Sometime, it’s hard to be a sysadmin, because sometime we have to do evil thing. A good example is, blocking sites, that, have legal use, but some one high above, want it so.
In squid, the is a squid.conf, which should be resided, in your configuration directory. In my example, my network server running fc 7, using squid from repository, so the configuration is in, /etc/squid
In the squid.conf, comes 2 directive, the acl, and http_access. Just below the acl to your own network,
which should be
acl something src “a list of ip”
From this line, there is 2 way to blog a site
Add the following:
acl evilsite dstdomain somesite
acl deny evilsite
This is not a bad idea, except, for all the site, you want to block, you will have to add one by one.
Make a messy configuration file, more messy.
another way is to create a file with a list of bad ip.
first as root create a text file, which I just put it in the same directory as squid.conf. And fill it with the ip you want to block, separated with a newline.
Which in my example, in my squid configuration directory
This will create a empty text file
echo “http://evilsite” >>restricted-site.squid
This will add the a line in restricted-site.squid
do it again, by change http://evilsite. with another site.
then create a new acl in your squid.conf
acl badlist dstdomain “yourlistfile
http_access deny badlist
Now this way, you can just add a site, to the restricted file, with messing with the already messy, squid.conf
p.s This is tested on a server I manage, which runs fedora. Not my laptop which runs ubuntu