howforge.com

Most offices have internet access especially for managers and employees to read and compose e-mails with customers. Anyway, everything has their bad side so most employees will try to access other things consuming more traffics, e.g., music videos, video streaming, songs and many more. As a result, e-mail applications may slow down. Since most of them will also have proxy to save valuable bandwidth and a popular one is Squid, [SquidGuard][] is able to help controlling internet usage for unimportant purposes.

Installing SquidGuard in Ubuntu is very easy by just a simple command.

sudo apt-get install squidguard

After that, you have to configure Squid and SquidGuard itself to know how to deal with specific hosts and urls.

1. Add below line to /etc/squid/squid.conf.

   redirect_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf

2. Configure what you need in /etc/squid/squidGuard.conf. Below is mine.

   dbhome /var/lib/squidguard/db
   logdir /var/log/squid
    
   time workhours {
       weekly mtwhfa 08:00-12:00
       weekly mtwhfa 13:00-16:30
   }
    
   src admin {
   }
    
   dest streaming {
       domainlist      streaming/domains
       urllist         streaming/urls
       log             streaming.log
       within          workhours
   }
    
   dest antivirus {
       domainlist      antivirus/domains
       urllist         antivirus/urls
       log             antivirus.log
   }
    
   dest download {
       domainlist      download/domains
       urllist         download/urls
       log             download.log
   }
    
    
   acl {
       admin {
               pass     any
       }
    
       default {
               pass            !streaming !antivirus !download any
               redirect        http://www.google.com/
       }
   }

3. Create directories according to all rules in /var/lib/squidguard/db.

   sudo mkdir /var/lib/squidguard/db/streaming
   sudo mkdir /var/lib/squidguard/db/antivirus
   sudo mkdir /var/lib/squidguard/db/download

4. Then define all rules according to above squidGuard.conf. For example, see my files below.

   /var/lib/squidguard/db/antivirus/domains

   liveupdate.symantecliveupdate.com
   liveupdate.symantec.com
   guru.grisoft.com
   downloadfree.grisoft.com
   consumerdownloads.ca.com

   /var/lib/squidguard/db/streaming/domains

   sqm.msn.com
   msgr.dlservice.microsoft.com
   d1.766.com
   us.bitcomet.com
   reports.hotbar.com
   download.windowsupdate.com
   download.microsoft.com

   /var/lib/squidguard/db/streaming/domains

   streamcaster.siamportals.com
   contents.ikeyclub.com
   radio.sanook.com
   www.youdumv.com

5. Don't forget to change owner of these files.

   sudo chown -R proxy:proxy /var/lib/squidguard/db

6. And now it is ready to rebuild database.

   sudo squidGuard -C all

7. We are ready to restart Squid.

   sudo /etc/init.d/squid restart

Tags: squid, squidguard