Content Filtering with IPCop & squidGuard
So the day has finally come… my daughter now has her own computer, and a connection to my wireless network.
My immediate thoughts went to shielding here from the, er, dark side of the internet so it was time to improve my router.
I’ve been running an IPCop box for over a year now, and I have nothing but praise for it. I knew it had Squid built-in, but I’d never played with it. My first port of call was to enable both the proxy and transparent proxying so that it could not be circumvented. This worked nicely, so it was onto the next step – filtering.
A quick google (and a chat with the #lugradio crew) pointed me at squidGuard which I promptly downloaded and installed. I few ticks in the right boxes, and all traffic to non-whitelisted sites is blocked excellent.
It took me a couple of attempts to get the filtering working the way I wanted. The trick was to add the “approved” sites to the whitelist, then remove all entries from the “Allowed” field. This forced all machines not listed in the “Privileged” or “Banned” fields to use the default ACL which blocks traffic. There’s no way to tell squidGuard (via IPCop) to block undefined traffic for entries in the “Allowed” field.
Sounds too good be true? It is. This was all acheived on my second attempt on a fresh machine – enabling Squid on my original machine did nothing, and when I enabled squidGuard the whole box ground to a halt (and when traffic did get through it wasn’t filtered) so I did a fresh install of IPCop on a slightly beefier machine and all was good.
Next up… getting QoS working so my VoIP traffic gets priority.
Related posts:
- (More) Content Filtering with IPCop (Quite) a while ago I talked about the content filtering...
- A Proud Moment I’ve mentioned (here and here) my “safe environment” for my...
Related posts brought to you by Yet Another Related Posts Plugin.
My music selection makes 
look good
No images to display Recent comments
- accountinghomework help: Good website in your company and this is important thought for our business. Tha...
- erniejunior: Hello, I also have a compaq mini 700 and I had problems with upgrading from u...
- David Barnes: Two options: Google Sites and Ning. Ning makes it easy to create something that ...
This theme was designed by Chris Wallace and is licensed under the GNU General Public License.
Check out his cool WordPress Themes. Released by Six Revisions in the year of the rat.
21 Mar 2006 1:31 pm
I’ve been using dansguardian with squid on smoothwall boxes for quite a while now - it’s remarkably effective, although you’re right - it does require a slightly beefier box. It also adds a bit of lag to the ‘net connection, but it’s worth it.
I replaced the default blocked page with a form that allows users to send me an email if they think a page needs unblocked, which has also proved useful.