11 April 2008

Meta-squidGuard

Found a unique use for squidGuard. Dynamic squidGuard?

Site management requires everything not-work-related to be blocked. A universal blockage, however, interferes with work-related activities. So what we’re doing is getting the Guard to redirect failures to a page with lists the blocked domain & asks the user if they want to enable it.

The enabled domains get dumped into a database with the user ID & a timestamp, then added to the squidGuard conf file & squid kicked. Periodically, administrative staff review the enablements, & bin the ones they don’t like.

The binned ones get remembered so future attempts to enable them are refused, & staff who are frivolously enabling stuff (like facebook, webmailers, ebay, youtube, photobucket etc) are told off.

The Guard’s filtering rules are a bit more flexible than squid’s native stuff, plus it does the redirection itself.

No comments: