LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   Using Squid to restrict access to sites (https://www.linuxquestions.org/questions/linux-security-4/using-squid-to-restrict-access-to-sites-742998/)

asliyanage 07-26-2009 10:26 PM
Using Squid to restrict access to sites
 
canc we use squid in our personall computer ?

win32sux 07-26-2009 10:34 PM
Quote:
Originally Posted by asliyanage (Post 3621205)
canc we use squid in our personall computer ?
Yes, definitely. BTW, why have you posted your question in the Security forum? Are you trying to use Squid for security-related matters on your PC or something like that? Please elaborate.

asliyanage 07-26-2009 10:46 PM
reply
 
no , i just heard that squid can restrict some site to visit.so i think it is relavant to security forum.

win32sux 07-26-2009 10:49 PM
Quote:
Originally Posted by asliyanage (Post 3621213)
no , i just heard that squid can restrict some site to visit.so i think it is relavant to security forum.
Sure, that would be a context suitable for this forum. Your question, however, is whether or not one can use Squid on a PC. That is not in itself a security issue. Therefore, unless you would like to follow-up with some Squid questions relevant to access restrictions or similar, I'll go ahead and move this to the Software forum for more adequate exposure.

asliyanage 07-26-2009 10:54 PM
security
 
no, i need to know how to use squid to restrict some sites.
can anyone give me any link for tutorials or any reference.

win32sux 07-26-2009 11:12 PM
Quote:
Originally Posted by asliyanage (Post 3621217)
no, i need to know how to use squid to restrict some sites.
can anyone give me any link for tutorials or any reference.
A quick search will provide you with tons of good tutorials.

Once you've got Squid up and running, you'll need to decide whether you want to do whitelisting (deny access to all sites, with certain exceptions) or blacklisting (allow access to all sites, with certain exceptions). Doing this sort of thing is basically just a matter of using an ACL built with the dstdomain type, along with an accompanying ACL rule.

Example whitelist:
Code:
acl good_sites dstdomain .linuxquestions.org
acl good_sites dstdomain .freshmeat.net
acl good_sites dstdomain .reuters.com
http_access allow good_sites
http_access deny all
This would mean only those three sites would be accessible.

Example blacklist:
Code:
acl bad_sites dstdomain .microsoft.com
acl bad_sites dstdomain .msn.com
acl bad_sites dstdomain .bing.com
http_access deny bad_sites
http_access allow all
This would mean all sites would be accessible, except those three.

The links/examples I provided should give you an idea of what this involves. Depending on what your situation is (you haven't really elaborated on it), a more complex configuration might be necessary. Also, it's quite common to use additional tools (such as iptables, for example) in order to obtain a more reasonable level of security.

EDIT: I've taken the liberty of giving this thread a more descriptive title.

kirukan 07-27-2009 12:29 AM
Dansguardian, Squidguard etc these also more helpful tool with squid for content filtering
http://dansguardian.org/
http://www.squidguard.org/

sigey 07-27-2009 06:53 AM
the documentation (the squid.conf) file that comes with the squid package is a very good source for references. It gives clues on how to use various features of squid and how to enable/disable them.


All times are GMT -5. The time now is 05:08 AM.