Squid proxy How to filter or block a particular port

by nixCraft on April 9, 2007 · 13 comments· last updated at April 15, 2007

Q. I am using Debian stable Linux version and squid proxy server for our small software company. I need to block a port number 1234. How to filter a particular port?

A. You can easily filter any port with squid ACL (Access Control List).

ACL is used for defining an access List. When using "file" the file should contain one item per line By default, regular expressions are CASE-SENSITIVE. To make them case-insensitive, use the -i option.

Procedure to block a port

First open /etc/squid/squid.conf file
# vi /etc/squid/squid.conf
Locate your ACL section and add configuration directive as follows:
acl block_port port 1234 http_access deny block_port http_access allow all

If you just want to skip a particular IP (192.168.1.5) try as follows:
acl block_port port 1234 acl no_block_port_ip src 192.168.1.5 http_access deny block_port !no_block_port_ip http_access allow all

Close and save the file.

Restart squid proxy server:
# /etc/init.d/squid restart

You should follow me on twitter here or grab rss feed to keep track of new changes.

Featured Articles:

{ 13 comments… read them below or add one }

1 Anees May 28, 2007 at 6:57 am

i want to block to some site not ports how i block tham plz help me.Thanks

2 nixcraft May 28, 2007 at 2:48 pm

Anees,

See this Squid deny users accessing a website FAQ

3 Partha Bhattacharya August 5, 2007 at 9:21 am

Opened ACL.But could not understand where to write the configuration changes as u have stated.Plz help its urgent.

4 Yagnes February 19, 2008 at 6:53 am

Hi,

I tried your given the instruction port blocking for yahoo messanger, gtalk but its not working that rule..

acl porttest port 5050 5222 5223
acl block_port port 5050 5222 5223
acl test src 172.27.162.43
http_access deny block_port test
http_access allow all

Please help me how to port level blocking partiucalar src ip’s

Its possible to deny particular port ??

Thanks
Yagnes
s.yagnes@gmail.com

5 Yagnes February 19, 2008 at 7:00 am

Hi,

I tried your given the instruction port blocking for yahoo messanger, gtalk but its not working that rule..

acl block_port port 5050 5222 5223
acl test src 172.27.162.43
http_access deny block_port test
http_access allow all

Please help me how to port level blocking partiucalar src ip’s

Its possible to deny particular port ??

Thanks
Yagnes
s.yagnes@gmail.com

6 jasper moore January 18, 2009 at 5:50 am

Thank for the blocking stuff.

7 Asaduzzaman June 14, 2009 at 6:52 am

We are unable to access following url from squid proxy, could you please assist us how can I access this url using squid proxy server.
http://tx1.kewill-ipacs.com:18080/kewillfwd/app/kewillfwd.jnlp

8 Vivek Gite June 14, 2009 at 2:15 pm: Add port number to Safe_port list in squid.conf
Reply

9 chellapandi August 24, 2009 at 12:54 pm

How to black the job site for linux proxy server. i am using RHEL4.

10 vm loganathan December 23, 2009 at 1:08 pm

sir,
i’m using redhad 5 server edition. i config squid.config for particular websites can’t access. but now i want to particular my netwok ip’s only allowed particular website only other website totaly blocked. how do done this?..
example
my n/w is 191.168.0.0/255.255.0.0
but 191.168.3.6 ip user only access gmail.com other website totally block how to done this?
note: particular websites only i want to allow other website i want to deny how?
how to done this plz help[replay] me….

11 Ashwin September 28, 2010 at 12:02 pm