2

I'm having some problems configuring my local proxy server so that it would restrict access to certain websites.

The proxy server I'm using is Squid; I edited its configuration file found in /etc/squid/squid.conf to include the following:

acl wikipedia dstdomain .wikipedia.org
http_access deny wikipedia

I tried to redirect elinks to use Squid. According to Squid's config file, it listens to port 3128, so in /etc/elinks/elinks.conf I added the following:

set protocol.http.proxy.host = "localhost:3128"

I also restarted Squid with sudo /etc/init.d/squid restart, but I can still access the banned websites using Elinks. What did I do wrong?

Paul
  • 1,155
  • 2
  • 10
  • 15
  • Just for clarification, is that your entire configuration ? I can not tell what site you are trying to block and what url you entered into elinks. FWIW, IMO squid works well on a large LAN with several clients, but you need to maintain a blacklist. You can automate the process with SquidGuard. If you have a single client, try an alternate proxy such as privoxy or if you want a graphical option see http://askubuntu.com/questions/87568/how-to-block-deny-or-redirect-an-ip-address-or-website-domain/87606#87606 . You should also look at "transparent proxies" – Panther Dec 17 '11 at 00:42
  • @bodhi.zazen I edited my examples. Yes, that is all the configuration I did. All I want is to block access to a site and its domains (in this case, Wikipedia). – Paul Dec 17 '11 at 00:48

1 Answers1

2

I think your syntax is a bit off. Try

acl blacklist dstdomain .wikipedia.org
http_access deny blacklist

Other options are outlined here: http://wiki.squid-cache.org/SquidFaq/SquidAcl#How_do_I_implement_an_ACL_ban_list.3F

If you just want to block a single site, you can use /etc/hosts

0.0.0.0  wikipedia.org

Or iptables

sudo iptables -A OUTPUT -d wikipedia.org -j REJECT --reject-with icmp-host-prohibited
Panther
  • 100,877
  • 19
  • 193
  • 283