John, here it is still in draft but it's the basis to gettting started...
AT YOUR OWN RISK
Download latest RHEL rpm’s from DAG…
DAG – SquidGuard Home page…
http://dag.wieers.com/home-made/squidguard/Download - squidguard-1.2.0-2.2.el4.rf.i386.rpm
http://dag.wieers.com/packages/squidguard/squidguard-1.2.0-2.2.el4.rf.i386.rpmDownload – squidguard-blacklists-20050528-1.2.el4.rf.noarch.rpm
http://dag.wieers.com/packages/squidguard-blacklists/squidguard-blacklists-20050528-1.2.el4.rf.noarch.rpmThe SquidGuard-blacklists maybe out of date but it’s a good base to start from. This site currently has some blacklists updates which you can apply…
http://cri.univ-tlse1.fr/documentations/cache/squidguard_en.htmlNow for the installation…
[root@example home]# rpm -Uvh squidguard-1.2.0-2.2.el4.rf.i386.rpm
Preparing... ########################################### [100%]
1:squidguard ########################################### [100%]
[root@example home]#
Install the SquidGuard-blacklists…
[root@example home]# rpm -Uvh squidguard-blacklists-20050528-1.2.el4.rf.noarch.rpm
Preparing... ########################################### [100%]
1:squidguard-blacklists ########################################### [100%]
[root@example home]#
We are now going to create our /etc/squid/squidGuard.conf – Follow these steps…
mkdir -p /etc/e-smith/templates-custom/etc/squid/squidguard.conf
Inside that directory I files to put the relevant code…
10dbhome
#
# Config file for squidguard
#
dbhome /var/lib/squidguard
10logdir
logdir /var/log/squidguard
13destsetup
#
# Destination setup i.e where our blacklists are.
#
15dest-adult
dest adult \{
domainlist adult/domains
urllist adult/urls
expressionlist adult/expressions
\}
**Note**
Above we have 15dest-adult but as you've installed the DAG blacklist rpm you can enable more databases just create another template called 15dest-warez and use the code
dest warez \{
domainlist warez/domains
urllist warez/urls
expressionlist warez/expressions
\}
You can see what other databases you have by looking in /var/lib/squidguard/
20aclsetup
#
# ACL setup control ie you can control time and dest db's
#
25acldefault
acl \{
default \{
pass !adult !warez
redirect http://192.168.1.20/cgi-bin/squidGuard.cgi?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetclass=%t&url=%u
\}
\}
As we might have entered the warez database you would need to add in the line to template 25acldefault "!warez"
Once your happy with the templates run…
expand-template /etc/squid/squidguard.conf
Next create a template squid.conf and a file called 45SquidGuard
mkdir -p /etc/e-smith/templates-custom/etc/squid/squid.conf
and enter…
redirect_program /usr/bin/SquidGuard –c /etc/squid/squidguard.conf
redirect_children 5
expand-template /etc/squid/squid.conf
Now restart squid…
[root@example squidguard.conf]# svc -t /service/squid
[root@example squidguard.conf]# service squid restart
Restarting squid [ OK ]
[root@example squidguard.conf]#
Check the /var/log/squidguard/squidguard.log for any errors and that it starts up ok.
To check from server that squidguard is filtering type on command line…
echo "http://www.google.co.uk 10.0.0.1/- - GET" | /usr/bin/squidGuard -c /etc/squid/squidguard.conf –d
That will pass, now do the same with a blocked site for example
www.playboy.com and that should show your redirected blocked url
If you need to create your own custom databases you can, search google as it has a wealth of info.