squidguard

configure SquidGuard URL redirector

Project URL RSS Feed Report issues

Module Stats

2,027 downloads

2,027 latest version

5.0 quality score

Version information

released Jul 25th 2020

This version is compatible with:

Puppet Enterprise 2018.1.x, 2017.3.x, 2017.2.x, 2017.1.x, 2016.5.x, 2016.4.x
Puppet >= 4.6.1 < 6.0.0
Debian, Ubuntu

Start using this module

Installation method

Add this module to your Puppetfile:

mod 'sourcedoctor-squidguard', '0.3.0'

Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add sourcedoctor-squidguard

Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install sourcedoctor-squidguard --version 0.3.0

Tags: web, cache, http, squid, squidguard

Documentation

sourcedoctor/squidguard — version 0.3.0 Jul 25th 2020

Puppet module for SquidGuard

Description

Puppet module for configuring squidGuard URL Rewrite.

Supported distributions

Debian
Ubuntu

Dependencies

Squid Proxy Cache

To get all Features and rules check SquidGuard Homepage

Extended Settings

Usage

The set up a simple squidguard configuration with pass through all requests

class { 'squidguard': }
squidguard::acl { 'default':
  ruleset => ['pass all'],
}

would result in squidguard.conf

acl {
    default {
        pass all
    }
}

Define a Source Rule squidguard::src

squidguard::src { 'grownups':
   ip     => ['1.2.3.4/24',
              '2.3.4.10-2.3.4.100'],
   domain => ['example.org',
              'example.com'],
   user   => ['user1', 'user2', 'user3'],
}

would result in squidguard.conf

src grownups {
    ip     1.2.3.4/24
    ip     2.3.4.10-2.3.4.100
    domain example.org
    domain example.com
    user   user1 user2 user3
}

Define a Destination Rule squidguard::dest

squidguard::dest { 'blocked':
   domainlist => ['blocked/domains',
                  'otherblocked/domains'],
   urllist    => ['blocked/urllist',
                 'customblocked/urls'],
}

would result in squidguard.conf

dest blocked {
    domainlist blocked/domains
    domainlist otherblocked/domains
    urllist    blocked/urllist
    urllist    customblocked/urls
}

Define a Time Rule squidguard::time

squidguard::time { 'leisure-time':
    weekly => ['* 00:00-08:00 17:00-24:00   # night and evening',
               'fridays 16:00-17:00     # weekend'],
    date   => ['*.01.01             # New Year's Day',
               '*.05.01             # Labour Day',
               '*.05.17             # National Day',
               '*.12.24 12:00-24:00     # Christmas Eve',
               '*.12.25             # Christmas Day',
               '*.12.26             # Boxing Day',
               '1999.03.31 12:00.24:00      # Ash Wednesday',
               '1999.04.01-1999.04.05       # Easter',
               '2000.04.19 12:00.24:00      # Ash Wednesday y2000',
               '2000.04.20-2000.04.24       # Easter y2000'],
}

would result in squidguard.conf

time leisure-time {
    weekly * 00:00-08:00 17:00-24:00    # night and evening
    weekly fridays 16:00-17:00      # weekend
    date    *.01.01             # New Year's Day
    date    *.05.01             # Labour Day
    date    *.05.17             # National Day
    date    *.12.24 12:00-24:00     # Christmas Eve
    date    *.12.25             # Christmas Day
    date    *.12.26             # Boxing Day
    date    1999.03.31 12:00.24:00      # Ash Wednesday
    date    1999.04.01-1999.04.05       # Easter
    date    2000.04.19 12:00.24:00      # Ash Wednesday y2000
    date    2000.04.20-2000.04.24       # Easter y2000
}

Define a more complex acl Rule squidguard::acl

squidguard::acl { 'grownups within leisure-time':
    ruleset => ['pass all               # don't censor peoples leisure-time'],
}
squidguard::acl { 'else':
    ruleset => ['pass !in-addr !porn all        # restrict access during business hours'],
}
squidguard::acl { 'kids':
    ruleset => ['pass !porn all         # protect the kids 24h anyway'],
}
squidguard::acl {'default':
    ruleset => ['pass none              # reject unknown clients',
                'redirect http://info.foo.bar/cgi/blocked?clientaddr=%a&clientname=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u'],
}

would result in squidguard.conf

acl {
    grownups within leisure-time {
        pass all                # don't censor peoples leisure-time
    }
    else {
        pass !in-addr !porn all     # restrict access during business hours
    }

    kids {
        pass !porn all          # protect the kids 24h anyway
    }

    default {
        pass none               # reject unknown clients
        redirect http://info.foo.bar/cgi/blocked?clientaddr=%a&clientname=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u
    }
}

MIT License

Copyright (c) 2018 SourceDoctor

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.