{"id":296,"date":"2007-09-08T02:16:00","date_gmt":"2007-09-07T18:16:00","guid":{"rendered":"http:\/\/www.akuadi.org\/?p=22"},"modified":"2007-09-08T02:16:00","modified_gmt":"2007-09-07T18:16:00","slug":"basic-configuration-of-squidguard","status":"publish","type":"post","link":"https:\/\/akuadi.org\/life\/blog\/2007\/09\/08\/basic-configuration-of-squidguard\/","title":{"rendered":"Basic Configuration of squidGuard"},"content":{"rendered":"

<\/p>\n\n\n\n
Once SquidGuard is successfully installed, you want to configure the software according to your needs. A sample configuration has been installed in the default directory \/usr\/local\/squidGuard<\/tt> (or whatever directory you pointed you intallation to).
Below you find three examples for the basic configuration of SquidGuard.<\/p>\n
    \n
  1. Most simple configuration
    \n\n\n\n\n
    Most simple config uration: one category, one rule for all<\/span> <\/td>\n<\/tr>\n
    \n
    #
    # CONFIG FILE FOR SQUIDGUARD
    #

    dbhome \/usr\/local\/squidGuard\/db
    logdir \/usr\/local\/squidGuard\/logs

    dest porn {
          domainlist porn\/domains
          urllist porn\/urls
          }

    acl {
          default {
                  pass !porn all
                  redirect http:\/\/localhost\/block.html
          }
    }
    <\/pre>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
    Make always sure that the very first line of your squidGuard.conf is not empty!
    The entries have the following meaning:<\/p>\n\n\n\n\n\n\n
    dbhome<\/tt><\/td>\nLocation of the blacklists<\/td>\n<\/tr>\n
    logdir<\/tt><\/td>\nLocation of the logfiles<\/td>\n<\/tr>\n
    dest<\/tt><\/td>\nDefinition of a category to block. You can         enter the domain and url file along with a regular expression list         (talk about regular expressions later on).<\/td>\n<\/tr>\n
    acl<\/tt><\/td>\nThe actual blocking defintion. In our example only         the default is displayed. You can have more than one acl<\/tt>         in place. The category porn you defined in dest<\/tt> is          blocked by the expression !porn<\/tt>. You have to add the         identifier all<\/tt> after the blocklist or your users will         not be able to surf anyway.
           The redirect<\/tt> directive is madatory! You must tell         SquidGuard which page to display instead of the blocked one.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
    >  Choosing more than one category to block<\/p>\n
    First you define your categories. Just like you did above for porn. For example:<\/p>\n\n\n\n\n
      Defining three categories for blocking<\/span> <\/td>\n<\/tr>\n
    \n
    dest adv {
          domainlist      adv\/domains
          urllist         adv\/urls
    }
    dest porn {
          domainlist      porn\/domains
          urllist         porn\/urls
    }
    dest warez {
          domainlist      warez\/domains
          urllist         warez\/urls
    }
    <\/pre>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
    Now your acl<\/tt> looks like that:<\/p>\n\n\n\n
    \n
    acl {<\/span>
            default {<\/span>
                    pass    !adv !porn !warez all<\/span>
                    redirect http:\/\/localhost\/block.html<\/span>
                    }<\/span>
    }<\/span>
    <\/pre>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/li>\n
  2. Whitelisting\n
    Sometimes there is a demand to allow specific URLs and domains although they are part of the blocklists for a good reason. In this case you  want to whitelist these domains and URLs.<\/p>\n\n\n\n\n
      Defining a whitelist<\/span> <\/td>\n<\/tr>\n
    \n
    dest white {
          domainlist      white\/domains
          urllist         white\/urls
    }

    acl {
          default {
                  pass    white !adv !porn !warez all
                  redirect http:\/\/localhost\/block.html
                  }
    }
    <\/pre>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
    In this example we assumed that your whitelists are located in a directory called white<\/tt> whithin the blacklist directory you specified with dbhome<\/tt>.
    Make sure that your white<\/tt> identifier is the first in the row of the pass<\/tt> directive. It must not have an exclamation mark in front (otherwise all entries belonging to white<\/tt> will be blocked, too).<\/p>\n<\/li>\n
  3. Initializing the blacklists\n
    Before you start up your squidGuard you should initialize the blacklists i.e. convert them from the textfiles to db files. Using the db format will speed up the checking and blocking.
    The initialization is performed by the following command:<\/p>\n\n\n\n\n
     Initializing the b lacklists<\/span> <\/td>\n<\/tr>\n
    \n
    squidGuard -C all<\/span>
    chown -R  \/usr\/local\/squidGuard\/db\/*<\/squiduser><\/span>
    <\/pre>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
    The second command ensures that your squid is able to access the blacklists. Please for  the uid of your squid.
    Depending on the size of your blacklists and the power of your computer this may take a while. If anything is running fine you should see something like the following output in your logfile:<\/p>\n
    <\/squiduser><\/p>\n\n\n\n\n
    \n
    2006-01-29 12:16:14 [31977] squidGuard 1.2.0p2 started (1138533256.959)<\/span>
    2006-01-29 12:16:14 [31977] db update done<\/span>
    2006-01-29 12:16:14 [31977] squidGuard stopped (1138533374.571)<\/span>
    <\/pre>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
    If you look into the directories holding the files domains<\/tt> and urls<\/tt> you see that additional files have been created: domains.db<\/tt> and urls.db<\/tt>. These new files must not be empty!
    Only those files are converted you specified to block or whitelist in your squidGuard.conf<\/tt> file.<\/li>\n<\/ol>\n
    SquidGuard<\/a><\/td>\n<\/tr>\n
    <\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
    <\/center><\/p>\n","protected":false},"excerpt":{"rendered":"
    Once SquidGuard is successfully installed, you want to configure the software according to your needs. A sample configuration has been installed in the default directory \/usr\/local\/squidGuard (or whatever directory you pointed you intallation to).Below you find three examples for the basic configuration of SquidGuard. Most simple configuration Most simple config uration: one category, one rule […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10],"tags":[],"class_list":["post-296","post","type-post","status-publish","format-standard","hentry","category-basic-configuration-of-squidguard"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/akuadi.org\/life\/wp-json\/wp\/v2\/posts\/296","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/akuadi.org\/life\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/akuadi.org\/life\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/akuadi.org\/life\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/akuadi.org\/life\/wp-json\/wp\/v2\/comments?post=296"}],"version-history":[{"count":0,"href":"https:\/\/akuadi.org\/life\/wp-json\/wp\/v2\/posts\/296\/revisions"}],"wp:attachment":[{"href":"https:\/\/akuadi.org\/life\/wp-json\/wp\/v2\/media?parent=296"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/akuadi.org\/life\/wp-json\/wp\/v2\/categories?post=296"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/akuadi.org\/life\/wp-json\/wp\/v2\/tags?post=296"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}