Found a unique use for squidGuard. Dynamic squidGuard?
Site management requires everything not-work-related to be blocked. A universal blockage, however, interferes with work-related activities. So what we’re doing is getting the Guard to redirect failures to a page with lists the blocked domain & asks the user if they want to enable it.
The enabled domains get dumped into a database with the user ID & a timestamp, then added to the squidGuard conf file & squid kicked. Periodically, administrative staff review the enablements, & bin the ones they don’t like.
The binned ones get remembered so future attempts to enable them are refused, & staff who are frivolously enabling stuff (like facebook, webmailers, ebay, youtube, photobucket etc) are told off.
The Guard’s filtering rules are a bit more flexible than squid’s native stuff, plus it does the redirection itself.