At present, many schools have built a campus network and connected to the Internet, but the internet is a lot of bad information, how to filter the Web site to prevent the impact of unhealthy websites on students? Following the principle of 0 cost, high efficiency, talk about how to realize the Internet filtering function under the free Linux.
Setting up a proxy server
Campus network through Linux Internet, in the network closed use squid set up proxy server.
First of all to install a good Linux, I use the easy to install the Redhat Linux 7.2. When installing Redhat Linux 7.2, squid has been installed at the same time, we need a simple configuration can be used.
RedHat Linux 7.2 Installed by default is not running Apache, it should first enable squid to ensure that Squid Proxy server can work properly. Modify the/etc/squid/squid.conf configuration file.
Http_port 3128 (defines the port that squid listens for HTTP client requests)
Cache_mem MB (squid can be used in ideal memory, generally set to 1/3 of physical memory)
Cache_swap_low 95
Cache_swap_low 90
Maximum_object_size 4096 KB (greater than this value object will not be stored)
Cache_dir Ufs/var/spool/squid/cache 200 16 256 (Specify the amount of swap space that Squid uses to store objects and their directory structure)
ACL all src 192.168.1.1/24 (define all as 192.168.1.1 network segment)
HTTP_ACCEAA Allow all (192.168.1.1 network segment clients can use Squid Agent to surf the internet)
Cache_effective_user Squid (Users and user groups used)
Cache_effective_group Squid (the rest of the parameters with the default value)
[Root@squid bin]# chmod 777/var/spool/squid/cache (make/var/spool/squid/cache directory as Noboay user with write permission)
Test on the client, taking windows as an example. Run IE, click Tools, click Internet Options, click the Connections tab, click LAN Settings, and in the LAN Settings window, insert the IP address of the squid server at address: 192.168.1.16, fill in "Port" at "3128 ", OK after exiting. At this point, the client should be able to browse the Internet to indicate that squid is working properly.
The configuration of the filtering function
The next step is to configure the Web site filtering function. There are two ways to configure it.
Method One
Please ftp://k12linux.mesd.k12.or.us/pub/squidguard/download the rpm version of squidguard-1.2.0-3.i386.rpm.
#rpm-IVH squidguard-1.2.0-3.i386.rpm
(Post-installation data directory dbhome:/var/squidguard/blacklists; log directory LogDir:/var/log/squidguard)
Modify the related configuration lines in the/etc/squid/squid.conf file as prompted:
redirect_program/usr/sbin/squidgua-
Rd-c/etc/squid/squidguard.conf
Redirect_child 5
Restart squid, view/var/log/squidguard/squidguard.log, see last line: 2002-06-23 16:13:18[2237] Squidguard ready for Requests indicates that the Squidguard is functioning properly.
Method Two
Please go to squidguard.mesd.k12.or.us/squidguard.tar.gz to download the tar version of SquidGuard.tar.gz and store it in the root directory.
#cd/(Go to root directory)
#tar VZXF squidguard.tar.gz
(/usr/local/squidguard files to the data directory dbhome:/usr/local/squidguard/db log directory logdir:/usr/local/squidguard/log)
To modify the/etc/squid/squidguard.conf configuration file:
Restart Squid to view/usr/local/squid Guard/log/squidguard.log to ensure that Squidguard is running properly.
Try to browse some Web site, if you can be redirected to the specified page, then the filtering function has been in effect.
You can add or subtract data when using the tar version of Squidguard. Enter into the data directory:/usr/local/squidguard/db under the porn folder, a new Domains.diff file, the content format is (plus "+" means increase, minus "-" means removal):
+newsite1 (add newsite1 to filter list, no access)
+newsite2 (add Newsite2 to filter list, no access)
-site3 (remove Site3 from filter list and can be accessed normally)
-site4 (remove Site4 from filter list and can be accessed normally)
Then execute: #/usr/local/bin/squidguard-c/etc/squid/squidguard.conf-u
View SquidGuard.log files, if available:
DB Update Done
Squidguard stopped (102233.823)
Indicates that the data update is successful! Then restart squid.
The advantages of this method
The advantages of this method is convenient configuration, low hardware requirements, generally retired 486, 586 fully competent, proxy server can work long hours. And all the software is free, filter list update fast, just to www.squidGuard.org download the latest version of the filter list database replacement can be replaced by the old, but also manually add or subtract filter list.
Squid can also set the Internet time period, can regularly check the log, in time to find students on the internet in bad tendencies. (Source: Sadie Net-China computer education newspaper)
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
