This section is not intended to explain an extensive configuration of squidGuard, only to introduce it and give some advice for using it. For more in-depth configuration issues, refer to the squidGuard Web site at http://www.squidguard.org.
squidGuard is a free (GPL), flexible, and fast filter, redirector, and access controller plug-in for Squid. It lets you define multiple access rules with different restrictions for different user groups on a Squid cache. squidGuard uses Squid's standard redirector interface.
squidGuard can do the following:
Limit the Web access for some users to a list of accepted or well-known Web servers or URLs.
Block access to some listed or blacklisted Web servers or URLs for some users.
Block access to URLs matching a list of regular expressions or words for some users.
Redirect blocked URLs to an “intelligent” CGI-based information page.
Redirect unregistered users to a registration form.
Redirect banners to an empty GIF.
Use different access rules based on time of day, day of the week, date, etc.
Use different rules for different user groups.
squidGuard and Squid cannot be used to:
Edit, filter, or censor text inside documents.
Edit, filter, or censor HTML-embedded script languages, such as JavaScript or VBscript.
Before it can be used, install squidGuard
. Provide a minimal configuration
file as /etc/squidguard.conf
. Find configuration
examples in http://www.squidguard.org/config/. Experiment
later with more complicated configuration settings.
Next, create a dummy “access denied” page or a more or less complex CGI page to redirect Squid if the client requests a blacklisted Web site. Using Apache is strongly recommended.
Now, configure Squid to use
squidGuard. Use the
following entry in the /etc/squid/squid.conf
file:
redirect_program /usr/bin/squidGuard
Another option called redirect_children
configures the number of “redirect” (in this case
squidGuard) processes running on the
machine. squidGuard is fast enough to handle
many requests: on a 500 MHz Pentium with 5,900 domains and 7,880
URLs (totalling 13,780), 100,000 requests can be processed within
10 seconds.
Therefore, it is not recommended to set more than four processes, because the
allocation of these processes would consume an excessive amount of memory
redirect_children 4
Last, have Squid load the new configuration by
running rcsquid reload
. Now, test
your settings with a browser.