Blocking web access via squid
- March 30th, 2008
- Posted in Documentation
- Write comment
This is a configuration that I have used to restrict access to web sites via squid. It seems to work well for a small number of users.
From /etc/squid/squid.conf
β¦
acl Home proxy_auth REQUIRED
acl all src 0/0
acl block url_regex -i β/etc/squid/blockedsites.aclβ
http_access deny block
acl allowsites url_regex -i β/etc/squid/allowedsites.aclβ
http_access allow Home allowsites
http_access deny all
β¦
In /etc/squid/blockedsites.acl, I listed strings that when contained in a url will not be permitted. In /etc/squid/allowedsites.acl, I listed domain name strings that are allowed. For example, β.mozilla.orgβ. Then, if I want to allow to all sites except those listed in the blockedsites.acl, I just add β.β. to the allowedsites.acl.
Sample /etc/squid/blockedsites.acl:
β¦
myspace.com
youtube.com
β¦
Sample /etc/squid/allowedsites.acl:
β¦
.
β¦
This will allow users to go to all sites but myspace and youtube.
However, in this sample /etc/squid/allowedsites.acl:
β¦
.google.com
β¦
Users will only be allowed to go to google.com.
No comments yet.