SquidGuard: Efficient Web Filterer

Posted Oktober 2, 2007
Filed under: Linux |

お久しぶり. It’s been a long time until I start this writing. This time is about Squid utilities: to filter porn sites efficiently with SquidGuard. I feel filtering with Squid acl feature is not efficient way to filter sites. SquidGuard has utilize database (Berkeley if I’m not mistaken) to make filtering fast.

Please follow the steps below to impelement SquidGuard to Squid.

1) Please make sure that Squid is already running perfectly except filtering porn sites.

2) Install SquidGuard

apt-get install squidguard

3) What should we define here?
Uncomment (remove the most left #) the following lines in SquidGuard configuration file /etc/squid/squidGuard.conf.

#dest adult {
#       domainlist      adult/domains
#       urllist         adult/urls
#       expressionlist  adult/expressions
#       redirect        http://admin.foo.bar.no/cgi-bin/squidGuard.cgi?clientaddr=%a+clientname=%n+clientident=%i+srcclass=%s+targetclass=%t+url=%u
#}

Those lines define a group of urls to redirect. Change to fit your taste (e.g. redirect http://porn-is-sin.com). Later we’ll see what is domainlist, urllist and the rest.

4) Put the group name into default acl. Edit snippets found in SquidGuard configuration file like the following lines.

default {
  pass     local !adult none

If there are some sites that are falsely judged as porn sites, we can make some exceptions by creating a group, say whitelist. So that, we have the following line instead of the previous one:

pass     local whitelist !adult none

5) Download periodically a free black list urls (You can use crontab) ftp://ftp.univ-tlse1.fr/pub/reseau/cache/squidguard_contrib/blacklists.tar.gz

6) It’s better to make each automatic update in it’s own group name, e.g. adult, cracks, etc. Please remember that the structure of redirected urls and domains is recommended to be like this:

/var/lib/squidguard/db
                      /adult
                      /domains
                      /expressions
                      /urls

- domains contains:
pornoabis.com
babeeheaven.com

- urls contains:
nicesites.com/relevance/search/pornhidden

7) SquidGuard works efficiently with database. Therefore, you’d better convert the 3 list files into db friendly version by doing this in command line:

squidGuard -C all
chown -R proxy /var/lib/squidguard/db/*

When it’s done proses you’ll find unempty files with extensions .db and you’ll find the following lines (more or less) in /var/log/squid/squidGuard.log:

2007-10-02 11:10:06 [10498] db update done
2007-10-02 11:10:06 [10498] squidGuard stopped (1191298206.833)

8) Test first
You need to test your configuration out of the box first. For example if the client who one to access is from 192.168.1.113, you should run

echo "http://www.pornsite.com 192.168.1.113/ - - GET" | squidGuard -c /etc/squid/squidGuard.conf -d

If it’s redirected, then you’ll find the redirect url. Misalnya:

2007-10-02 11:32:59 [10574] squidGuard ready for requests (1191299579.991)
http://porn-is-sin.com 192.168.1.111/- - -
2007-10-02 11:32:59 [10574] squidGuard stopped (1191299579.996)

Else:

2007-10-02 11:33:22 [10576] squidGuard ready for requests (1191299602.507) 2007-10-02 11:33:22 [10576] squidGuard stopped (1191299602.509)

9) It’s time to fight againts crime.
Put the following line into the last line of /etc/squid/squid.conf

redirect_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf

Don’t forget to reload Squid configuration:

/etc/init.d/squid reload

Have nice day! :)

1 comment so far

  1. cigMaire on Agustus 3, 2008

    It’s amazing

    Balas

Leave a reply