2016-01-24 19:05:59 +01:00
|
|
|
|
# py-squid-blacklists
|
|
|
|
|
Squid helper handling squidguard blacklists written in python
|
2016-02-03 21:31:33 +01:00
|
|
|
|
|
|
|
|
|
* Only supports domains blacklists actually (ie : google.com, www.google.com, api.google.com, etc.)
|
2016-02-03 21:36:14 +01:00
|
|
|
|
* All specified blacklists are loaded in RAM
|
2016-02-03 21:31:33 +01:00
|
|
|
|
* Usable as an external acl plugin of squid
|
|
|
|
|
* Written because of poor developpement on squidguard and bad support of blacklists files using squid3
|
|
|
|
|
* Tested on Debian 8 / python 2.7.9
|
2016-02-03 21:53:36 +01:00
|
|
|
|
|
|
|
|
|
## Usage
|
|
|
|
|
|
|
|
|
|
Add this configuration to squid.conf :
|
|
|
|
|
```
|
|
|
|
|
external_acl_type urlblacklist_lookup ttl=5 %URI /usr/bin/python /usr/local/blacklists/py-squid-blacklists.py
|
|
|
|
|
...
|
|
|
|
|
acl urlblacklist external urlblacklist_lookup
|
|
|
|
|
...
|
|
|
|
|
http_access deny urlblacklist
|
|
|
|
|
```
|
2016-02-03 22:00:50 +01:00
|
|
|
|
|
|
|
|
|
config.py file must be include following statements
|
|
|
|
|
```
|
|
|
|
|
blacklists_fetch = "http://dsi.ut-capitole.fr/blacklists/download/blacklists.tar.gz"
|
|
|
|
|
blacklists_dir = "/usr/local/py-squid-blacklists/blacklists/"
|
|
|
|
|
blacklists = ["adult","malware"]
|
|
|
|
|
```
|
|
|
|
|
|
2016-02-09 09:11:15 +01:00
|
|
|
|
* blacklists_fetch : squidguard-like blacklists files, this variable is not already usable
|
|
|
|
|
* blacklists_dir : path containing blacklists files
|
|
|
|
|
* blacklists : blacklists to use for filtering
|
2016-02-03 22:00:50 +01:00
|
|
|
|
|
|
|
|
|
## TODO
|
|
|
|
|
|
|
|
|
|
* Auto-fetcher using blacklists_fetch if blacklists are not already downloaded or stored on the squid machine
|
|
|
|
|
* Compatibility with python3 only
|
|
|
|
|
* Filters for regex urls
|
2016-02-12 18:38:34 +01:00
|
|
|
|
* Reduce memory footprint
|
|
|
|
|
* Code optimisation
|
2016-02-03 22:00:50 +01:00
|
|
|
|
* Tests
|
|
|
|
|
* ...
|