Difference between revisions of "Squid as ad blocker"
From LinuxMCE
m |
m |
||
(5 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | This ad blocking is using [http://pgl.yoyo.org/adservers/] blocking lists. | + | This ad blocking is using [http://pgl.yoyo.org/adservers/ http://pgl.yoyo.org/adservers/] blocking lists. |
Install Squid as laid out in [[How to setup secure outbound web access]] | Install Squid as laid out in [[How to setup secure outbound web access]] | ||
− | Find the following line: # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS | + | Find the following line: # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS using: |
+ | nano /etc/squid/squid.conf | ||
Add these two lines below: | Add these two lines below: | ||
acl ads dstdom_regex -i "/etc/squid/squid.adservers.regex" | acl ads dstdom_regex -i "/etc/squid/squid.adservers.regex" | ||
Line 73: | Line 74: | ||
Make it executable: | Make it executable: | ||
chmod 755 /etc/cron.daily/getadblock.sh | chmod 755 /etc/cron.daily/getadblock.sh | ||
+ | |||
+ | To add auto configure (i.e. no config needed in your browser to make this work): | ||
+ | Add a PAC auto config file to the Apache directory: | ||
+ | |||
+ | nano /var/www/wpad.pac | ||
+ | function FindProxyForURL(url, host) | ||
+ | { | ||
+ | return "PROXY 192.168.80.1:3128 ; DIRECT"; | ||
+ | } | ||
+ | |||
+ | Add PAC function to the DHCP daemon: | ||
+ | |||
+ | sudo nano /etc/dhcp3/dhcpd.conf | ||
+ | add these lines after "option subnet-mask 255.255.255.0;" | ||
+ | |||
+ | option wpad code 252 = text; | ||
+ | option wpad "http://192.168.80.1/wpad.pac"; | ||
+ | |||
+ | class "MSFT" { | ||
+ | match if substring(option vendor-class-identifier, 0, 4) = "MSFT"; | ||
+ | option dhcp-parameter-request-list = | ||
+ | concat(option dhcp-parameter-request-list, fc); | ||
+ | } | ||
+ | |||
+ | Restart the DHCP daemon | ||
+ | |||
+ | sudo restart dhcp-server |
Latest revision as of 16:44, 23 December 2011
This ad blocking is using http://pgl.yoyo.org/adservers/ blocking lists.
Install Squid as laid out in How to setup secure outbound web access
Find the following line: # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS using:
nano /etc/squid/squid.conf
Add these two lines below:
acl ads dstdom_regex -i "/etc/squid/squid.adservers.regex" http_access deny ads
Create a script file, e.g. nano /etc/cron.daily/getadblock.sh
#!/bin/sh ### short script that downloads a list of ad servers for use with squid to block ads. ### ### details on configuring squid itself can be found here: ### ### http://pgl.yoyo.org/adservers/#withsquid ### ### - originally by Stephen Patterson <steve@lexx.uklinux.net> ### - butchered by Peter Lowe <pgl@yoyo.org> ### - LMCE 10.04 adjustments by Joakim Lindbom ## set things # URL of the ad server list to download listurl='http://pgl.yoyo.org/adservers/serverlist.php?hostformat=squid-dstdom-regex;showintro=0&mimetype=plaintext' # location of the list of ad servers used by Squid targetfile='/etc/squid/squid.adservers.regex' # location of a file where hostnames not listed can be added extrasfile='/etc/squid/squid-extra.adservers' # command to reload squid - change according to your system reloadcmd='restart squid' # temp file to use tmpfile="/tmp/.adlist.$$" # command to fetch the list (alternatives commented out) fetchcmd="wget -q $listurl -O $tmpfile" # log file logfile='/var/log/pluto/ad-blocker' ## do things ## echo "$(date -R) Getting new refuse list" >> "$logfile" # get a fresh list of ad server addresses for squid to refuse $fetchcmd # add the extras [ -f "$extrasfile" ] && cat $extrasfile >> $tmpfile # check the temp file exists OK before overwriting the existing list if [ ! -s $tmpfile ] then echo "$(date -R) temp file '$tmpfile' either doesn't exist or is empty; quitting" >> "$logfile" exit fi cp $tmpfile $targetfile # clean up rm $tmpfile # restart Squid $reloadcmd
Make it executable:
chmod 755 /etc/cron.daily/getadblock.sh
To add auto configure (i.e. no config needed in your browser to make this work): Add a PAC auto config file to the Apache directory:
nano /var/www/wpad.pac
function FindProxyForURL(url, host) { return "PROXY 192.168.80.1:3128 ; DIRECT"; }
Add PAC function to the DHCP daemon:
sudo nano /etc/dhcp3/dhcpd.conf
add these lines after "option subnet-mask 255.255.255.0;"
option wpad code 252 = text; option wpad "http://192.168.80.1/wpad.pac"; class "MSFT" { match if substring(option vendor-class-identifier, 0, 4) = "MSFT"; option dhcp-parameter-request-list = concat(option dhcp-parameter-request-list, fc); }
Restart the DHCP daemon
sudo restart dhcp-server