[Guide] Setup Squid and SquidGuard with Ubuntu Server 14.04.1 LTS


Recommended Posts

After reading a lot of guides on how to set this up, I never found one guide that didn't leave something out that made me have to search for some answers.. I've made a very straightforward and simple guide on how to setup Squid/SquidGuard on a network.. If you have any questions or something in the guide is left out/wrong, please let me know.

How to setup a Squid Server with SquidGuard 
Protecting your Network from Ads/Spyware/Malware
Follow this guide at your own risk! I will not be held responsible for any damages

For this guide, we are going to use Ubuntu 14.04.1 LTS, I will assume that you have the knowledge on how to install an Ubuntu Server on hardware or a VM. Also, set a static IP for the server.

Just follow these commands, and you’ll be up and running!

1. sudo apt-get update
2.  sudo apt-get upgrade
3. sudo apt-get install squid3
4. sudo nano /etc/squid3/squid.conf
5. You can actually just copy and paste this into the squid.conf, everything is commented out..  Just change the hostname to the hostname of the server.. 
visible_hostname your-machines-hostname
http_port 3128
cache_dir ufs /var/spool/squid 1000 16 256
cache_access_log /var/log/squid/access.log
6. Add this also to your squid.conf “intranet” is just the name of the group you are making to allow access to the squid server. Make sure you use your IP range and correct subnet. You can make additional groups if needed, either to allow or deny them. The next is giving access to the group, “intranet”.
acl intranet 10.50.0.0/32
http_access allow intranet
7. sudo service restart squid3

Now, you have a fully working squid server that is going to only allow the IP range of 10.50.0.0/32. If someone tries to connect to the proxy server in a different IP range, they will be blocked by the proxy. You can use this to limit access to certain departments and groups as well as set up times which they can allow internet access.. That is for a more in-depth guide. 
To test your proxy with Firefox, go to options, Advance, Network, Connection Settings. Enter your proxy’s IP and proxy’s port number. Default port number is 3128 as we set in the squid.conf. If you want to use a different port number, edit it in the squid.conf under “http_port”. 


Now, it’s time to install SquidGuard!
1.    sudo apt-get install squidguard
2.    sudo mkdir /opt/3rdparty
We are going to use the list from shalalist.de for “testing”, since it’s 100% free for non-commerical.  For a bigger and much more through blacklist, I use http://urlblacklist.com/. It’s free to try once, and has different pricing tiers for person/school/business.
3.    sudo wget http://www.shallalist.de/Downloads/shallalist.tar.gz
4.    sudo tar xzf shallalist.tar.gz
5.    sudo cp -a /opt/3rdparty/BL/porn/var/lib/squidguard/db
sudo cp -a /opt/3rdparty/BL/adv/var/lib/squidguard/db
sudo cp -a /opt/3rdparty/BL/spyware /var/lib/squidguard/db
6.    Add this to  /etc/squid3/squid.conf , type “sudo nano /etc/squid3/squid.conf
url_rewrite_program /usr/bin/squidGuard
7.    sudo squidGuard -C all
8.    chown -R proxy:proxy /var/lib/squidguard/db
9.    Add this to my /etc/squid3/squid.conf  type, “sudo nano /etc/squid3/squid.conf
url_rewrite_program /usr/bin/squidGuard

Now, we need to edit the squidGuard.conf

I recommend to make a backup of your squidGuard.conf then making a new one..
1. sudo cp /etc/squidguard/squidGuard.conf /etc/squidGuard.conf.bak
2. sudo rm /etc/squidguard/squidGuard.conf
3.sudo nano /etc/suqidgurd/squidGuard.conf
Copy and paste this,
#
# CONFIG FILE FOR SQUIDGUARD
#
dbhome /usr/local/squidGuard/db
logdir /usr/local/squidGuard/logs
dest porn {
domainlist porn/domains
urllist porn/urls
}
dest adv {
domainlist adv/domains
urllist adv/urls
}
dest spyware {
domainlist spyware/domains
urllist spyware/urls
}
acl {
default {
pass !porn !adv !spyware all
redirect http://localhost/block.html
}
}
You can test your squidguard by doing a dry run
sudo echo "http://www.pornhub.com 10.50.55.10/- - GET" | squidGuard -c /etc/squidguard/squidGuard.conf –d

You should see, 
squidGuard ready for requests 
squidGuard stopped 
If there are errors, it will tell you.. The most likely errors you’ll run into are permission issues.. If it gives you permission issues with your database, make sure that you set the user and group named “proxy” ownership. You can tell that by “sudo ls -l /var/lib/squidguard/db*”

You can now use the Firefox browser you setup to use with your proxy server to make sure you are blocking porn and ads. For better protection, I recommend using the blacklist from,  http://urlblacklist.com/

  On 15/09/2015 at 15:06, limok said:

Yes I need this. We've got one set up and it looks like a botched up job. I'll be following this guide to set and test a proxy. 

Cheers

Thanks! 

  On 15/09/2015 at 15:36, BudMan said:

Shouldn't this be in the guide section and not in visualization

Ah, I thought it would be best in the networking section.. Maybe the mods will move it.. Thanks.  

  On 15/09/2015 at 22:07, BudMan said:

why did you put it under vitalization subsection?

It looks like it is under Home  Technical Help & Support  Internet, Network & Security  [Guide] Setup Squid and SquidGuard with Ubuntu Server 14.04.1 LTS like I intended it to me..  

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • how big is your HDD that only has 100gb left? I take it this the main drive.  Is this a pc or laptop? I ask because changing hdd in pcs are much easier. You sure a good clean/purge of data wouldn't clear up space - have you ran disk cleanup? Which is part of windows..  You can for sure move data to your external drive, install programs to it, etc - but using it to store updates?   
    • How to record screen as GIF in Windows 11 by Taras Buria The Snipping Tool app is already quite a capable program for screenshots and screen recordings. Still, there is always room for improvement, and many users agree that the app needs the ability to save screen recordings as GIFs. Microsoft heard those users, and recent updates introduced the long-requested feature, allowing you to record your screen as a GIF. Here is how to do it. Record screen as a GIF in Windows 11 Note: By the time of publishing this article, GIF support in Snipping Tool is only available to Windows Insiders. However, you can enable that feature on stable Windows 11 releases as well; here is how: Go to store.rg-adguard.net, select ProductID in the first drop-down, paste 9MZ95KL8MR0L into the search box, and select Fast in the last drop-down. Press the checkmark button. Find and download Microsoft.ScreenSketch_2022.2505.21.0_neutral_~_8wekyb3d8bbwe.msixbundle in the list of apps. The version number could be newer, just make sure you are downloading an msixbundle file. Note that the browser will warn you about downloading a potentially harmful file. Open the file and click Update. Download ViveTool from GitHub and unpack the files in a convenient and easy-to-find folder. Run Command Prompt as Administrator and navigate to the folder containing the ViveTool files with the CD command. For example, if you have placed ViveTool in C:\Vive, type CD C:\Vive. Type vivetool /enable /id:47081492 and press Enter. The steps above might seem a bit tedious, but that is the only way to get GIF support in Snipping Tool without enrolling your device in the Windows Insider program. We will update the article once the feature is publicly available, so there is no need to jump through all the hoops just to make it work. Tip: You can always roll back Snippint Tool to the latest version from the Microsoft Store by uninstalling it and downloading it again. Now, with GIF support enabled in Snipping Tool, here is how to save a screen recording as a GIF in Windows 11: Press Win + Shift + S, select screen recording mode and record whatever you want. After the recording is over, Snipping Tool will open your video so that you can view, trim, or save it. At this point, all you have to do is click the GIF button in the upper-right corner. On the next screen, select your GIF quality and click Export to save as a file or Copy to copy it to the clipboard. And that is how you save screen recordings as GIFs in Windows 11. Note that Snipping Tool can only save GIFs for up to 30 seconds. Anything beyond that will be cut off. You might think that Clipchamp, Windows 11's built-in video editor, is a good option when you want to save a screen recording as a GIF. However, it really sucks at that. The video duration is capped at just 15 seconds, which is even worse than the Snipping Tool, and the output resolution is hilariously low. The latter makes it impossible to distinguish any details, and all you get is a blurry, pixelated mess. No, Clipchamp is not a good option for that. If you want to create GIFs that are longer than 30 seconds, a good option is to go with apps like ShareX, which is extremely flexible and customizable (and also free, which makes it one of our favorite must-have apps for Windows 11). Alternatively, you can record a video using the Snipping Tool and then convert it to a GIF using web-based services like Ezgif, another great free utility. Keep in mind that the larger your video resolution and the longer its duration, the bigger the final GIF size. Depending on the settings, GIFs could reach hundreds of megabytes, so you have to set your expectations correctly (and so do the settings, too).
    • I'll give you an example of "the settings problem." As awful as the HP Smart app is, it's magnitudes more useful than Settings when I need to do some deep dive stuff on my HP Officejet.
    • I hate to defend Apple but this marketing and they are only "desperate" to move from #3 to #1 for biggest company in the world.
    • There's very granular stuff in the legacy Control Panel that will probably never be accessible from settings. But that stuff will still be there if you know where to look.
  • Recent Achievements

    • Week One Done
      habso earned a badge
      Week One Done
    • Week One Done
      DXB APPS earned a badge
      Week One Done
    • One Month Later
      DecaffKnight94 earned a badge
      One Month Later
    • Dedicated
      S.P earned a badge
      Dedicated
    • One Month Later
      adxnksd42031 earned a badge
      One Month Later
  • Popular Contributors

    1. 1
      +primortal
      661
    2. 2
      ATLien_0
      252
    3. 3
      Michael Scrip
      234
    4. 4
      Steven P.
      151
    5. 5
      +FloatingFatMan
      148
  • Tell a friend

    Love Neowin? Tell a friend!