription. Select a membership option & subscribe.



Select Payment Option



  • You will be issued a username and password.
  • You will be granted access to our member area.
  • 5 Year Membership Option now available.
  • For lifetime membership options click here.clipart
  • Contact us if you would like a pre order invoice.

Disclaimer: All sales are final, we do not issue refunds. Cancel your subscription anytime.