Question

How to configure Squid to work with a SquidGuard for URL filtering?

Hello, I’m currently trying to set up a Squid proxy server on my Ubuntu machine and I’d like to use SquidGuard to implement URL filtering. However, I’m not exactly sure how to go about configuring Squid to work with SquidGuard.

From my understanding, I need to integrate Squid and SquidGuard in such a way that the Squid proxy forwards all incoming requests to SquidGuard first. SquidGuard should then apply its URL filtering rules, block inappropriate content, and allow everything else to pass through.

Here’s what I’ve done so far:

  1. I’ve successfully installed and started Squid on my machine and it’s currently running with the default configuration. I can use it as a basic proxy without any issues.

  2. I’ve installed SquidGuard using sudo apt-get install squidguard and it’s also running with the default configuration.

However, I’m stuck at how to configure both to work together. Specifically, I’m unsure about:

  • How to tell Squid to forward requests to SquidGuard for URL filtering?
  • What changes should be made in the squid.conf and squidGuard.conf files to integrate both?
  • How to create custom filtering rules in SquidGuard?

Any help with these would be highly appreciated. Also, if anyone can provide an example squid.conf and squidGuard.conf configuration that works with URL filtering, that would be great.

Thank you.

Submit an answer


This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

KFSys
Site Moderator
Site Moderator badge
May 18, 2023

Heya,

Here’s a basic guide on how you can integrate Squid and SquidGuard.

First, let’s configure Squid to use SquidGuard.

Open the Squid configuration file. It’s typically located at /etc/squid/squid.conf.

  1. sudo nano /etc/squid/squid.conf

Add the following lines to the file. This will tell Squid to use SquidGuard as a URL rewriter:

url_rewrite_program /usr/bin/squidGuard

Next, let’s configure SquidGuard.

Open the SquidGuard configuration file. It’s typically located at /etc/squidguard/squidGuard.conf.

sudo nano /etc/squidguard/squidGuard.conf

In this file, you can define access control lists (ACLs) and redirect rules. Here’s an example configuration:

dbhome /var/lib/squidguard/db
logdir /var/log/squidguard

dest block {
  domainlist block/domains
  urllist block/urls
}

acl {
  default {
    pass !block all
    redirect http://localhost/block.html
  }
}

This configuration blocks the domains and URLs listed in the block/domains and block/urls files. All blocked requests are redirected to http://localhost/block.html.

Create the block blacklist and populate the domains and urls files:

sudo mkdir /var/lib/squidguard/db/block
echo "badwebsite.com" | sudo tee /var/lib/squidguard/db/block/domains
echo "badurl.com/badcontent" | sudo tee /var/lib/squidguard/db/block/urls

Update SquidGuard’s blacklist database:

  1. sudo squidGuard -C all -d

Change the ownership of the SquidGuard db directory to the proxy user (usually proxy or squid):

  1. sudo chown -R proxy:proxy /var/lib/squidguard/db

  2. sudo systemctl restart squid

That’s it! Now, Squid should be using SquidGuard for URL filtering. Remember to replace "badwebsite.com" and "badurl.com/badcontent" with the actual domains and URLs you want to block. Also, replace "http://localhost/block.html" with the actual URL where you host your block page.

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up