ACL filtering for Squid webproxy on FreeBSD 8.x

Last updated: 2010-04-17
Lars Sommer,

Without any plugins, I maintain a small text file of blocked domains and regex’ed URLs.

Install the Squid webproxy as described in another note.

In /usr/local/etc/squid/squid.conf, add:
acl denied_domains dstdomain “/usr/local/etc/squid/denied_domains.acl”
acl filetypes urlpath_regex -i “/usr/local/etc/squid/denied_filetypes.acl”
acl url_ads url_regex “/usr/local/etc/squid/denied_ads.acl”
http_access deny url_ads
http_access deny filetypes
http_access deny denied_domains
http_access allow localnet
http_access deny all

If inserting all this explicit in the end of the file e.g.,
then remember to comment out these earlier in the file:
http_access allow localnet
http_access deny all

Make the ACL files. Examples are:
cat denied_domains.acl

cat denied_filetypes.acl

cat denied_ads.acl
/adv/..gif$ /[Aa]ds/..gif$
/[Aa][Dd]/..[GgJj][IiPp][FfGg]$ /[Bb]annerads/ /adbanner..[GgJj][IiPp][FfGg]$
^http://adaver.. ^http://adforce. /ads/..gif.*

Reload squid configuration:
squid -k reconfigure

I got a large +7000 line domain block file from MISSING

Leave a Reply

Din e-mailadresse vil ikke blive publiceret. Krævede felter er markeret med *