Filtering home Internet access with Squid
Even if your kids keep to the times that they are allowed to surf the web, you will not want them accessing sites with pornographic or violent content.
To place websites off limits, you just need to add a couple of lines to your Squid configuration file (see Listing 7) then add entries with strings describing the web content you want to block to the /usr/share/squid/blacklist file (see Listing 8); regular expressions  are supported.
Finally, type /etc/init.d/squid reload to tell the proxy to parse the blacklist.
Place websites off limits
01 # defines a blacklist that applies to all clients except the parent's clients 02 acl blacklist url_regex -i "/usr/share/squid/blacklist" 03 http_access deny blacklist !marion !archie 04 05 # defines a blacklist that additionally applies to Tanja 06 acl blacklist_tanja url_regex -i "/usr/share/squid/blacklist_tanja" 07 http_access deny tanja blacklist_tanja
Block web content
01 # blocks all pages/domains with the following strings 02 violence.tld 03 actionmovies.domain 04 nude.xyz 05 06 # blocks the address http://(www.)mailorder.co/orders/, 07 # but grants access to the site otherwise 08 mailorder.co/orders/ 09 10 # Prevents downloading of files with the suffixes .mp3 or .exe 11 .mp3 12 .exe
Of course, Squid will let you assign different blacklists to different users. For example, Simon is allowed to browse online auctions, whereas Tanja is still too young for such things. To set this up, just assign the blacklist in Listing 8 as /usr/share/squid/blacklist_tanja.
The example blocks pages that contain the prohibited text. To define more precise filters, you can use regular expressions, but don't rely blindly on the list; it makes far more sense to check at regular intervals to see whether it still has the desired effect. And remember that server and file names do change.
Another approach to filtering, and one that is far more strict, is to use whitelists. If you prefer to restrict Tanja's access to just one or a few sites, a whitelist is probably a good idea. Just add the lines in Listing 9 to your Squid configuration and create a whitelist to match. The syntax is similar to that of the blacklist; however, whitelisting can cause problems when a single website references content from many other locations.
To display the complete page, you would need to list these sites explicitly.
Adding a Whitelist
01 # Tanja is only allowed to access these pages 02 acl whitelist url_regex -i "/usr/share/squid/whitelist" 03 http_access deny tanja ! whitelist
Buy this article as PDF
Xen project announces a privilege escalation problem for Qemu host systems
Attackers can compromise an Android phone just by sending a text message
PC vendor will pre-install Ubuntu on portables in India.
More embarrassment for Adobe's embattled multimedia tool
Mozilla’s script blocker add-on could be putting malware sites on the whitelist.
The Internet community officially banishes the notoriously unsafe Secure Sockets Layer protocol.
Popular desktop environment continues the Gnome 2 legacy – with new support for the Gnome 3 toolkit.
The Obama White House has issued a memorandum telling all US government agencies they must use HTTPS for all websites and web communication.
New program will dial up security for the Firefox browser.
Red Hat's community distro embraces the cloud.