AMP AMP

How to Restrict Web Access By Time Using Squid Proxy Server on Rocky Linux 8.6

To Restrict Web Access By Time Using Squid Proxy Server On Rocky Linux 8.6

Introduction:

Access Control Lists allow us to restrict access to websites and monitor each user's access. Access can be restricted based on the day of the week or time of day.

procedure:

Step 1: Check the OS version by using the below command

[root@linuxhelp ~]# cat /etc/os-release 
NAME="Rocky Linux"
VERSION="8.6 (Green Obsidian)"
ID="rocky"
ID_LIKE="rhel centos fedora"
VERSION_ID="8.6"
PLATFORM_ID="platform:el8"
PRETTY_NAME="Rocky Linux 8.6 (Green Obsidian)"
ANSI_COLOR="0;32"
CPE_NAME="cpe:/o:rocky:rocky:8:GA"

Step 2: Install the squid server by using the below command

[root@linuxhelp ~]# yum install squid* -y
Rocky Linux 8 - AppStream                                       7.3 MB/s | 9.6 MB     00:01    
Rocky Linux 8 - BaseOS                                          5.9 MB/s | 6.7 MB     00:01    
Rocky Linux 8 - Extras                                           11 kB/s |  11 kB     00:01    
Dependencies resolved.
================================================================================================
 Package             Arch       Version                                     Repository     Size
=========================================================================
Installing
 squid               x86_64     7:4.15-3.module+el8.6.0+991+e278114b.1      appstream     3.6 M
Installing dependencies:
 libecap             x86_64     1.0.1-2.module+el8.4.0+404+316a0dc5         appstream      28 k
 perl-Digest-SHA     x86_64     1:6.02-1.el8                                appstream      65 k
Enabling module streams:
 squid                          4                                                              
Installed:
  libecap-1.0.1-2.module+el8.4.0+404+316a0dc5.x86_64     perl-Digest-SHA-1:6.02-1.el8.x86_64   
  squid-7:4.15-3.module+el8.6.0+991+e278114b.1.x86_64   

Complete!

Step 3: Enable and start the services by using the below command

[root@linuxhelp ~]# systemctl enable squid.service 
Created symlink /etc/systemd/system/multi-user.target.wants/squid.service → /usr/lib/systemd/system/squid.service.
[root@linuxhelp ~]# systemctl start squid.service

Step 4: Check the status of squid server by using the below command

[root@linuxhelp ~]# systemctl status squid.service 
● squid.service - Squid caching proxy
   Loaded: loaded (/usr/lib/systemd/system/squid.service; enabled; vendor preset: disabled)
   Active: active (running) since Fri 2022-09-02 17:47:26 EDT; 9s ago
     Docs: man:squid(8)
  Process: 40135 ExecStartPre=/usr/libexec/squid/cache_swap.sh (code=exited, status=0/SUCCESS)
 Main PID: 40140 (squid)
    Tasks: 3 (limit: 17274)
   Memory: 14.2M
   CGroup: /system.slice/squid.service
           ├─40140 /usr/sbin/squid --foreground -f /etc/squid/squid.conf
           ├─40143 (squid-1) --kid squid-1 --foreground -f /etc/squid/squid.conf
           └─40144 (logfile-daemon) /var/log/squid/access.log

Step 5: Configure the rule for access domain by using the below command

[root@linuxhelp ~]# vim /etc/squid/squid.conf
# Example rule allowing access from your local networks.
acl facebook.com src 192.168.6.122/23 #your facebook.com internal network
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTSacl surfing_hours time M T W H F 17:54-17:55
http_access allow facebook.com surfing_hours
http_access deny facebook.com

Step 6: Restart squid service by using the below command

[root@linuxhelp ~]# systemctl restart squid.service

Step 7: Go to browser settings and search proxy as shown in the below image

Step 8: Enter the proxy server ip and port number in manual proxy configuration under configure proxy access to the internet as shown in the below image

Step 9: searching facebook.com time 17:53 as shown in the below image

Step 10: Search facebook.com time 17:54 now it will be accessible as shown in the below image

Step 11: Search facebook.com time 17:56 now it is refusing by proxy server as shown in the below image

Conclusion:

We have reached the end of this article. In this guide, we have walked you through the steps required to Restrict Web Access by Time Using Squid Proxy Server on Rocky Linux 8.6. Your feedback is much welcome.

Tag : Squid Linux Proxy
FAQ
Q
What is the feature available in Squid?
A
The following features will be available in the Squid,

/SquidLogs: writing and most important reading the various squid log files

/SquidMemory describes how squid uses RAM and how to optimize its usage

/SquidAcl (or Authorization): controlling squid's powerful access control features

/ContentAdaptation how to analyze, capture, block, replace, or modify the messages being proxied
Q
What is the default port number of Squid?
A
3128 is the default port number for the Squid proxy server.
Q
Where to specify a hostname for Squid?
A
To specify the Hostname for squid, configure the following line in the Squid configuration "visible_hostname"
Q
How to restart the squid server?
A
Service squid reload
Q
Which Protocols will support squid?
A
The HTTP and FTP protocol will be supported where squid proxy.