Squid content filtering: Block / download of music MP3, mpg, mpeg, exec files
Q. For security and to save bandwidth I would like to configure Squid proxy server such way that I do not want my users to download all of the following files:
MP3
MPEG
MPG
AVG
AVI
EXE
How do I configure squid content filtering?
A. You can use squid ACL (access control list) to block all these files easily.
How do I block music files using squid content filtering ACL?
First open squid.conf file /etc/squid/squid.conf:
# vi /etc/squid/squid.conf
Now add following lines to your squid ACL section:
acl blockfiles urlpath_regex "/etc/squid/blocks.files.acl"
You want display custom error message when a file is blocked:
# Deny all blocked extension
deny_info ERR_BLOCKED_FILES blockfiles
http_access deny blockfiles
Save and close the file.
Create custom error message HTML file called ERR_BLOCKED_FILES in /etc/squid/error/ directory or /usr/share/squid/errors/English directory.
# vi ERR_BLOCKED_FILES
Append following content:
<HTML> <HEAD> <TITLE>ERROR: Blocked file content</TITLE> </HEAD> <BODY> <H1>File is blocked due to new IT policy</H1> <p>Please contact helpdesk for more information:</p> Phone: 555-12435 (ext 44)<br> Email: helpdesk@yourcorp.com<br>
Caution: Do not include HTML close tags </HTML> </BODY> as it will be closed by squid.
Now create /etc/squid/blocks.files.acl file:
# vi /etc/squid/blocks.files.acl
Append following text:
\.[Ee][Xx][Ee]$
\.[Aa][Vv][Ii]$
\.[Mm][Pp][Gg]$
\.[Mm][Pp][Ee][Gg]$
\.[Mm][Pp]3$
Save and close the file. Restart Squid:
# /etc/init.d/squid restart
Squid in action:
(Click to enlarge)
Subscribe to our free e-mail newsletter or RSS feed to get all updates.
You can Email this page to a friend.
Related Linux / UNIX FAQ:
- Squid proxy How to filter or block a particular port
- Squid Block any Domain Name Accessing the Internet
- Squid Proxy Server Mac Address based filtering
- Squid deny users accessing a website
- Squid proxy authentication in transparent mode
Discussion on This FAQ
Leave a Reply
We encourage your comments, and suggestions. But please stay on topic, be polite, and avoid spam. Please do not use the comment form to ask for help / question. Ask your question on the excellent Linux tech support forum. Thank you very much for stopping by our site!
~ Last updated on: January 6, 2007
January 9th, 2007 at 1:01 pm
I use squid but all my filterings is done via dansguardian. Bannerfilter is great to stop adverts. And web custome written based admin console keeps my non un*x admins happy
January 12th, 2007 at 7:29 am
links for 2007-01-12…
Squid content filtering: Block / download of music MP3, mpg, mpeg, exec files | Frequently Asked Questions The ultimate proxy. If you’re looking for a complete solution, tailored for large deployments(K12 or thinclients), try DansGuardian or Squidgua…
January 16th, 2007 at 10:32 am
[...] Squid content filtering [...]
March 7th, 2007 at 3:18 pm
In Squid, i want to do the routing through users?
eg. user-a, user-b if user a can access internet then data transer through 246kbps line & if user-b access internet then it’s data transer through 1mbps line.
[note:- user-a & user-b can set any where, any pc in network]
March 17th, 2007 at 4:41 am
[...] [ link ] Converter em pdf. [...]
April 3rd, 2007 at 10:24 am
Hi,
I do the following configuration in squid but it is not possible to block the downloads.
Plz give me the solution for this
April 11th, 2007 at 2:50 pm
Hello, thanks, but it dosnt work for me…no effect.
david
April 12th, 2007 at 10:28 am
In squid how I can block files for a particular IP or user
June 18th, 2007 at 10:43 am
it worked for me , but it seems that still users are able to download files dont know how.
how i can totally block the download from users.
if u have downloading agent, then it by-pass and start download.
How can i make it strong so that no one can download any thing through any software.
August 2nd, 2007 at 11:13 am
Hi ,
i was config my proxy successfully. But i can’t access my outlook. i think its prots are blocked.
Then how can i unlock my outlook ports…
If anybody konw the solution, Please Immediately send to me… my NAT server ip was given to the gateway of my proxy server and proxy server gateway was given to the users gateway.. Its correct or not ..
If u know any other way….. please share with me…
I want the correct solution immediately…
MY personal EMAIL ID is saravanaprakasht@yahoo.com
August 8th, 2007 at 9:44 am
my office is blocked to down load mp3 files. Can you please help me how to down load mp3 files.
Your favourable reply will be highly appreciated.
Thanks in advance
Das
August 10th, 2007 at 3:53 am
Dear Sir,
I have followed your step-by-step instruction to block download files.
i succesfully manage to block the files while clicking selected files. and i received error msg from squid.
Unfortunately i still manage to download that file by simply using “Save Link As..” menu as i right click the mouse.
it seem like users still manage to download prohibited file as configured in squid by using right click menu.
please advice.
regards
amin
November 11th, 2007 at 11:25 am
Help!
What if i want to…
replace “Men at work” with “Aliens at party”
Is this possible ?
Can i do this in squid without using any addons ?
November 14th, 2007 at 10:24 am
This did not work at all. It is not blocking downloads. Yes one thing was possible that downloading by right clik and save target was stoped, rest all downloads are working. Not a good solution. Pls advise for another.
November 16th, 2007 at 9:34 am
is there away to unblock bebo cuz are school is gay and has filtered ALL the proxy sites to date
thanks becci
December 14th, 2007 at 3:56 am
please help me
restric the download option in proxy linux server
February 29th, 2008 at 6:57 pm
That won’t stop me from doing
GET http://www.example.com/foo.mp3?parameter=bogus
March 4th, 2008 at 2:15 pm
Hai friends pls help me in this
I our Company we have 200 system and one linux server i want to configure squid in a way that no body should download files in my network and 2 to 3 system i should give premision to download can any body help me plzzzzzzzzzz.
April 29th, 2008 (2 weeks ago) at 12:57 am
Is it possible to block downloads from yahoo mail and other web based email in Squid? I can block downloads using the instructions above but it can only block direct download from a site.
Today at 11:55 am (5 hours ago)
our admin blocked all media files if anybody can help me break his policy,,,