# Configure locations for the rest of squidGuard's files
dbhome /var/squidGuard
logdir /var/log/squid

# Time aliases
# s = sun, m = mon, t =tue, w = wed, h = thu, f = fri, a = sat

# Hours during the work day
time workhours {
  weekly mtwhf 08:00 - 12:00
  weekly mtwhf 13:00 - 16:30
}

# Source ACLs
src localnets {
  ip 155.42.89.0/24
}

# Destination whitelists (overrides)
dest whitelists_custom {
  domainlist  whitelists/custom/domains
  urllist   whitelists/custom/urls
}

# Destination blacklists - Descriptions from shallalist.de

# All about advertising: This includes sites offering banners and banner
# creation as well as sites delivering banners to be shown in webpages.
# Advertising companies are listed, too.
dest adv {
  domainlist  blacklists/adv/domains
  urllist   blacklists/adv/urls
}

# Sites of obvious aggressive content. This coveres hate speech and all
# kinds of racism.
dest aggressive {
  domainlist  blacklists/aggressive/domains
  urllist   blacklists/aggressive/urls
}

# Sites of breweries, wineries and destilleries. This category also covers
# sites that explain howto make beer, wines and spirits.
dest alchohol {
  domainlist  blacklists/alcohol/domains
  urllist   blacklists/alcohol/urls
}

# This category covers sites providing vpn services to the public. The
# focus is on vpn sites used to hide the origin of the traffic like
# tor nodes. The category does not include company vpn accesses.
dest anonvpn {
  domainlist  blacklists/anonvpn/domains
  urllist   blacklists/anonvpn/urls
}

# All around motorcycles. Included are vendor sites, resellers, fan and
# hobby pages as well as and suppliers. Scooters included.
dest automobile_bikes {
  domainlist  blacklists/automobile/bikes/domains
  urllist   blacklists/automobile/bikes/urls
}

# All around motorboats. Included are vendor sites, resellers, fan and
# hobby pages as well as and suppliers. Not included are travel tips
# (this can be found in recreation/travel).
dest automobile_boats {
  domainlist  blacklists/automobile/boats/domains
  urllist   blacklists/automobile/boats/urls
}

# All around cars. Included are automobile companies and automotive
# suppliers.
dest automobile_cars {
  domainlist  blacklists/automobile/cars/domains
  urllist   blacklists/automobile/cars/urls
}

# All around planes ranging from small one and two seaters up to the
# large traffic planes, old and new, private, commercial and military.
# Vendors and supplier are included (airports are not). Helicopter
# sites are included as well.
dest automobile_planes {
  domainlist  blacklists/automobile/planes/domains
  urllist   blacklists/automobile/planes/urls
}

# Sites for realtime chatting and instant messaging. Everything that
# is not realtime is included in -> forum.
dest chat {
  domainlist  blacklists/chat/domains
  urllist   blacklists/chat/urls
}

# Sites that lure with free of charge services but then give you a
# costly abbonement (written somewhere in tiny letters nearly
# unreadable).
dest costtraps {
  domainlist  blacklists/costtraps/domains
  urllist   blacklists/costtraps/urls
}

# Sites to contact people for love and live together. He seeks her,
# she seeks him and so on.
dest dating {
  domainlist  blacklists/dating/domains
  urllist   blacklists/dating/urls
}

# This covers mostly filesharing, p2p and torrent sites. Other
# download sites (for software, wallpapers, ..) are included as well.
dest downloads {
  domainlist  blacklists/downloads/domains
  urllist   blacklists/downloads/urls
}

# Sites offering drugs or explain how to make drugs (legal and non
# legal). Covers tabacco as well as viagra and similar substances.
dest drugs {
  domainlist  blacklists/drugs/domains
  urllist   blacklists/drugs/urls
}

# All domains where people log in from one obtaining a dynmic IP
# address. Dynamic sites can be most harmless as well as carry
# redirecting proxies to bypass the webfilter or porn, games or
# anything else why may be inappropiate.
dest dynamic {
  domainlist  blacklists/dynamic/domains
  urllist   blacklists/dynamic/urls
}

# Home pages of schools, colleges and universities.
dest education {
  domainlist  blacklists/education/schools/domains
  urllist   blacklists/education/schools/urls
}

# Home page of banking companies are listed here. This is not
# restricted to online banking.
dest finance_banking {
  domainlist  blacklists/finance/banking/domains
  urllist   blacklists/finance/banking/urls
}

# Sites of insurance companies, about information about insurances
# and link collections concering this subject.
dest finance_insurance {
  domainlist  blacklists/finance/insurance/domains
  urllist   blacklists/finance/insurance/urls
}

# Sites one can apply for loans and mortgages or can obtain
# information about this business.
dest finance_moneylending {
  domainlist  blacklists/finance/moneylending/domains
  urllist   blacklists/finance/moneylending/urls
}

# Sites about all types of realestate, bying and selling homes,
# finding appartments for rent and selling.
dest finance_realestate {
  domainlist  blacklists/finance/realestate/domains
  urllist   blacklists/finance/realestate/urls
}

# Sites about the stock exchange market, trading of stocks and stock
# options as well as sites related to this subject.
dest finance_trading {
  domainlist  blacklists/finance/trading/domains
  urllist   blacklists/finance/trading/urls
}

# All financial pages that do not fit in the financial categories
# above.
dest finance_other {
  domainlist  blacklists/finance/other/domains
  urllist   blacklists/finance/other/urls
}

# All sites about astrology, horoscopes, numerology, palm reading
# and so on; sites that offer services to forsay the future.
dest fortunetelling {
  domainlist  blacklists/fortunetelling/domains
  urllist   blacklists/fortunetelling/urls
}

# Discussion sites. Covered explicit forum sites and some blogs.
# Sites where people can discuss and share information in a non
# interactive/realtime way. Realtime discussions are covered with
# chat.
dest forum {
  domainlist  blacklists/forum/domains
  urllist   blacklists/forum/urls
}

# Sites offering the possibility to win money. Poker, Casino,
# Bingo and other chance games as well as betting sites. Differs
# from -> hobby/games in the aspect of winning or loosing money
# or being lured to do so.
dest gamble {
  domainlist  blacklists/gamble/domains
  urllist   blacklists/gamble/urls
}

# Sites belonging to the goverment of a country, county or city.
dest government {
  domainlist  blacklists/government/domains
  urllist   blacklists/government/urls
}

# Sites with information and discussions about security weaknesses
# and how to exploit them. Sites offering exploits are listed as
# well as sites distributing programs that help to find security
# leaks.
dest hacking {
  domainlist  blacklists/hacking/domains
  urllist   blacklists/hacking/urls
}

# Sites concering food and food preparation.
dest hobby_cooking {
  domainlist  blacklists/hobby/cooking/domains
  urllist   blacklists/hobby/cooking/urls
}

# Sites related to games. This includes descriptions, news and
# general information about games. No gamble sites.
dest hobby_games-misc {
  domainlist  blacklists/hobby/games-misc/domains
  urllist   blacklists/hobby/games-misc/urls
}

# Sites about online games (all kinds of browserbased games). The
# games are for fun only (no gamble).
dest hobby_games-online {
  domainlist  blacklists/hobby/games-online/domains
  urllist   blacklists/hobby/games-online/urls
}

# Sites about gardening, grewing plants, fighting bugs and
# everything else related to gardening.
dest hobby_gardening {
  domainlist  blacklists/hobby/gardening/domains
  urllist   blacklists/hobby/gardening/urls
}

# Sites about all topics concerning pets: description, raise,
# food, looks, fairs, favorite pet stories and so on.
dest hobby_pets {
  domainlist  blacklists/hobby/pets/domains
  urllist   blacklists/hobby/pets/urls
}

# Sites about everything required to create a cozy home (interior
# design and assesoirs).
dest homestyle {
  domainlist  blacklists/homestyle/domains
  urllist   blacklists/homestyle/urls
}

# Sites of hospitals and medical facilities.
dest hospitals {
  domainlist  blacklists/hospitals/domains
  urllist   blacklists/hospitals/urls
}

# Sites specialized on hosting images, photogalleries and so on.
dest imagehosting {
  domainlist  blacklists/imagehosting/domains
  urllist   blacklists/imagehosting/urls
}

# Home pages of Internet Service Providers. Site of companies
# offering webspace only are now being added, too.
dest isp {
  domainlist  blacklists/isp/domains
  urllist   blacklists/isp/urls
}

# Portals for job offers and job seekers as well as the career
# and work-for-us pages of companies.
dest jobsearch {
  domainlist  blacklists/jobsearch/domains
  urllist   blacklists/jobsearch/urls
}

# Online libraries and sites where you can obtain and/or read
# e-books. Book shops are not listed here but under shopping.
dest library {
  domainlist  blacklists/library/domains
  urllist   blacklists/library/urls
}

# Sites of military facilites or related to the armed forces.
dest military {
  domainlist  blacklists/military/domains
  urllist   blacklists/military/urls
}

# Model agency, model and supermodel fan pages and other model
# sites presenting model photos. No porn pictures.
dest models {
  domainlist  blacklists/models/domains
  urllist   blacklists/models/urls
}

# Sites offering cinema programs, information about movies and actors.
# Sites for downloading video clips/movies (as long it is legal) are
# included as well.
dest movies {
  domainlist  blacklists/movies/domains
  urllist   blacklists/movies/urls
}

# Sites that offer the download of music, information about music
# groups or music in general.
dest music {
  domainlist  blacklists/music/domains
  urllist   blacklists/music/urls
}

# Sites presenting news. Homepages from newspapers, magazines and
# journals as well as some blogs.
dest news {
  domainlist  blacklists/news/domains
  urllist   blacklists/news/urls
}

# Sites offering podcasts or podcast services.
dest podcasts {
  domainlist  blacklists/podcasts/domains
  urllist   blacklists/podcasts/urls
}

# Sites of political parties, political organisations and associations;
# sites with political discussions.
dest politics {
  domainlist  blacklists/politics/domains
  urllist   blacklists/politics/urls
}

# Sites about all kinds of sexual content ranging from bare bosoms to
# hardcore porn and sm.
dest porn {
  domainlist  blacklists/porn/domains
  urllist   blacklists/porn/urls
}

# Domains and urls of TV and radio stations, regardless whether they
# offer any programs on the site or just displaying a static page. The
# sites offering streams are still collected in webradio and webtv,
# respectively.
dest radiotv {
  domainlist  blacklists/radiotv/domains
  urllist   blacklists/radiotv/urls
}

# Humorous pages, comic strips, funny stories, everything which makes
# people laugh.
dest recreation_humor {
  domainlist  blacklists/recreation/humor/domains
  urllist   blacklists/recreation/humor/urls
}

# Sites dedicated to martial arts such karate, kung fu, taek won do as
# well as fighting sports sites like ufc. All site listed in this
# category are also part of sports. This category is meant for users
# who wish to allow sports but no "aggressive" kind of sports.
dest recreation_martialarts {
  domainlist  blacklists/recreation/humor/domains
  urllist   blacklists/recreation/humor/urls
}

# Sites of restaurants as well as restaurant descriptions and
# comentaries.
dest recreation_restaurants {
  domainlist  blacklists/recreation/humor/domains
  urllist   blacklists/recreation/humor/urls
}

# All about sports: sports teams, sport discussions as well as
# information about sports people and the varios sports themselves.
dest recreation_sports {
  domainlist  blacklists/recreation/humor/domains
  urllist   blacklists/recreation/humor/urls
}

# Sites with information about foreign countries, travel companies,
# travel fares, accomondations and everything else that has to do
# with travel including travel blogs.
dest recreation_travel {
  domainlist  blacklists/recreation/humor/domains
  urllist   blacklists/recreation/humor/urls
}

# Sites about treatments for feeling internally and externally healthy
# and beautiful again.
dest recreation_wellness {
  domainlist  blacklists/recreation/wellness/domains
  urllist   blacklists/recreation/wellness/urls
}

# Sites that actively help to bypass url filters by accepting urls via
# webform and play a proxing and redirecting role.
dest redirector {
  domainlist  blacklists/redirector/domains
  urllist   blacklists/redirector/urls
}

# Sites with religious content: all kind of churches, sects, religious
# interpretations and so on.
dest religion {
  domainlist  blacklists/religion/domains
  urllist   blacklists/religion/urls
}

# Sites offering the service to remotely access computers, expecially (but not
# limited to going) through firewalls. This includes using a third party
# computer. Traditional VPN is not covered.
dest remotecontrol {
  domainlist  blacklists/remotecontrol/domains
  urllist   blacklists/remotecontrol/urls
}

# Sites that offer the download of ringtones or present other informations
# about ringtones.
dest ringtones {
  domainlist  blacklists/ringtones/domains
  urllist   blacklists/ringtones/urls
}

# Sites of institutions as well as of amateurs about all topics of astronomy.
dest science_astronomy {
  domainlist  blacklists/science/astronomy/domains
  urllist   blacklists/science/astronomy/urls
}

# Sites of institutions as well as of amateurs about all topics of chemistry.
dest science_chemistry {
  domainlist  blacklists/science/chemistry/domains
  urllist   blacklists/science/chemistry/urls
}

# Collection of seach engines and directory sites.
dest searchengines {
  domainlist  blacklists/searchengines/domains
  urllist   blacklists/searchengines/urls
}

# Sites explaining the biological functions of the body concerning sexuality
# as well as sexual health; this, too, covers sites for teenagers with
# questions about firstlove, first sex, and subjects related to this topics.
# This category does not cover porn.
dest sex_education {
  domainlist  blacklists/sex/education/domains
  urllist   blacklists/sex/education/urls
}

# Sites selling and presenting sexy lingerie or lingerie in a sexy manner.
dest sex_lingerie {
  domainlist  blacklists/sex/lingerie/domains
  urllist   blacklists/sex/lingerie/urls
}

# Sites offering online shopping and price comparisons.
dest shopping {
  domainlist  blacklists/shopping/domains
  urllist   blacklists/shopping/urls
}

# Sites bringing people together (social networking) be it for friendship
# or for business.
dest socialnet {
  domainlist  blacklists/socialnet/domains
  urllist   blacklists/socialnet/urls
}

# Sites that tries to actively try to install software (or lure the user
# in doing so) in order to spy the surfig behaviour (or worse). This
# category includes trojan and phishing sites. The homecalling site
# where the collecting information is sent are listed, too.
dest spyware {
  domainlist  blacklists/spyware/domains
  urllist   blacklists/spyware/urls
}

# Site keeping an eye on where you surf and what you do in a passive. Covers
# web bugs, counters and other tracking mechanism in web pages that do not
# interfere with the local computer yet collecting information about the
# surfing person for later analysis. Sites actively spying out the surfer
# by installing software or calling home sites are not covered with tracker
# but with -> spyware.
dest trackers {
  domainlist  blacklists/tracker/domains
  urllist   blacklists/tracker/urls
}

# Kind of white list to allow necessary downloads from vendors. Thought as
# a correction to the downloads category.
dest updatesites {
  domainlist  blacklists/updatesites/domains
  urllist   blacklists/updatesites/urls
}

# Domains that can be used to shorten long URLs. The orginal (long) URL will
# be accessed after the the short URL has been requested from the shortener.
# This distinguishes this category from redirector where the orginal URL is
# never accessed directly.
dest urlshortener {
  domainlist  blacklists/urlshortener/domains
  urllist   blacklists/urlshortener/urls
}

# Sites about killing and harming people. Covers anything about brutality
# and beastiality.
dest violence {
  domainlist  blacklists/violence/domains
  urllist   blacklists/violence/urls
}

# Collection of sites offering programs to break licence keys, licence
# keys themselves, cracked software and other copyrighted material.
dest warez {
  domainlist  blacklists/warez/domains
  urllist   blacklists/warez/urls
}

# Sites offering all kinds of weapons or accessories for weapons: Firearms,
# knifes, swords, bows,... . Armory shops are included as well as sites
# holding general information about arms (manufacturing, usage).
dest weapons {
  domainlist  blacklists/weapons/domains
  urllist   blacklists/weapons/urls
}

# Sites that offer web-based email services.
dest webmail {
  domainlist  blacklists/webmail/domains
  urllist   blacklists/webmail/urls
}

# Sites that enable user to phone via Internet/WWW. Any site where users
# can voice-chat with each other (normal chat sites, where users type their
# messages are part of chat, not webphone).
dest webphone {
  domainlist  blacklists/webphone/domains
  urllist   blacklists/webphone/urls
}

# Sites that offer listening to music and radiostreams.
dest webradio {
  domainlist  blacklists/webradio/domains
  urllist   blacklists/webradio/urls
}

# Collection of site offering TV streams via world wide web.
dest webtv {
  domainlist  blacklists/webtv/domains
  urllist   blacklists/webtv/urls
}

acl {
  localnets within workhours {
    pass whitelists_custom !adv !aggressive !alchohol !anonvpn !automobile_bikes !automobile_boats !automobile_cars !automobile_planes !chat !costtraps !dating !downloads !drugs !dynamic !fortunetelling !gamble !hobby_games-misc !hobby_games-online !hobby_gardening !hobby_pets !homestyle !hospitals !in-addr !imagehosting !isp !models !movies !music !podcasts !politics !porn !radiotv !recreation_humor !recreation_martialarts !recreation_restaurants !recreation_sports !recreation_travel !recreation_wellness !redirector !religion !remotecontrol !ringtones !sex_education !sex_lingerie !socialnet !spyware !trackers !violence !warez !weapons !webphone !webtv all
    redirect http://127.0.0.1/guard/blocked.php?clientaddr=%a&clientdomain=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u&uri=%p
  } else {
    pass whitelists_custom !adv !costtraps !in-addr !redirector !ringtones !spyware !trackers all
    redirect http://127.0.0.1/guard/blocked.php?clientaddr=%a&clientdomain=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u&uri=%p
  }

  default {
    pass updatesites none
    redirect http://127.0.0.1/guard/blocked.php?clientaddr=%a&clientdomain=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u&uri=%p
  }
}