Exploring the SafeSquid filter proxy

Active Web Content

You can take basically two approaches to filtering specific media content: You can either investigate content based on its MIME type (see /etc/mime.types) or use content filtering by extension (e.g., .swf). To do this, click on the Mime filtering configuration category and press the Enabled button to activate this module. Confirm by pressing Submit, and define a new rule with the following values in the Deny tab:

Enabled Yes
Comment Flash
File .*swf

Instead of using File, you can use the Mime type attribute, entering the values in Listing 3, for example. Depending on which website is called in the browser after enabling the new rule, the filter now hides Flash content. Note that not all Flash content has a suffix of .swf or belongs to the MIME types shown in Listing 3.

Listing 3

MIME Types

 

Filtering by file extensions or MIME type, however, turned out to be fairly inconsistent in my daily test. Sometimes, the filter worked correctly and hid the undesirable Flash content; in other cases, it blocked the entire page. Additionally, you must create a filter for every potential Flash MIME type (or any extension) in Flash files so that the software actually hides all Flash content. However, this filter never works reliably whatever you do – in other words, this feature is no more than a gimmick.

When I inquired, the manufacturer promised to help all users with questions about filter rules and problems. Live support is staffed six days a week, and a free ticket system is also available to users of the free version, the vendor said.

Accessories

The Prefetching link in the configuration section contains a function for loading specific web pages into the SafeSquid cache before they are actually visited. You can determine in advance what content the module preloads. Once enabled, enter the web pages you want the proxy to load in advance under Prefetch queue on the main page. This helps SafeSquid serve up the page faster.

The Limits category in the configuration section gives you access to a powerful tool that lets you restrict the bandwidth for individual computers. Neat and useful: If you set the value for the Action field to Deny, you can set up automated and time-based surfing blocks for your kids.

On the other hand, if you want to define the period of use rather than blocks, you can use the example in Listing 4. If you need specific redirections, you can use the URL redirecting category to redirect website calls to other URLs.

Listing 4

Defining Limits

 

Modules and Add-On Software

SafeSquid allows lets you embed additional modules, and cooperates with several well-known open source tools. These include many useful components, such as the ability to disable chat within Gmail, or a collection of rules that automatically hide banners on web pages. The SafeSquid website offers a list of all available add-ons [4].

Integrating the extensions is quite simple: Save the required add-on as an XML file; then – in the SafeSquid web interface  – press Load Settings. Next, type the path to the XML file and check No for Overwrite. Confirm by pressing Submit. To save the settings, press Save. Instead of first saving the file locally, the software lets you copy the link to the file directly into the input box for the configuration. The settings are enabled immediately.

The SafeSquid website [5] also has a list of tools that work with SafeSquid. The most interesting tools for home users are stored in the Log Analyzers category. These tools will process the SafeSquid logfiles so that they can be read conveniently in a browser. For example, Webalizer is a well-known tool that (among other things) breaks down web usage by hits, visited websites, and the volume of traffic per day or month.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Security Lessons – Squid Filtering

    Kurt describes how to use Squid's ACLs and ICAP when you want to limit Internet access, for whatever reason.

  • Squid Bridge

    Caching proxies remember web pages and serve them up locally, saving both money and time. The most intelligent members of this family also remove dangerous content and provide transparent bridging.

  • Squid at Home

    Are your children wearing out their eyeballs on the Internet? Squid will help you impose some time limits and filter out inappropriate content.

  • Squid proxy server

    A proxy server provides safer and more efficient surfing. Although commercial proxy solutions are available, all you really need is Linux and an old PC in the attic.

  • Filter Proxy for AD

    You might want to reap the benefits of active directory’s single sign-on for your virus scanning and content filtering. If you also use Squid to handle user access to the internet, you have a front-row seat for “when worlds collide.”

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More

News