Windows system >> Linux system Tutorial >> Linux Tutorial

Network Tutorial: Implementing Internet Filtering under Linux System

  

At present, many schools have built campus networks and connected to the Internet, but there are so many bad information on the Internet, how to filter websites and prevent unhealthy websites from being used by students. What about the impact? The following is based on the principle of zero cost and high efficiency, and talk about how to implement the Internet filtering function under free Linux.

Setting up a proxy server

The campus network accesses the Internet through Linux, and uses Squid to set up a proxy server on the gateway.

First of all, you need to install Linux. I use RedHat Linux 7.2 which is easy to install and use. When installing RedHat Linux 7.2, Squid has been installed at the same time, we can use it with a simple configuration.

After RedHat Linux 7.2 is installed, Apache is not running by default. Therefore, Squid should be enabled first to ensure that the Squid proxy server works properly. Modify the /etc/squid/squid.conf configuration file.

http_port 3128 (Define the port that Squid listens for HTTP client requests)

cache_mem 10 MB (The ideal memory value that Squid can use, usually 1/3 of physical memory)

cache_swap_low 95

cache_swap_low 90

maximum_object_size 4096 KB (objects larger than this value will not be stored)

cache_dir ufs /var/spool/squid/cache 200 16 256 (Specify the size of the swap space used by Squid to store objects and its directory structure)

acl all src 192.168.1.1/24 (Define All is 192.168.1.1)

http_acceaa allow all (Clients on the 192.168.1.1 network segment can use the Squid proxy to access the Internet)

cache_effective_user squid (users and user groups used)

cache_effective_group squid (the rest of the parameters can be used by default)

[root@squid bin]# chmod 777 /var/spool/squid/cache (make the /var/spool/squid/cache directory a Noboay user with write access)

[root@squid Bin]# squid -z (manually create Squid's cache Record /var/spool/squid/cache)

[root@squid bin]# /etc/rc.d/init.d/squid start (Start Squid, stop Squid with /etc/rc.d/Init.d/squid stop)

Test on the client, using Windows as an example. Run IE, click "Tools", then click "Internet Options", then click "Connection" tab, click "LAN Settings"; in the "LAN Settings" window, fill in the "Address" at the Squid server IP address: 192.168.1.16, fill in "3128" at the "port", and then exit after confirming. At this point, the client should be able to browse the Internet, indicating that Squid is running normally.

Configuration of Filtering Function

The next step is to configure the website filtering function. There are two ways to configure it.

Method 1

Please download the RPM version of SquidGuard-1.2.0-3.i386.rpm from ftp://k12linux.mesd.k12.or.us/pub/squidguard/.

#rpm -ivh squidguard-1.2.0-3.i386.rpm

(Data directory Dbhome:/var/squidguard/blacklists after installation; Logdir: /var/log/Squidguard)

Modify the relevant configuration line in the /etc/squid/squid.conf file as prompted:

redirect_program /usr/sbin/squidgua-

rd -c /Etc/squid/squidguard.conf

redirect_child 5

Restart Squid, look at /var/log/squidguard/squidguard.log, see the last line: 2002-06-23 16:13:18 [2237] Squidguard ready for requests indicates that Squidguard is up and running.

Method 2

Please download the TAR version of SquidGuard.tar.gz from http://squidguard.mesd.k12.or.us/squidguard.tar.gz and save it in the root directory. .

#cd /(Enter the root directory)

#tar vzxf squidguard.tar.gz

(Unzip the file to /usr/local/squidguard, the data directory Dbhome :/usr/local/squidguard/db;Log directory Logdir:/usr/local/squidguard/log)

Modify the /etc/squid/squidguard.conf configuration file:

redirect_program: /Usr/local/bin/squidguard -c /etc/squid/squidguard.conf

Restart Squid and check /usr/local/squid guard/log/squidguard.log to make sure SquidGuard is up and running.

Try browsing some websites that want to be filtered. If you can be redirected to the specified page, the filtering function is working.

Increase or decrease data when using the TAR version of SquidGuard. Go to the data directory: /usr/local/squidguard/db in the Porn folder, create a new Domains.diff file, the content format is (plus sign "+" means increase, minus sign "-" means remove):

+newsite1 (add newsite1 to the filter list, can't access)

+newsite2 (add newsite2 to the filter list, can't access)

-site3(Remove site3 from the filter list, you can Normal access)

-site4 (remove site4 from the filter list, can be accessed normally)

Then execute: #/usr/local/bin/squidguard -c /etc/squid/squidguard. Conf -u

View the SquidGuard.log file, if:

db update done

squidguard stopped(102233.823)

Indicates that the data update was successful! Then restart Squid.

Advantages of this method

The advantage of this method is that it is easy to configure and has low hardware requirements. Generally, 486 and 586 are fully qualified, and the proxy server can work for a long time. And all the software is free, the filter list is updated quickly, just download the latest version of the filter list database to replace the old one, or you can manually increase or decrease the filter list.

Squid can also set the time period for online access; you can check the logs regularly to find out the bad tendencies of students online.

Linux Tutorial
Windows system
Linux Nginx Soft Load Implementation Tutorial

Slightly larger sites are inevitably load balanced, but hardware load balancing is expensive. There

Do you use the Linux command line?

Think about it, what if you want to change the size of an image to a smaller size? Of course, I will
Linux system installation Vmware graphic tutorial

                   Installing VMware in Linux System Due to the project needs, you need to virtuali
Detailed STMFD and LDMFD instructions and personal understanding analysis

LDM/STM instructions are mainly used for field protection, data copying, parameter transfer, etc. ST
Ubuntu Linux system support for tablets released

According to the US technology blog TNW, the well-known Linux vendor Canonical today released and de
Linux, Mac and Windows platform installation Git diagram detailed tutorial

Git as the worlds most advanced distributed version control system (no one), presumably many people

  • Linux system FAQ
  • Linux Tutorial
  • About Linux

    • How to do the pirates unparalleled 3win1064 bit system XboxOne handle key error

    Win7 system removes USB pop-up windows can't be disabled How to do Win7 can't safely remove USB device solution

    Win8.1 system how to install Win7 driver in compatibility mode

    How to delete the program folder of Win10 start menu directly

    The eight steps of Microsoft Windows 7 upgrade

    Add Smart ABC Input Method in Windows 7

    Win7 Academy: Clean up resource manager search records, protect privacy

    How to close the address book friend

    Server time is running fast or not allowed (Linux)

    Windows 93 operating system appeared! Always feel weird (with experience address)

  • Windows XP System Tutorial
  • Windows 7 System Tutorial
  • Windows 8 System Tutorial
  • Windows 10 System Tutorial
  • Windows 2003 System Tutorial
  • Windows 2008 System Tutorial
  • Windows Vista System Tutorial
  • Windows tutorial synthesis
  • Windows Server System Tutorial
  • Linux system Tutorial
  • Computer software Tutorial
  • Windows NT Tutorial
    • Copyright © Windows knowledge All Rights Reserved