티스토리 뷰

Debian 6 Proxy Server Run with SquidGuard


Run with SquidGuard

  In addition to squidClamav, Run Squid with squidGuard that is a URL redirector used to use blacklists. 


1. Install SquidGuard


root@lan:~# aptitude -y install squidguard 


root@lan:~# mv /etc/squid/squidGuard.conf /etc/squid/squidGuard.conf.bk 

root@lan:~# vi /etc/squid/squidGuard.conf 


# create new ( this example is most simply setting )

dbhome /var/lib/squidguard/db

logdir /var/log/squid


# define a category 'deny'

dest deny {

# define prohibited domain file for 'deny'

domainlist deny/domains

# define prohibited URL file for 'deny'

urllist deny/urls

}


acl {

default {

# allow except 'deny'

pass !deny all

# redirect URL

redirect http://www.srv.world/error.html

}

}


root@lan:~# mkdir /var/lib/squidguard/db/deny 

root@lan:~# vi /var/lib/squidguard/db/deny/domains 


# write domains you'd like to prohibit to access

yahoo.co.jp

example.com


root@lan:~# vi /var/lib/squidguard/db/deny/urls 


# write URLs you'd like to prohibit to access

www.yahoo.co.jp/deny/

www.example.com/


root@lan:~# squidGuard -C all 

root@lan:~# chown -R proxy. /var/lib/squidguard/db/deny 


root@lan:~# vi /etc/squidclamav.conf 


# line 20: uncomment and change PATH

squidguard /usr/bin/squidGuard


root@lan:~# ps -ef | grep icap # confirm c-icap's process

root 1828 1 0 18:24 ttyS0 00:00:00 /usr/local/bin/c-icap

root 1830 1828 0 18:24 ttyS0 00:00:00 /usr/local/bin/c-icap

root 1831 1828 0 18:24 ttyS0 00:00:00 /usr/local/bin/c-icap

root 1832 1828 0 18:24 ttyS0 00:00:00 /usr/local/bin/c-icap

root 1867 1247 0 18:24 ttyS0 00:00:00 grep icap

root@lan:~# kill 1828# stop

root@lan:~# /usr/local/bin/c-icap & # start

[1] 1870




2. Try to access to the URL set as prohibited domain in [1].


※ Next manual



저작자 표시 비영리 변경 금지
신고
댓글