[HowTo]Filter Some Website During Work Hour With Squid

Saturday September 5, 2009 by Ivan Kristianto

Squid cache logo In most of case, a company want to efficient and maximize their bandwidth use. In which you know you can speed up your loading time when browsing by using squid as a web cache. I’m not gonna tell you how squid do it or how to install it. For more details about squid you can refer to my old post about how to install squid and monitor it. Now the next case is you feel your internet connection is slow, even you using squid as web cache.

After take sometimes to the squid log, you know that some of your friend are watching video online like youtube, metacafe, google video, facebook etc and you do want to finish your work at the time. This is very annoying then. And also because of this the company productivity is getting lower. And i’m sure you know this would be great lost for a company.

In this article i will show you how to solve that with squid. You can block/filter some websites or even IPs during work hour. This would increase your productivity and efficient your bandwidth use. Let’s begin then.

Now i will show you step by step to make a filter in squid, and i’m sure you familiar with shell command in linux. Please follow these steps:
1. Make a file in /etc/squid/ call it denied_domains.acl with this command:

touch /etc/squid/denied_domains.acl

2. Open that denied_domain.acl wtih this command:

vim /etc/squid/denied_domains.acl

3. Now put every website that you want to block (one per line). Mine is look like this:

.friendster.com
.metacafe.com
.myspace.com
.videos.google.com
.youtube.com
.metacafe.com
.facebook.com

Note: you can add as many as you like, and later you can add or remove it just by edit this file
4. Now save and close that file.
5. Open squid.conf, usually it will in /etc/squid/ folder. Or type this command:

vim /etc/squid/squid.conf

6. Add this lines in your squid.conf:

acl workinghour time MTWHFA 09:00-16.59
acl restricted-domain dstdomain "/etc/squid/denied_domains.acl"
acl blacklist_ip src 172.16.144.11-172.16.144.100/32

explanation: The first line is means you create your working hour variable, which MTWHFA means days (M-Monday, T-Tuesday, W-Wednesday, H-Thursday, F-Friday, A-Saturday, S-Sunday) and working time with this format h1:m1-h2:m2 where h1:m1 should lower than h2.m2. The second line is you create a variable which domain should block. Third line is, you define which IP should be block to the restricted domain.
7. Now add the filter action, put this at the rule line:

http_access deny restricted-domain workinghour blacklist_ip

8. Ok now it’s finish, save and close squid.conf file.
9. Restart your squid with this command:

/etc/init.d/squid restart

Test it with the defined ip to the restricted domain on working hour. And you will see the page show “Access is denied”.
It’s easy right? Leave any comment if you have any tips or tricks that i missed, or just say hi if you like this article. Thanks and have a nice day.

What people search:

Article by Ivan Kristianto

Ivan Kristianto is a profesional web developer and blogger. Very interest with free and open source software. Follow my Twitter: @ivankrisdotcom or Facebook profile IvanKristiantoBlog or Email me at ivan@ivankristianto.com

Category: Featured Content, Ubuntu
Tags: filter, squid, ubuntu, web cache, web proxy, work hour

21 comments 0 people listening

Comment help
Get Livefyre

Sort: Newest | Oldest

Jonasolavidez

2011/03/16 21:26:57| aclParseIpData: WARNING: Netmask masks away part of the specified IP in '192.168.5.101-192.168.5.120/24'

I come up this message I dont know if this is wrong input that I made.

Ivan Kristianto Blog

[HowTo]Filter Some Website During Work Hour With Squid

What people search:

Other Interesting Articles:

Article by Ivan Kristianto

About Author

What's Popular Today

Popular Posts

Categories

Archives

TagClouds

Blogroll