Windows system >> Linux system Tutorial >> Linux Tutorial

Easily implement Internet filtering under Linux

  
                              



At present, many schools have built campus networks and connected to the Internet, but there are so many bad information on the Internet. How to filter websites to prevent unhealthy websites from affecting students? The following is based on the principle of zero cost and high efficiency, and talk about how to implement the Internet filtering function under free Linux.

Setting up a proxy server


The campus network accesses the Internet through Linux, and uses Squid to set up a proxy server on the gateway.

First of all, you need to install Linux. I use RedHat Linux 7.2 which is easy to install and use. When installing RedHat Linux 7.2, Squid has been installed at the same time, we can use it with a simple configuration.

After RedHat Linux 7.2 is installed, Apache is not running by default. Therefore, Squid should be enabled first to ensure that the Squid proxy server works properly. Modify the /etc/squid/squid.conf configuration file.

http_port 3128 (Define the port that Squid listens for HTTP client requests)

cache_mem 10 MB (The ideal memory value that Squid can use, usually 1/3 of physical memory)

cache_swap_low 95

cache_swap_low 90

maximum_object_size 4096 KB (objects larger than this value will not be stored)

cache_dir ufs /var/spool/squid/cache 200 16 256 (Specify the size of the swap space used by Squid to store objects and its directory structure)

acl all src 192.168.1.1/24 (Define All is 192.168.1.1)

http_acceaa allow all (The client on the network segment of 192.168.1.1 can use the Squid proxy to access the Internet)

cache_effective_user squid (user and user group used)

cache_effective_group squid (the rest of the parameters can be used by default)

[root@squid bin]# chmod 777 /var/spool/squid/cache (make the /var/spool/squid/cache directory a Noboay user with write access)

[root@squid Bin]# squid -z (manually create Squid's cache directory /var/spool/squid/cache)

[root@sq Uid bin]# /etc/rc.d/init.d/squid start (start Squid, stop Squid with /etc/rc.d/init.d/squid stop)

Test on the client, Take Windows as an example. Run IE, click "Tools", then click "Internet Options", then click "Connection" tab, click "LAN Settings"; in the "LAN Settings" window, fill in the "Address" at the Squid server IP address: 192.168.1.16, fill in "3128" at the "port", and then exit after confirming. At this point, the client should be able to browse the Internet, indicating that Squid is running normally.

Configuration of Filtering Function

The next step is to configure the website filtering function. There are two ways to configure it.

Method 1

Please download the RPM version of SquidGuard-1.2.0-3.i386.rpm from ftp://k12linux.mesd.k12.or.us/pub/squidguard/.

#rpm -ivh squidguard-1.2.0-3.i386.rpm

(Data directory Dbhome:/var/squidguard/blacklists after installation; Logdir: /var/log/Squidguard)

Modify the relevant configuration line in the /etc/squid/squid.conf file as prompted:

redirect_program /usr/sbin/squidgua-

rd -c /Etc/squid/squidguard.conf

redirect_child 5

Restart Squid, look at /var/log/squidguard/squidguard.log, see the last line: 2002-06-23 16:13:18 [2237] Squidguard ready for requests indicates that Squidguard is up and running.

Method 2

Please download the TAR version of SquidGuard.tar.gz from squidguard.mesd.k12.or.us/squidguard.tar.gz and save it in the root directory.

#cd /(Enter the root directory)

#tar vzxf squidguard.tar.gz

(Unzip the file to /usr/local/squidguard, the data directory Dbhome :/usr/local/squidguard/db;Log directory Logdir:/usr/local/squidguard/log)

Modify the /etc/squid/squidguard.conf configuration file:

redirect_program: /Usr/local/bin/squidguard -c /etc/squid/squidguard.conf

Restart Squid and check /usr/local/squid guard/log/squidguard.log to make sure SquidGuard is up and running.

Try browsing some websites that want to be filtered. If you can be redirected to the specified page, the filtering function is working.

Increase or decrease data when using the TAR version of SquidGuard. Go to the data directory: /usr/local/squidguard/db in the Porn folder, create a new Domains.diff file, the content format is (plus sign "+" means increase, minus "-" means remove):

+newsite1 (add newsite1 to the filter list, can't access)

+newsite2(Add newsite2 to the filter list, can't access)

-site3(Remove site3 from the filter list, you can Normal access)

-site4 (remove site4 from the filter list, it can be accessed normally)

Then execute: #/usr/local/bin/squidguard -c /etc/squid/squidguard. Conf -u

View the SquidGuard.log file, if any:

db update done

squidguard stopped(102233.823)

Indicates that the data update was successful! Then restart Squid.

Advantages of this method

The advantage of this method is that it is easy to configure and has low hardware requirements. Generally, 486 and 586 are fully qualified, and the proxy server can work for a long time. And all the software is free, the filter list is updated quickly, just go to www.squidGuard.org to download the latest version of the filter list database to replace the old one, you can also manually increase or decrease the filter list.

Squid can also set the time period for online access; you can check the logs regularly to find out the bad tendencies of students online.


Linux Tutorial
Windows system
Linux remote graphical common error handling

When dealing with Oracle problems in the actual production environment, sometimes you need a remote

Linux partition considerations

1. /The root partition is a mandatory partition, partitioned according to your actual situation. 2.
Open vpn installation diagram detailed tutorial

OpvnVPN Chinese full name: virtual private network. It is a private private network technology that

CenterOS 64-bit modified mysql5.5.25 default encoding

view mysql default encoding format show variables like “character%”; If the reality-bash
Linux command--view file contents

cat: display file content from the first line; nl: output line number when displayed; more: one
Linux data recovery practical tutorial

 A few days ago, I met a friend on QQ and asked for help. I said that the VPS I bought could not sta
  • Linux system FAQ
  • Linux Tutorial
  • About Linux

    • Win10 system can not play Assassin's Creed How to solve?

    Imm32.dll is an invalid Windows image solution

    Can I roam my chat history while chatting?

    Computer Knowledge Windows Shortcuts Introduction

    Win8 will support setting up cloud synchronization and "hybrid boot" technology

    What should I do if I encounter Socket ERROR when uploading ftp?

    What should I do if the Win10 computer is slow? How to improve the network speed

    Ten windows xp tips make operation more convenient

    Your computer's CPU is not compatible with Win8 solution

    How to use 360 ​​blue screen repair

  • Windows XP System Tutorial
  • Windows 7 System Tutorial
  • Windows 8 System Tutorial
  • Windows 10 System Tutorial
  • Windows 2003 System Tutorial
  • Windows 2008 System Tutorial
  • Windows Vista System Tutorial
  • Windows tutorial synthesis
  • Windows Server System Tutorial
  • Linux system Tutorial
  • Computer software Tutorial
  • Windows NT Tutorial
    • Copyright © Windows knowledge All Rights Reserved