RE: [suse-linux-uk-schools] blocking sites using squid
SquidGuard - http://www.squidguard.org/ but should be on the distribution. Regards Chris -----Original Message----- From: Colin Davies To: suse-linux-uk-schools@suse.com Sent: 11/6/02 10:56 AM Subject: [suse-linux-uk-schools] blocking sites using squid I have a server using suse 8 and squid as the proxy server. Is there an easy and quick way of blocking web sites using squid ? if not what software would you recommend? Best wishes Colin Meadows Community School Chesterfield __________________________________________________ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com -- To unsubscribe, e-mail: suse-linux-uk-schools-unsubscribe@suse.com For additional commands, e-mail: suse-linux-uk-schools-help@suse.com
Is there an easy and quick way of blocking web sites using squid ? SquidGuard - http://www.squidguard.org/ but should be on the distribution.
You can do it all inside Squid. It's very guru-friendly. For example, add acl bad-sites dstdomain "/usr/local/etc/squid/bad-sites" and create a text file with bad sites at one per line. Also add later http_access deny bad-sites !staffhosts (this assumes another text file containing a list of staff hosts and an acl line for them as below) and if you get all these in the right places and restart Squid you have a block list. Other acls we have are: acl badstar-sites url_regex -i "/usr/local/etc/squid/badstar-sites" acl bad-types urlpath_regex -i "/usr/local/etc/squid/bad-types" acl webmail dstdomain "/usr/local/etc/squid/webmail-sites" acl webmailstar url_regex -i "/usr/local/etc/squid/webmailstar-sites" acl webmailtimes time "/usr/local/etc/squid/webmail-times" acl msnmessengersites url_regex -i "/usr/local/etc/squid/msnmessenger-sites" acl msnmessengertimes time "/usr/local/etc/squid/msnmessenger-times" acl staffhosts srcdomain "/usr/local/etc/squid/staffhosts" acl pupil_pcs srcdom_regex pupil* #acl pupil_pcs src 10.10.10.0/24 10.25.10.0/24 10.26.10.0/24 10.27.10.0/24 acl pc_pcs src 10.10.20.0/24 10.25.20.0/24 10.26.20.0/24 10.27.20.0/24 and rules: http_access deny badstar-sites !staffhosts http_access deny bad-types !staffhosts http_access deny webmail !webmailtimes !staffhosts http_access deny webmailstar !webmailtimes !staffhosts which need to be just before the line # And finally allow all other access to this proxy http_access allow all A further very useful facility in Squid is the delay-pools bandwith control, so you can (eg) set all downloads (defined here as filesover 250K) to consume at a maximum only 25% of your bandwidth. But this requires considerable experimentation as the documentation is not everywhere correct over what's measured in bits and what in bytes. Please don't ask me - ours works, but I don't understand why. -- Christopher Dawkins, Felsted School, Dunmow, Essex CM6 3JG 01371-822698, mobile 07816 821659 cchd@felsted.essex.sch.uk
participants (2)
-
Chris Puttick -
Christopher Dawkins