Squid content filtering: Block / download of music MP3, mpg, mpeg, exec file by extensions

For security reasons and to save bandwidth I would like to configure Squid proxy server such way that my users should not download all of the following files:

How do I configure squid content filtering?

You need to use squid ACL (access control list) to block all files by extensions.

How do I block music files using squid content filtering ACL?

First open your squid.conf file /etc/squid/squid.conf, run:
# vi /etc/squid/squid.conf
Now add the following lines to your squid ACL section:

acl blockfiles urlpath_regex -i "/etc/squid/blocks.files.acl"
You want display custom error message when a file is blocked:
# Deny all blocked extension
error_directory /usr/share/squid/errors/English
deny_info ERR_BLOCKED_FILES blockfiles
http_access deny blockfiles

Save and close the file.Create a custom error message HTML file called ERR_BLOCKED_FILES in /etc/squid/error/ directory or /usr/share/squid/errors/English directory:
# vi /usr/share/squid/errors/English/ERR_BLOCKED_FILES
Append following content:

<TITLE>ERROR: Blocked file content</TITLE>
<H1>File is blocked due to new IT policy</H1>
<p>Please contact helpdesk for more information:</p>
 <li>Phone: 555-12435 (ext 44)</li>
 <li>Email: [email protected]</li>

Now create a new file named /etc/squid/blocks.files.acl file:
# vi /etc/squid/blocks.files.acl
Append following text:

Save and close the file. Restart Squid:
# /etc/init.d/squid restart
Squid in action:

Fig.01: Squid in action

Say hello to rep_mime_type

To block Active Stream Format (Windows Media Player) and flash video format, add the following in your squid.conf:

acl media rep_mime_type x-ms-asf
acl mediapr urlpath_regex .(afx|asf)(?.*)?$

acl media rep_mime_type video/flv video/x-flv
acl mediapr urlpath_regex .flv(?.*)?$

http_access deny mediapr
http_reply_access deny media

Save and close the file. Reload squid server:
# systemctl reload squid
# squid -k reconfigure

Posted by: SXI ADMIN

The author is the creator of SXI LLC and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.