Block adverts and speed up internet access with a proxy server

The days of speeding up internet access using a caching proxy server are pretty much over. The idea of caching is theoritically sound, but the majority of your proxy log is generally just "TCP_MISS", dynamic content having taken over the internet. All however is not lost, using access control lists with a proxy server you can improve the speed of web browsing along with the overall experience by blocking ads. The defacto open source caching proxy is squid. Squid being one of those amazing open source projects that is used in huge environments but can just as easily be used in a home or office network to great effect. To make full use of the web caching, you would need a mini beast of a server with fast disk and plenty of RAM, as we are only intested in the ACL capabalities we can use a Raspberry Pi or something with equalivant amount of computing power. If you do use a Raspberry Pi it is worth noting that the ethernet shares a bus with the USB port.

Install the required packages

This guide is based on Debian, should work equally well on Ubunutu and need a few tweaks for a Red Hat based distro.

root@debian:~# apt-get install squid squidguard apache2

Configure Squid

First setup squid to work as a standard http proxy.

root@debian:~# vim /etc/squid/squid.conf

Change the port to from the standard 3128 to the almost universal accept and way easier to remember 8080

http_port 8080 acl 

Make sure the localnet matches your network environment.

localnet src

Finally uncomment the http_access to allow your localnet.

http_access allow localnet

Test Squid Proxy

Go ahead and restart squid so your changes are picked up.

root@debian:~# service squid restart
[ ok ] Restarting Squid HTTP proxy: squid.

Point your broswer at the proxy and try to load a page. If you don't know how to configure your browser jump to "". Then check the squid logfile to ensure it is working. You should see see the requests your browser just made.

root@debian:~# tail -f /var/log/squid/access.log 
1375166754.558 106 TCP_MISS/302 1285 GET - DIRECT/ text/html 
1375166754.843 203 TCP_MISS/302 1230 GET - DIRECT/ text/html 
1375166756.050 123 TCP_MISS/200 724 POST - DIRECT/ application/octet-stream

Configure SquidGuard

Open up the squid configuration file again.

vim /etc/squid/squid.conf

Add this line at the bottom of the file.

redirect_program /usr/bin/squidGuard -c /etc/squidguard/squidGuard.conf
The best blacklist database I have found is from Shalla Secure Services (free for private usage and partly for commercial usage -> license Edit the squidGuard configuration file. 
root@debian:/etc/squidguard# cd /etc/squidguard/ root@debian:/etc/squidguard# cp squidGuard.conf squidGuard.conf-backup root@debian:/etc/squidguard# > squidGuard.conf root@debian:/etc/squidguard# vi squidGuard.conf

Add the following as a base, tweak it to match what you would like to block. For more details of the categories LINK.

root@debian:/etc/squidguard# wget
root@debian:/etc/squidguard# tar xvzf shallalist.tar.gz 
root@debian:/etc/squidguard# rm -rf shallalist.tar.gz
root@debian:/etc/squidguard# squidGuard -C all -d
root@debian:/etc/squidguard# chown -R proxy:proxy BL/

When an advert has been blocked I like to see a message to remind me that my proxy is blocking content. You should just as easily point it to a transparent .png or cute kitten picture.

root@debian:~# echo 'ZaPpEd!' > /var/www/blocked.html

Finally restart squid for the new squidGuard options to take effect.

root@debian:/etc/squidguard# service squid restart

Setup your browser to use the proxy