Squid proxy How to filter or block a particular port

Q. I am using Debian stable Linux version and squid proxy server for our small software company. I need to block a port number 1234. How to filter a particular port?

ADVERTISEMENTS

A. You can easily filter any port with squid ACL (Access Control List).

ACL is used for defining an access List. When using “file” the file should contain one item per line By default, regular expressions are CASE-SENSITIVE. To make them case-insensitive, use the -i option.

Procedure to block a port

First open /etc/squid/squid.conf file
# vi /etc/squid/squid.conf
Locate your ACL section and add configuration directive as follows:
acl block_port port 1234
http_access deny block_port
http_access allow all

If you just want to skip a particular IP (192.168.1.5) try as follows:
acl block_port port 1234
acl no_block_port_ip src 192.168.1.5
http_access deny block_port !no_block_port_ip
http_access allow all

Close and save the file.

Restart squid proxy server:
# /etc/init.d/squid restart

🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source/DevOps topics:
CategoryList of Unix and Linux commands
File Managementcat
FirewallCentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilitiesdig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNCentOS 8 Debian 10 Firewall Ubuntu 20.04

ADVERTISEMENTS
15 comments… add one
  • Anees May 28, 2007 @ 6:57

    i want to block to some site not ports how i block tham plz help me.Thanks

  • 🐧 nixCraft May 28, 2007 @ 14:48
  • Partha Bhattacharya Aug 5, 2007 @ 9:21

    Opened ACL.But could not understand where to write the configuration changes as u have stated.Plz help its urgent.

  • Yagnes Feb 19, 2008 @ 6:53

    Hi,

    I tried your given the instruction port blocking for yahoo messanger, gtalk but its not working that rule..

    acl porttest port 5050 5222 5223
    acl block_port port 5050 5222 5223
    acl test src 172.27.162.43
    http_access deny block_port test
    http_access allow all

    Please help me how to port level blocking partiucalar src ip’s

    Its possible to deny particular port ??

    Thanks
    Yagnes
    s.yagnes@gmail.com

  • Yagnes Feb 19, 2008 @ 7:00

    Hi,

    I tried your given the instruction port blocking for yahoo messanger, gtalk but its not working that rule..

    acl block_port port 5050 5222 5223
    acl test src 172.27.162.43
    http_access deny block_port test
    http_access allow all

    Please help me how to port level blocking partiucalar src ip’s

    Its possible to deny particular port ??

    Thanks
    Yagnes
    s.yagnes@gmail.com

  • jasper moore Jan 18, 2009 @ 5:50

    Thank for the blocking stuff.

  • Asaduzzaman Jun 14, 2009 @ 6:52

    We are unable to access following url from squid proxy, could you please assist us how can I access this url using squid proxy server.
    http://tx1.kewill-ipacs.com:18080/kewillfwd/app/kewillfwd.jnlp

    • 🐧 nixCraft Jun 14, 2009 @ 14:15

      Add port number to Safe_port list in squid.conf

  • chellapandi Aug 24, 2009 @ 12:54

    How to black the job site for linux proxy server. i am using RHEL4.

  • vm loganathan Dec 23, 2009 @ 13:08

    sir,
    i’m using redhad 5 server edition. i config squid.config for particular websites can’t access. but now i want to particular my netwok ip’s only allowed particular website only other website totaly blocked. how do done this?..
    example
    my n/w is 191.168.0.0/255.255.0.0
    but 191.168.3.6 ip user only access gmail.com other website totally block how to done this?
    note: particular websites only i want to allow other website i want to deny how?
    how to done this plz help[replay] me….

  • Ashwin Sep 28, 2010 @ 12:02

    Hello,

    Can we try multiple ip’s should be exempted in blocked search, like, –

    acl no_block_port_ip src 192.168.1.5, 192.168.1.6, 192.168.1.4
    http_access deny block_port !no_block_port_ip

    Please guide me.

  • Sanjay Oct 13, 2011 @ 5:55

    Hello,

    I have a RHEL 5 Proxy server. my client on Window XP or Window Vista.
    How can I block any user MAC Address to access Internet

    Please guide me.

  • Sopha Mar 27, 2012 @ 8:16

    i want allow and block website by physical address in squid.
    how can i do ?
    but with ip4 i already done.

  • vinod Oct 3, 2015 @ 11:16

    how to access whatsApp from squid 3.1

  • M fiaz Sep 21, 2016 @ 4:15

    i want to block the port 443 on proxy server squid.

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre>, <code>...</code> and <kbd>...</kbd> for code samples.