Thursday, August 6, 2009

RHCE Tips: How to filter content through Squid Server?

For security and to save bandwidth I would like to configure Squid proxy server such way that I do not want my users to download all of the following files:
MP3
MPEG
MPG
AVG
AVI
EXE

How do I configure squid content filtering?

A. You can use squid ACL (access control list) to block all these files easily.

How do I block music files using squid content filtering ACL?

First open squid.conf file /etc/squid/squid.conf:

# vi /etc/squid/squid.conf

Now add following lines to your squid ACL section:

acl blockfiles urlpath_regex "/etc/squid/blocks.files.acl"

You want display custom error message when a file is blocked:

# Deny all blocked extension

deny_info ERR_BLOCKED_FILES blockfiles http_access deny blockfiles

Save and close the file.

Create custom error message HTML file called ERR_BLOCKED_FILES in /etc/squid/error/ directory or /usr/share/squid/errors/English directory.

# vi ERR_BLOCKED_FILES Append following content:

start with html tag:
File is blocked due to new policy
Phone: 555-12435 (ext 44)
Email: helpdesk@yourcorp.com

Caution: Do not include HTML close tags as it will be closed by squid.

Now create /etc/squid/blocks.files.acl file:

# vi /etc/squid/blocks.files.acl

Append following text:
\.[Ee][Xx][Ee]$
\.[Aa][Vv][Ii]$
\.[Mm][Pp][Gg]$
\.[Mm][Pp][Ee][Gg]$
\.[Mm][Pp]3$

Save and close the file.

Restart Squid:
# /etc/init.d/squid restart

No comments:

Post a Comment