This tutorial details the process to install SquidGuard on a Linux server. In our previous tutorials, we have learned how to install & use Squid Proxy server. Also, we have published some other articles regarding squid proxy server, links to which are mentioned below;

1- SARG ( Squid Analysis Report Generator )- Installation & Configuration

2- How to setup SQUID AUTHENTICATION

3- Squid Transparent proxy server: How to configure

4- Some pretty useful SQUID tips & tricks

In this tutorial, we will learn to install Squidguard along with squid proxy server on our CentOS machines.

SquidGuard is a free and open-source application, which is basically used as a URL redirector software, which we can use to managing access to websites. Squidguard uses blacklists to control access to websites & define the website to which URL has to be redirected. We have the option to create a custom blacklist or can use one of many available on the internet. SquidGuard can be installed on Linux as well as Unix. 

Pre-requisites

The package to install SquidGuard is not available with default Centos/RHEL repos, we need to enable the EPEL repository on our system to install squidguard. Install EPEL repository the following command, applicable to you,

RHEL/CentOS 7

# rpm -Uvh https://dl.fedoraproject.org/pub/epel/7/x86_64/Packages/e/epel-release-7-11.noarch.rpm

RHEL/CentOS 6 (64 Bit)

# rpm -Uvh http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

RHEL/CentOS 6 (32 Bit)

# rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm

Install  SquidGuard

We first need to install squid on our system. If you have not done it already, install squid with the following command,

# yum install squid

Now install squidguard with the following command,

# yum install squidGuard

Note:- Mind the uppercase ‘G’ in squidGuard.

So we now squid with squidguard installed on our server. Now let’s complete the configuration,

Configuring Squidguard

We will firstly create a folder for keeping a blaclikst named ‘test’ in folder ‘/var/squidGurad/test’.

# mkdir -p /var/squidGuard/test

In the folder test, we will create two files, one by the name ‘domains’ & other by the name ‘urls’ with the list on domains and URLs we want to redirect/block,

# cd /var/squidGuard/test

# vi domains

facebook.com

twitter.com

youtube.com

# vi urls

www.facebook.com

www.twitter.com

www.youtube.com

We have our blacklist ready to use. We will now configure the squidGuard & will create ACL for the blacklist. Open the squidguard configuration file & make the following entries,

# vi /etc/squid/squidGuard.conf

dbhome /var/squidGuard/db

logdir /var/log/squidGuard

dest deny {

                 domainlist test/domains

                 urllist test/urls

                 }

acl {

             default {

                           pass !test all

                           redirect https://google.com

                          }

}

The above file has some default configurations, you can either delete the contents of the file or can backup the file to another location or by another name. We will now make a change to squid configuration file as well. We will mention the URL rediretion setting to squid configuration file,

# vi /etc/squid/squid.conf

& add the following line to the bottom of the file,

url_rewrite_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf

Save the file & exit. Next, we need to make sure that all the squidguard related files & folders have ownership for user squid,

# chown -R squid:squid /var/squidGuard

# chown -R squid:squid /var/log/squidGuard

# chown squid:squid /etc/squid/squidGuard.conf

We are now ready to create the db files for the blacklist, execute the following command to complete the action,

# squidGuard -b -d -C all

Once complete, either restart the squid server or reconfigure it with the following command,

# squid -k reconfigure

That’s it guys, we now have our fully operational SquidGuard with squid proxy server. All we have to do is to make the proxy settings in the client machine & we can utilize the squidGuard redirection capablities.

Configuring a Blacklist

If you are trying to use a blacklist downloaded from internet like Shalla’s Blacklist, you can follow the example below. First download the blacklist,

# wget http://www.shallalist.de/Downloads/shallalist.tar.gz

& extract the blacklist,

# tar -xvzf shallist.tar.gz -C /var/squidGuard/

Now there will be several folders (based on the URL category ) in the folder, choose the categories that you need to block & create the ACL for that in squidGuard.conf. For example,

dbhome /var/squidGuard/db

logdir /var/log/squidGuard

dest downloads {

                           domainlist downloads/domains

                           urllist downloads/urls

                          }

acl {

         default {

                        pass !downloads all

                        redirect https://google.com

                      }

}

Update the squidguard DB & reconfigure the squid server,

# squidGuard -b -d -C all

# squid -k reconfigure

With this, we end our tutorial on how to install SquidGuard & use it with a squid proxy server. Please feel free to send in any questions or queries you have using the comment box below.

If you think we have helped you or just want to support us, please consider these:-

Connect to us: Facebook | Twitter

Linux TechLab is thankful for your continued support.