Squid
Darknet (onion) + i2p + hosts
Обход запрета роскомнадзора
nano /etc/squid/getblocklist.sh
#!/bin/bash# git clone https://github.com/zapret-info/z-i.git curl -s-X GET -L https://raw.githubusercontent.com/zapret-info/z-i/master/dump.csv >/etc/squid/blocklist.csv URL_LIST=`cat/etc/squid/blocklist.csv | csvtool -t';'col2 - |sed-e'/^[0-9\.]*$/d'-e'/^[0-9\.a-z-]*$/!d'| \ sed-e's/^.*\.\([a-z0-9\-]\{2,63\}\.[a-z0-9\-]\{2,63\}\)$/\1/'|sort|uniq2>/dev/null`; cat/dev/null >/etc/squid/blocklist.list 2>/dev/null; for URL in$URL_LIST; doecho$URL|sed-e's/\./\\\./g'-e's/^/^http(s)?:\\\/\\\/([a-zA-Z0-9]+\\.)?/g'-e's/$/.*$/g'>>/etc/squid/blocklist.list 2>/dev/null; done; /usr/sbin/squid -k reconfigure
cron
crontab -e
12***/bin/bash/etc/squid/getblocklist.sh
squid.conf
nano /etc/squid/squid.conf
acl localnet src 192.168.0.0/16 acl russia_block_urls url_regex "/etc/squid/blocklist.list" acl i2p_urls url_regex -i .*://.*\.i2p\/.* acl onion_urls url_regex -i .*://.*\.onion\/.* cache_peer 127.0.0.1 parent 44444444 no-digest allow-miss no-query cache_peer_access 127.0.0.1 allow i2p_urls cache_peer 192.168.1.131 parent 81188118 no-digest allow-miss no-query cache_peer_access 192.168.1.131 allow onion_urls cache_peer_access 192.168.1.131 allow russia_block_urls never_direct allow onion_urls never_direct allow i2p_urls never_direct allow russia_block_urls never_direct deny localnet always_direct deny onion_urls always_direct deny i2p_urls always_direct deny russia_block_urls always_direct allow localnet http_access allow localnet hosts_file /etc/squid/hosts acl SSL_ports port 443 acl Safe_ports port 80# http acl Safe_ports port 21# ftp acl Safe_ports port 443# https acl Safe_ports port 70# gopher acl Safe_ports port 210# wais acl Safe_ports port 1025-65535# unregistered ports acl Safe_ports port 280# http-mgmt acl Safe_ports port 488# gss-http acl Safe_ports port 591# filemaker acl Safe_ports port 777# multiling http acl CONNECT method CONNECT http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost manager http_access deny manager http_access allow localhost http_access deny all http_port 3128 coredump_dir /var/spool/squid refresh_pattern ^ftp: 144020%10080 refresh_pattern ^gopher: 14400%1440 refresh_pattern -i(/cgi-bin/|\?)00%0 refresh_pattern . 020%4320
Удаление комментариев
$ cat/etc/squid/squid.conf |grep"^[^#;]"
Перенаправление на другой сайт
acl redirect url_regex czx.to http_access deny redirect deny_info http://video.czx.to redirect