Volonté de faire du filtrage web avec Squid par le biais de SquidGuard

apt-get install squidguard

Ensuite modifier le fichier /etc/squidguard/squidGuard.conf

On peut au préalable sauvegarder le fichier présent :
cp /etc/squidguard/squidGuard.conf /etc/squidguard/squidGuard.back
Editer le fichier squidGuard.conf

#
# CONFIG FILE FOR SQUIDGUARD
#
dbhome /var/lib/squidguard/db
logdir /var/log/squid3
# les règles de filtrage
dest adult {
domainlist adult/domains
urllist adult/urls
expressionlist adult/very_restrictive_expression
}
dest publicite {
domainlist publicite/domains
urllist publicite/urls
}
dest porn {
domainlist porn/domains
urllist porn/urls
}
###Forcer la réécriture de https vers http pour les moteurs de recherche et pouvoir analyser les mots
rew safesearch {
s@(google..*/search?.*q=.*)@ &safe=active@i
s@(google..*/images.*q=.*)@ &safe=active@i
s@(google..*/groups.*q=.*)@ &safe=active@i
s@(google..*/news.*q=.*)@ &safe=active@i
s@(yandex..*/yandsearch?.*text=.*)@ &fyandex=1@i
s@(search.yahoo..*/search.*p=.*)@ &vm=r&v=1@i
s@(search.live..*/.*q=.*)@ &adlt=strict@i
s@(search.msn..*/.*q=.*)@ &adlt=strict@i
s@(.bing..*/.*q=.*)@ &adlt=strict@i
log block.log
}
#La règle avec les interdictions: !porn !adult !publicite !violence !agressif !aggressive
acl {
default {
pass !porn !adult !publicite all
redirect http://google.fr ##tout ce qui est inderdit est rediriger vers google
}
}

Télécharger la blacklist
wget http://dsi.ut-capitole.fr/blacklists/download/blacklists.tar.gz

Décompresser la liste et la copier dans le bon dossier
tar -xzf blacklists.tar.gz
cp -R blacklists/* /var/lib/squidguard/db/
Création d’un lien symbolique pour que le fichier de configuration de squidGuard soit dans le dossier /etc/squid3
ln -s /etc/squidguard/squidGuard.conf /etc/squid3/
Génération de la base de données
squidGuard -C all
Application des droits
chown -R proxy:proxy /var/log/squid3 /var/lib/squidguard
Ajout de la commande dans le fichier /etc/squid3/squid.conf
url_rewrite_program /usr/bin/squidGuard -c /etc/squid3/squidGuard.conf

fichier squid.conf :
egrep -n -v '^(#|$)' /etc/squid3/squid.conf

1041:acl localnet src 192.168.137.0/24
1045:acl SSL_ports port 443
1046:acl Safe_ports port 80 # http
1047:acl Safe_ports port 21 # ftp
1048:acl Safe_ports port 443 # https
1049:acl Safe_ports port 70 # gopher
1050:acl Safe_ports port 210 # wais
1051:acl Safe_ports port 1025-65535 # unregistered ports
1052:acl Safe_ports port 280 # http-mgmt
1053:acl Safe_ports port 488 # gss-http
1054:acl Safe_ports port 591 # filemaker
1055:acl Safe_ports port 777 # multiling http
1056:acl CONNECT method CONNECT
1189:http_access deny !Safe_ports
1192:http_access deny CONNECT !SSL_ports
1195:http_access allow localhost manager
1196:http_access deny manager
1210:http_access allow localnet
1211:http_access allow localhost
1214:http_access deny all
1614:http_port 3128
2892:forward_max_tries 25
3235:cache_dir ufs /var/spool/squid3 100 16 256
3972:coredump_dir /var/spool/squid3
4169:url_rewrite_program /usr/bin/squidGuard -c /etc/squid3/squidGuard.conf
4493:refresh_pattern ^ftp: 1440 20% 10080
4494:refresh_pattern ^gopher: 1440 0% 1440
4495:refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
4496:refresh_pattern . 0 20% 4320

Redémarrage de squid3
service squid3 restart

Dans une nouvelle session, on peut lire les logs de squidGuard afin de voir le bon fonctionnement
root@vps317218:~# tail -f /var/log/squidguard/squidGuard.log

2016-09-18 12:12:33 [16308] INFO: loading dbfile /var/lib/squidguard/db/adult/urls.db
2016-09-18 12:12:33 [16308] init expressionlist /var/lib/squidguard/db/adult/very_restrictive_expression
2016-09-18 12:12:33 [16308] init domainlist /var/lib/squidguard/db/publicite/domains
2016-09-18 12:12:33 [16308] INFO: loading dbfile /var/lib/squidguard/db/publicite/domains.db
2016-09-18 12:12:33 [16308] init urllist /var/lib/squidguard/db/publicite/urls
2016-09-18 12:12:33 [16308] INFO: loading dbfile /var/lib/squidguard/db/publicite/urls.db
2016-09-18 12:12:33 [16308] init domainlist /var/lib/squidguard/db/porn/domains
2016-09-18 12:12:33 [16308] INFO: loading dbfile /var/lib/squidguard/db/porn/domains.db
2016-09-18 12:12:33 [16308] init urllist /var/lib/squidguard/db/porn/urls
2016-09-18 12:12:33 [16308] INFO: loading dbfile /var/lib/squidguard/db/porn/urls.db
2016-09-18 12:13:32 [16337] INFO: New setting: dbhome: /var/lib/squidguard/db
2016-09-18 12:13:32 [16337] INFO: New setting: logdir: /var/log/squid3
2016-09-18 12:13:32 [16337] init domainlist /var/lib/squidguard/db/adult/domains
2016-09-18 12:13:32 [16337] INFO: loading dbfile /var/lib/squidguard/db/adult/domains.db
2016-09-18 12:13:32 [16337] init urllist /var/lib/squidguard/db/adult/urls
2016-09-18 12:13:32 [16337] INFO: loading dbfile /var/lib/squidguard/db/adult/urls.db
2016-09-18 12:13:32 [16337] init expressionlist /var/lib/squidguard/db/adult/very_restrictive_expression
2016-09-18 12:13:32 [16337] init domainlist /var/lib/squidguard/db/publicite/domains
2016-09-18 12:13:32 [16337] INFO: loading dbfile /var/lib/squidguard/db/publicite/domains.db
2016-09-18 12:13:32 [16337] init urllist /var/lib/squidguard/db/publicite/urls
2016-09-18 12:13:32 [16337] INFO: loading dbfile /var/lib/squidguard/db/publicite/urls.db
2016-09-18 12:13:32 [16337] init domainlist /var/lib/squidguard/db/porn/domains
2016-09-18 12:13:32 [16337] INFO: loading dbfile /var/lib/squidguard/db/porn/domains.db
2016-09-18 12:13:32 [16337] init urllist /var/lib/squidguard/db/porn/urls
2016-09-18 12:13:32 [16337] INFO: loading dbfile /var/lib/squidguard/db/porn/urls.db
franck