SquidGuard is a content filter that utilizes lists of urls and domains plus expressions to block access to undesirable websites. It does not analyze the actual content. SquidGuard works with the proxy and caching service Squid to implement content filtering.
For our configuration, we utilize Shalla's Blacklists as our list database.
Installation
If you haven't done so already, please install and configure Squid first. Note that on Ubuntu, installing squidGuard will also install squid as a dependency. Next, at a terminal prompt, enter the following command to install squidGuard:
$ sudo apt-get install squidguard
Determine squidGuard version:
$ squidGuard -v SquidGuard: 1.4 Berkeley DB 5.1.25: (January 28, 2011)
Important Files and Folders
File/Folder | Purpose |
/etc/squid/squidGuard.conf | Configuration file |
/var/lib/squidguard/db | Database of domains and URLs |
/var/log/squid/squidGuard.log | Log file |
Change the default configuration by editing /etc/squid/squidGuard.conf to suit your needs. An example is provided below based on our reference network and makes use of Shalla's Blacklists.
Configuration
Install Shalla's Blacklist
After installing squidGuard, we install Shalla's Blacklists: First, download the blacklist into our Downloads directory:
$ cd ~/Downloads $ wget http://www.shallalist.de/Downloads/shallalist.tar.gz
Uncompress and unpack the database with the tar command given below.
$ tar xvzf shallalist.tar.gz
This will create a BL directory below your Downloads directory. Take a few minutes to examine the contents of this directory tree. You'll see that each directory beneath BL either contains additional sub directories or two files: domains and urls. After you feel comfortable with this BL database (tree structure), move it to the destination folder:
$ sudo cp -r BL /var/lib/squidguard/db/
Open squidGuard.conf using your favorite editor. It should be located in /etc/squid/squidGuard.conf. We divide the configuration into three steps:
- Environment Configuration
- Category Definition
- Access Control Lists (acl)
Environment Configuration
We define two environment variables: dbhome and logdir. dbhome specifies the root location of the database.
dbhome /var/lib/squidguard/db/BL logdir /var/log/squid
Category Definition
Our choice of categories is driven by what we inherit from Shalla's Blacklists. Each category definition comprises a domain list, url list, and optional expression list. An example category is provided below. The complete configuration file is included below.
dest porn { domainlist porn/domains urllist porn/urls expressionlist porn/expressions }
Access Control Lists
The access control list (acl) specifies the categories that we wish to block or pass followed by a redirect statement. For our configuration, we specify that the user is redirected to a page served up by the web server running on the local host.
acl { default { pass white !ads !aggr !chat !dating !drugs !dynamic !forum !gambling !hacking !porn !redirector !custom !sexeducation !sexlingerie !social !spyware !urlshortener !violence all redirect http://192.168.1.1/block.html } }