Squid Proxy by default enabled content filtering and download restriction using native ACL types by adding ACL in squid.conf configuration file. The content filtering and download restriction can be achieved.
Squid is freely available within OS packages bundle, alternatively you can install using yum repository which covered in steps involved to configure ACL.
Following steps shall guide you ” how to configure squid to file download restriction”
Step : 1 Install squid using yum repository as explained in below command, if already installed you can skip this step.
#yum install squid
Step : 2 Go to insert you own rules section in squid.conf configuration file and add line indicated below.
#Below lines used to block file type using extension, we used separate ACL file to define file types in order to block them
acl blockfiles urlpath_regex “/etc/squid/block.files.acl”
htpp_access deny blockfiles
http_access allow mylan
http_access deny blockfiles
http_access allow my lan
Save and exit (:wq!)
Step : 3 Add fallowing entries by creating a file in /etc/squid/ , use the file name as specified in squid.conf
Save and exit(:wq!)
[Ee][Xx][Ee]$ :- “.exe or .EXE file extension”
[Aa][Vv][Ii}$ :- “.avi or .AVI file extension”
[Zz][Ii][Pp]$ :- “.zip or .ZIP file extension”
[Tt][Aa][Rr]$ :- “.tar or .TAR file extension”
\. is used for file extension part .
Step : 4 Restart or reload squid configuration file or service.
#service squid restart
“This will do restart which will perform stop than starts. The impact, connect users will be disconnected.”
#squid -k reconfigure
“This will reload configuration files, doesn’t stop or restart. This has no impact on connected users.”
Finally you can check by downloading a file .zip or .exe file from internet browser from any of the client machine reachable to proxy server.
Result : Immediately it should through an error.