Filtering home Internet access with Squid
Even if your kids keep to the times that they are allowed to surf the web, you will not want them accessing sites with pornographic or violent content.
To place websites off limits, you just need to add a couple of lines to your Squid configuration file (see Listing 7) then add entries with strings describing the web content you want to block to the /usr/share/squid/blacklist file (see Listing 8); regular expressions  are supported.
Finally, type /etc/init.d/squid reload to tell the proxy to parse the blacklist.
Place websites off limits
01 # defines a blacklist that applies to all clients except the parent's clients 02 acl blacklist url_regex -i "/usr/share/squid/blacklist" 03 http_access deny blacklist !marion !archie 04 05 # defines a blacklist that additionally applies to Tanja 06 acl blacklist_tanja url_regex -i "/usr/share/squid/blacklist_tanja" 07 http_access deny tanja blacklist_tanja
Block web content
01 # blocks all pages/domains with the following strings 02 violence.tld 03 actionmovies.domain 04 nude.xyz 05 06 # blocks the address http://(www.)mailorder.co/orders/, 07 # but grants access to the site otherwise 08 mailorder.co/orders/ 09 10 # Prevents downloading of files with the suffixes .mp3 or .exe 11 .mp3 12 .exe
Of course, Squid will let you assign different blacklists to different users. For example, Simon is allowed to browse online auctions, whereas Tanja is still too young for such things. To set this up, just assign the blacklist in Listing 8 as /usr/share/squid/blacklist_tanja.
The example blocks pages that contain the prohibited text. To define more precise filters, you can use regular expressions, but don't rely blindly on the list; it makes far more sense to check at regular intervals to see whether it still has the desired effect. And remember that server and file names do change.
Another approach to filtering, and one that is far more strict, is to use whitelists. If you prefer to restrict Tanja's access to just one or a few sites, a whitelist is probably a good idea. Just add the lines in Listing 9 to your Squid configuration and create a whitelist to match. The syntax is similar to that of the blacklist; however, whitelisting can cause problems when a single website references content from many other locations.
To display the complete page, you would need to list these sites explicitly.
Adding a Whitelist
01 # Tanja is only allowed to access these pages 02 acl whitelist url_regex -i "/usr/share/squid/whitelist" 03 http_access deny tanja ! whitelist
Buy this article as PDF
“Xenial Xerus” comes with a new packages format and several improvements for the enterprise.
Linux users can now download and install the Windows code editor
New initiative will address security and interoperability concerns around container technology.
Developers can use RHEL as a development platform without a subscription fee.
Windows users will soon have native access to the Bash shell.
Improvements to SMTP will provide better guarantee of confidentiality
Graphics vendor embraces new reality in Linux graphics
Pioneer Ray Tomlinson bequeathed the @ sign to billions of Internet users
Redmond says its classic database tool will run without Windows
New intrusion technique affects most non-Bluetooth wireless mice