Tutorial Comments FAQ Related Articles

How to block with keywords and extensions in SQUID - Part 2

481

To add acl rule by keywords and extensions in SQUID

In this article we going to see about configuring acl rule by keywords and extensions.

To install and configure the squid visit the following link,

https://www.linuxhelp.com/how-to-install-and-configure-squid-part-1/

To Configure by keywords

Create a keyword_block.txt file with a list of keywords to block (or) allow in /etc/squid/

[root@linuxhelp user1]# vim /etc/squid/keyword_block.txt

list of keywords

Open the squid configuration file.

[root@linuxhelp user1]# vim /etc/squid/squid.conf

Enter the acl rule to block by keywords as shown below,

acl test src 192.168.5.219 192.168.5.63    
acl keyword_block  url_regex  " /etc/squid/keyword_block.txt" 
http_access deny test keyword_block
http_access  allow test

Explanations

1st line - Enter the source acl name as “ test” and entered the IP addresses/network address .
2nd line - Enter the acl name as “ keyword_block” and the path of the keyword list file.
3rd line - Enter the “ deny” option along with acl name test and keyword_block, so that any link which carries the keywords mentioned in the file will be denied for the IP’ s which comes under the acl name “ test” .
4th line - Enter “ allow test “ so that all other domains except the keywords in the file can be accessed.
list

Save the configuration file after entering the rule and reload the squid service

[root@linuxhelp user1]# service squid reload

Try to access the domain with the given keywords in the file, the following error appears.
proxy server error
Any link containing the keyword ‘ tube’ will be denied by the squid proxy server as we have mentioned it in the rule.
squid proxy server

Now, the acl rule for keyword block is successfully executed.

acl rule

To Configure by extension

Create a block list in ext_block.txt" file. Here we are adding the extensions mp3, mp4 and zip.

[root@linuxhelp user1]# vim /etc/squid/ext_block.txt

block list

Open the squid configuration file.

[root@linuxhelp user1]# vim /etc/squid/squid.conf

Enter the acl rule to block by extension

acl test src 192.168.5.219 192.168.5.63    
acl ext_block  url_regex  " /etc/squid/ext_block .txt" 
http_access deny test ext_block
http_access  allow test

Explaination

1st line - Enter the source acl name as “ test” and IP addresses.
2nd line - Enter the acl name as “ ext_block” and path of the extension list file.
3rd line - Enter the “ deny” option along with acl name test and ext_block so that in any webpages downloading the extensions like .mp3,.mp4,.zip will be denied for the IP’ s which comes under the acl name “ test” .
4th line - Enter “ allow test“ so that all other domains except the list in the file can be accessed and downloaded.

acl list

Save the file after entering the rule and reload the squid service.

[root@linuxhelp user1]# service squid reload

In the below example, you can see the squid proxy is refusing the connection of .mp3 file.
downloading error
The webpage is refused because it is a download link of .zip file.
refused webpage

To configure the Squid visit,
https://www.linuxhelp.com/how-to-configure-acl-rule-by-timing-and-browser-in-squid/

To limit bandwidth in Squid visit,
https://www.linuxhelp.com/how-to-limit-bandwidth-squid/

Tags:
Author: 

Comments ( 2 )

Frequently asked questions ( 5 )

Q

Do I have to install squid on every desktop?

A

No you can maintain a separate server and just add a proxy to its client.

Q

whats difference between domain block and keyword block?

A

The domain block blocks the particular domain URL the keyword block filters the word from the URL in case if you doesn't know the complete URL

Q

Is it possible to add and maintain squid server via Gitlab

A

Yes. This is very efficeint method if you make changes from multile admins

Q

How to reload the Squid service ?

A

To reload the Squid service use the following command.

systemctl reload squid.service

Q

What's the legal status of Squid?

A

Squid is copyrighted by The Squid Software Foundation and contributors.

Related Tutorials in How to block with keywords and extensions in SQUID - Part 2

Related Tutorials in How to block with keywords and extensions in SQUID - Part 2

How to limit bandwidth in Squid - Part 4
How to limit bandwidth in Squid - Part 4
Jun 28, 2016
How to install squid proxy server on freeBSD
How to install squid proxy server on freeBSD
Feb 10, 2017
How to block with keywords and extensions in SQUID - Part 2
How to block with keywords and extensions in SQUID - Part 2
Jun 22, 2016
How to Configure Reverse Proxy with Squid in CentOS
How to Configure Reverse Proxy with Squid in CentOS
Dec 9, 2016
How to install Squid in Webmin
How to install Squid in Webmin
Aug 26, 2017
How to Compile Squid Proxy Server 4.7v on CentOS 7.6
How to Compile Squid Proxy Server 4.7v on CentOS 7.6
Jun 14, 2019
How to use Ntopng using Squid proxy server
How to use Ntopng using Squid proxy server
Sep 2, 2017
How to Install and Configure Squid Proxy in Ubuntu 20.4.1
How to Install and Configure Squid Proxy in Ubuntu 20.4.1
Nov 28, 2020

Related Forums in How to block with keywords and extensions in SQUID - Part 2

Related Forums in How to block with keywords and extensions in SQUID - Part 2

Squid
oliver class=
how to clear squid cache
Feb 7, 2017
Squid
owen class=
How to change default logformat in squid access log
Sep 1, 2017
Squid
hobbs class=
WARNING: Could not determine this machines public hostname. Please configure one or set visible_hostname.
Sep 21, 2017
Squid
oliver class=
How to allow only one site in SQUID
Feb 11, 2017
Squid
nathan class=
SARG : make[1]: *** [check-macro-version] Error 1
Sep 27, 2017
Squid
owen class=
How to view squid logs in human readable format
Sep 21, 2017
Squid
nicholas class=
How to limit download speed in SQUID
Feb 20, 2017
CentOS
jayce class=
WARNING: Cannot write log file: /var/logs/cache.log /var/logs/cache.log: Permission denied messages will be sent to 'stderr'.
Jun 1, 2019
Back To Top!