Mind Chasers Inc.

Configure squidGuard on Linux for Content Filtering

SquidGuard is a content filter that utilizes black lists to block access to undesirable websites. It utilizes a local list of domain names and URLs, and it does not analyze the actual content. SquidGuard works with the proxy and caching service Squid to implement content filtering.


SquidGuard is a content filter that utilizes lists of urls and domains plus expressions to block access to undesirable websites. It does not analyze the actual content. SquidGuard works with the proxy and caching service Squid to implement content filtering.

For our configuration, we utilize Shalla's Blacklists as our list database.


If you haven't done so already, please install and configure Squid first. Note that on Ubuntu, installing squidGuard will also install squid as a dependency. Next, at a terminal prompt, enter the following command to install squidGuard:

	$ sudo apt-get install squidguard

Determine squidGuard version:

	$ squidGuard -v
	SquidGuard: 1.4 Berkeley DB 5.1.25: (January 28, 2011)

Important Files and Folders

File/Folder Purpose
/etc/squid/squidGuard.conf Configuration file
/var/lib/squidguard/db Database of domains and URLs
/var/log/squid/squidGuard.log Log file

Change the default configuration by editing /etc/squid/squidGuard.conf to suit your needs. An example is provided below based on our reference network and makes use of Shalla's Blacklists.


Install Shalla's Blacklist

After installing squidGuard, we install Shalla's Blacklists: First, download the blacklist into our Downloads directory:

	$ cd ~/Downloads
	$ wget http://www.shallalist.de/Downloads/shallalist.tar.gz

Uncompress and unpack the database with the tar command given below.

	$ tar xvzf shallalist.tar.gz

This will create a BL directory below your Downloads directory. Take a few minutes to examine the contents of this directory tree. You'll see that each directory beneath BL either contains additional sub directories or two files: domains and urls. After you feel comfortable with this BL database (tree structure), move it to the destination folder:

	$ sudo cp -r BL /var/lib/squidguard/db/ 

Open squidGuard.conf using your favorite editor. It should be located in /etc/squid/squidGuard.conf. We divide the configuration into three steps:

  1. Environment Configuration
  2. Category Definition
  3. Access Control Lists (acl)

Environment Configuration

We define two environment variables: dbhome and logdir. dbhome specifies the root location of the database.

	dbhome /var/lib/squidguard/db/BL
	logdir /var/log/squid

Category Definition

Our choice of categories is driven by what we inherit from Shalla's Blacklists. Each category definition comprises a domain list, url list, and optional expression list. An example category is provided below. The complete configuration file is included below.

dest porn {
        domainlist porn/domains
        urllist porn/urls
        expressionlist porn/expressions

Access Control Lists

The access control list (acl) specifies the categories that we wish to block or pass followed by a redirect statement. For our configuration, we specify that the user is redirected to a page served up by the web server running on the local host.

acl {
        default {
                pass white !ads !aggr !chat !dating !drugs !dynamic !forum !gambling !hacking !porn !redirector !custom !sexeducation !sexlingerie !social !spyware !urlshortener !violence all

Related articles on this site:


Please help us improve this article by adding your comment or question:

For enhanced features and capabilities, please sign in or authenticate using a popular third party

your email address will be kept private
previous month
next month