Often, my home network projects come from things I’m currently involved with at work, or plan to be involved with soon. It’s been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network – even when the service is for some reason not responding properly. I’m also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like block about.com and a host of banner ad servers.

I’m using squid as a proxy server – and it’s just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you’ll need – it’s a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I’ll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the DHCPOFFER packets, and clean up my failover code, so if squid isn’t running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named tank:

`Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network – even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like blockabout.com` and a host of banner ad servers.

I’m using squid as a proxy server – and it’s just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you’ll need – it’s a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I’ll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the DHCPOFFER packets, and clean up my failover code, so if squid isn’t running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named tank:

``

This creates the filesystems you need, with compression enabled where it counts. I’m getting 5.1:1 on the logs, and 1.2:1 on the cache itself. No point wasting disk space, right? In the squid.conf file, find the cache_dir, access_log, cache_log and cache_store_log directives, and modify them as follows:

``Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network – even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like blockabout.com` and a host of banner ad servers.

I’m using squid as a proxy server – and it’s just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you’ll need – it’s a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I’ll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the DHCPOFFER packets, and clean up my failover code, so if squid isn’t running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named tank:

`Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network – even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like blockabout.com` and a host of banner ad servers.

I’m using squid as a proxy server – and it’s just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you’ll need – it’s a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I’ll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the DHCPOFFER packets, and clean up my failover code, so if squid isn’t running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named tank:

``

This creates the filesystems you need, with compression enabled where it counts. I’m getting 5.1:1 on the logs, and 1.2:1 on the cache itself. No point wasting disk space, right? In the squid.conf file, find the cache_dir, access_log, cache_log and cache_store_log directives, and modify them as follows:

This sets up a cache of 16 GB, and puts all logs into the compressed filesystem. I borrowed heavily from <a href="http://mkeadle.org/?p=14" target="_blank">this post</a> on <a href="http://mkeadle.org/" target="_blank">mkeadle.org</a> for the following ACL information. First, create the text files `/tank/squid/conf/banner-ads.acl` and `/tank/squid/conf/denied-domains.acl`. For my setup, `denied-domains.acl` only has the single entry:
  
````Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network &#8211; even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like block `about.com` and a host of banner ad servers.

I'm using squid as a proxy server &#8211; and it's just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you'll need &#8211; it's a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I'll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the **DHCPOFFER** packets, and clean up my failover code, so if squid isn't running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named `tank`:

``Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network &#8211; even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like block `about.com` and a host of banner ad servers.

I'm using squid as a proxy server &#8211; and it's just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you'll need &#8211; it's a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I'll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the **DHCPOFFER** packets, and clean up my failover code, so if squid isn't running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named `tank`:

`` 

This creates the filesystems you need, with compression enabled where it counts. I'm getting 5.1:1 on the logs, and 1.2:1 on the cache itself. No point wasting disk space, right? In the `squid.conf` file, find the `cache_dir`, `access_log`, `cache_log` and `cache_store_log` directives, and modify them as follows:

```Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network &#8211; even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like block `about.com` and a host of banner ad servers.

I'm using squid as a proxy server &#8211; and it's just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you'll need &#8211; it's a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I'll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the **DHCPOFFER** packets, and clean up my failover code, so if squid isn't running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named `tank`:

``Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network &#8211; even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like block `about.com` and a host of banner ad servers.

I'm using squid as a proxy server &#8211; and it's just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you'll need &#8211; it's a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I'll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the **DHCPOFFER** packets, and clean up my failover code, so if squid isn't running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named `tank`:

`` 

This creates the filesystems you need, with compression enabled where it counts. I'm getting 5.1:1 on the logs, and 1.2:1 on the cache itself. No point wasting disk space, right? In the `squid.conf` file, find the `cache_dir`, `access_log`, `cache_log` and `cache_store_log` directives, and modify them as follows:

This sets up a cache of 16 GB, and puts all logs into the compressed filesystem. I borrowed heavily from this post on mkeadle.org for the following ACL information. First, create the text files /tank/squid/conf/banner-ads.acl and /tank/squid/conf/denied-domains.acl. For my setup, denied-domains.acl only has the single entry:

The file `banner-ads.acl` has the contents of [this file][1], excerpted below:
  
`````Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network – even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like block `about.com` and a host of banner ad servers.

I'm using squid as a proxy server – and it's just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you'll need – it's a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I'll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the **DHCPOFFER** packets, and clean up my failover code, so if squid isn't running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named `tank`:

``Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network – even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like block `about.com` and a host of banner ad servers.

I'm using squid as a proxy server – and it's just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you'll need – it's a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I'll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the **DHCPOFFER** packets, and clean up my failover code, so if squid isn't running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named `tank`:

`` 

This creates the filesystems you need, with compression enabled where it counts. I'm getting 5.1:1 on the logs, and 1.2:1 on the cache itself. No point wasting disk space, right? In the `squid.conf` file, find the `cache_dir`, `access_log`, `cache_log` and `cache_store_log` directives, and modify them as follows:

```Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network – even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like block `about.com` and a host of banner ad servers.

I'm using squid as a proxy server – and it's just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you'll need – it's a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I'll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the **DHCPOFFER** packets, and clean up my failover code, so if squid isn't running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named `tank`:

``Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network – even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like block `about.com` and a host of banner ad servers.

I'm using squid as a proxy server – and it's just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you'll need – it's a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I'll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the **DHCPOFFER** packets, and clean up my failover code, so if squid isn't running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named `tank`:

`` 

This creates the filesystems you need, with compression enabled where it counts. I'm getting 5.1:1 on the logs, and 1.2:1 on the cache itself. No point wasting disk space, right? In the `squid.conf` file, find the `cache_dir`, `access_log`, `cache_log` and `cache_store_log` directives, and modify them as follows:

``` 

This sets up a cache of 16 GB, and puts all logs into the compressed filesystem. I borrowed heavily from <a href="http://mkeadle.org/?p=14" target="_blank">this post</a> on <a href="http://mkeadle.org/" target="_blank">mkeadle.org</a> for the following ACL information. First, create the text files `/tank/squid/conf/banner-ads.acl` and `/tank/squid/conf/denied-domains.acl`. For my setup, `denied-domains.acl` only has the single entry:
  
````Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network &#8211; even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like block `about.com` and a host of banner ad servers.

I'm using squid as a proxy server &#8211; and it's just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you'll need &#8211; it's a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I'll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the **DHCPOFFER** packets, and clean up my failover code, so if squid isn't running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named `tank`:

``Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network &#8211; even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like block `about.com` and a host of banner ad servers.

I'm using squid as a proxy server &#8211; and it's just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you'll need &#8211; it's a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I'll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the **DHCPOFFER** packets, and clean up my failover code, so if squid isn't running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named `tank`:

`` 

This creates the filesystems you need, with compression enabled where it counts. I'm getting 5.1:1 on the logs, and 1.2:1 on the cache itself. No point wasting disk space, right? In the `squid.conf` file, find the `cache_dir`, `access_log`, `cache_log` and `cache_store_log` directives, and modify them as follows:

```Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network &#8211; even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like block `about.com` and a host of banner ad servers.

I'm using squid as a proxy server &#8211; and it's just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you'll need &#8211; it's a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I'll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the **DHCPOFFER** packets, and clean up my failover code, so if squid isn't running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named `tank`:

``Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network &#8211; even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like block `about.com` and a host of banner ad servers.

I'm using squid as a proxy server &#8211; and it's just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you'll need &#8211; it's a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I'll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the **DHCPOFFER** packets, and clean up my failover code, so if squid isn't running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named `tank`:

`` 

This creates the filesystems you need, with compression enabled where it counts. I'm getting 5.1:1 on the logs, and 1.2:1 on the cache itself. No point wasting disk space, right? In the `squid.conf` file, find the `cache_dir`, `access_log`, `cache_log` and `cache_store_log` directives, and modify them as follows:

``` 

This sets up a cache of 16 GB, and puts all logs into the compressed filesystem. I borrowed heavily from <a href="http://mkeadle.org/?p=14" target="_blank">this post</a> on <a href="http://mkeadle.org/" target="_blank">mkeadle.org</a> for the following ACL information. First, create the text files `/tank/squid/conf/banner-ads.acl` and `/tank/squid/conf/denied-domains.acl`. For my setup, `denied-domains.acl` only has the single entry:
  

The file banner-ads.acl has the contents of this file, excerpted below:

The last bit of config is to apply the contents of these files to acl rules, and generate an error for the user:
  
``````Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network – even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like block `about.com` and a host of banner ad servers.

I'm using squid as a proxy server – and it's just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you'll need – it's a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I'll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the **DHCPOFFER** packets, and clean up my failover code, so if squid isn't running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named `tank`:

``Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network – even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like block `about.com` and a host of banner ad servers.

I'm using squid as a proxy server – and it's just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you'll need – it's a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I'll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the **DHCPOFFER** packets, and clean up my failover code, so if squid isn't running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named `tank`:

`` 

This creates the filesystems you need, with compression enabled where it counts. I'm getting 5.1:1 on the logs, and 1.2:1 on the cache itself. No point wasting disk space, right? In the `squid.conf` file, find the `cache_dir`, `access_log`, `cache_log` and `cache_store_log` directives, and modify them as follows:

```Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network – even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like block `about.com` and a host of banner ad servers.

I'm using squid as a proxy server – and it's just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you'll need – it's a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I'll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the **DHCPOFFER** packets, and clean up my failover code, so if squid isn't running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named `tank`:

``Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network – even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like block `about.com` and a host of banner ad servers.

I'm using squid as a proxy server – and it's just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you'll need – it's a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I'll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the **DHCPOFFER** packets, and clean up my failover code, so if squid isn't running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named `tank`:

`` 

This creates the filesystems you need, with compression enabled where it counts. I'm getting 5.1:1 on the logs, and 1.2:1 on the cache itself. No point wasting disk space, right? In the `squid.conf` file, find the `cache_dir`, `access_log`, `cache_log` and `cache_store_log` directives, and modify them as follows:

``` 

This sets up a cache of 16 GB, and puts all logs into the compressed filesystem. I borrowed heavily from <a href="http://mkeadle.org/?p=14" target="_blank">this post</a> on <a href="http://mkeadle.org/" target="_blank">mkeadle.org</a> for the following ACL information. First, create the text files `/tank/squid/conf/banner-ads.acl` and `/tank/squid/conf/denied-domains.acl`. For my setup, `denied-domains.acl` only has the single entry:
  
````Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network &#8211; even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like block `about.com` and a host of banner ad servers.

I'm using squid as a proxy server &#8211; and it's just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you'll need &#8211; it's a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I'll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the **DHCPOFFER** packets, and clean up my failover code, so if squid isn't running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named `tank`:

``Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network &#8211; even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like block `about.com` and a host of banner ad servers.

I'm using squid as a proxy server &#8211; and it's just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you'll need &#8211; it's a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I'll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the **DHCPOFFER** packets, and clean up my failover code, so if squid isn't running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named `tank`:

`` 

This creates the filesystems you need, with compression enabled where it counts. I'm getting 5.1:1 on the logs, and 1.2:1 on the cache itself. No point wasting disk space, right? In the `squid.conf` file, find the `cache_dir`, `access_log`, `cache_log` and `cache_store_log` directives, and modify them as follows:

```Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network &#8211; even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like block `about.com` and a host of banner ad servers.

I'm using squid as a proxy server &#8211; and it's just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you'll need &#8211; it's a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I'll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the **DHCPOFFER** packets, and clean up my failover code, so if squid isn't running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named `tank`:

``Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network &#8211; even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like block `about.com` and a host of banner ad servers.

I'm using squid as a proxy server &#8211; and it's just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you'll need &#8211; it's a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I'll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the **DHCPOFFER** packets, and clean up my failover code, so if squid isn't running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named `tank`:

`` 

This creates the filesystems you need, with compression enabled where it counts. I'm getting 5.1:1 on the logs, and 1.2:1 on the cache itself. No point wasting disk space, right? In the `squid.conf` file, find the `cache_dir`, `access_log`, `cache_log` and `cache_store_log` directives, and modify them as follows:

``` 

This sets up a cache of 16 GB, and puts all logs into the compressed filesystem. I borrowed heavily from <a href="http://mkeadle.org/?p=14" target="_blank">this post</a> on <a href="http://mkeadle.org/" target="_blank">mkeadle.org</a> for the following ACL information. First, create the text files `/tank/squid/conf/banner-ads.acl` and `/tank/squid/conf/denied-domains.acl`. For my setup, `denied-domains.acl` only has the single entry:
  
```` 

The file `banner-ads.acl` has the contents of [this file][1], excerpted below:
  
`````Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network &#8211; even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like block `about.com` and a host of banner ad servers.

I'm using squid as a proxy server &#8211; and it's just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you'll need &#8211; it's a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I'll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the **DHCPOFFER** packets, and clean up my failover code, so if squid isn't running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named `tank`:

``Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network &#8211; even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like block `about.com` and a host of banner ad servers.

I'm using squid as a proxy server &#8211; and it's just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you'll need &#8211; it's a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I'll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the **DHCPOFFER** packets, and clean up my failover code, so if squid isn't running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named `tank`:

`` 

This creates the filesystems you need, with compression enabled where it counts. I'm getting 5.1:1 on the logs, and 1.2:1 on the cache itself. No point wasting disk space, right? In the `squid.conf` file, find the `cache_dir`, `access_log`, `cache_log` and `cache_store_log` directives, and modify them as follows:

```Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network &#8211; even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like block `about.com` and a host of banner ad servers.

I'm using squid as a proxy server &#8211; and it's just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you'll need &#8211; it's a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I'll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the **DHCPOFFER** packets, and clean up my failover code, so if squid isn't running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named `tank`:

``Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network &#8211; even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like block `about.com` and a host of banner ad servers.

I'm using squid as a proxy server &#8211; and it's just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you'll need &#8211; it's a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I'll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the **DHCPOFFER** packets, and clean up my failover code, so if squid isn't running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named `tank`:

`` 

This creates the filesystems you need, with compression enabled where it counts. I'm getting 5.1:1 on the logs, and 1.2:1 on the cache itself. No point wasting disk space, right? In the `squid.conf` file, find the `cache_dir`, `access_log`, `cache_log` and `cache_store_log` directives, and modify them as follows:

``` 

This sets up a cache of 16 GB, and puts all logs into the compressed filesystem. I borrowed heavily from <a href="http://mkeadle.org/?p=14" target="_blank">this post</a> on <a href="http://mkeadle.org/" target="_blank">mkeadle.org</a> for the following ACL information. First, create the text files `/tank/squid/conf/banner-ads.acl` and `/tank/squid/conf/denied-domains.acl`. For my setup, `denied-domains.acl` only has the single entry:
  
````Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network &#8211; even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like block `about.com` and a host of banner ad servers.

I'm using squid as a proxy server &#8211; and it's just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you'll need &#8211; it's a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I'll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the **DHCPOFFER** packets, and clean up my failover code, so if squid isn't running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named `tank`:

``Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network &#8211; even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like block `about.com` and a host of banner ad servers.

I'm using squid as a proxy server &#8211; and it's just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you'll need &#8211; it's a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I'll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the **DHCPOFFER** packets, and clean up my failover code, so if squid isn't running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named `tank`:

`` 

This creates the filesystems you need, with compression enabled where it counts. I'm getting 5.1:1 on the logs, and 1.2:1 on the cache itself. No point wasting disk space, right? In the `squid.conf` file, find the `cache_dir`, `access_log`, `cache_log` and `cache_store_log` directives, and modify them as follows:

```Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network &#8211; even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like block `about.com` and a host of banner ad servers.

I'm using squid as a proxy server &#8211; and it's just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you'll need &#8211; it's a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I'll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the **DHCPOFFER** packets, and clean up my failover code, so if squid isn't running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named `tank`:

``Often, my home network projects come from things I'm currently involved with at work, or plan to be involved with soon. It's been suggested to me that once I finish the first round of the new monitoring platform I will be tasked with setting up some internal web proxy servers. I took an afternoon and figured out how to do this, and how to make it transparent on the network &#8211; even when the service is for some reason not responding properly. I'm also going to look at basic ACLs in squid, to allow and prevent specific networks and hosts from being services by the cache daemon. This will allow me to do things like block `about.com` and a host of banner ad servers.

I'm using squid as a proxy server &#8211; and it's just a few lines to setup for basic caching, and just a few more to get advertisement blocking thrown in for just a little processing time. The default squid confg file covers all the basic options you'll need &#8211; it's a matter of setting up the ACLs, creating the ZFS filesystems, and setting up the IP forwarding rules to make this a transparent proxy. I'll be covering the transparent proxy settings once I get the posts finished about running your own DHCP server, which allow you to put your own router address and DHCP options into the **DHCPOFFER** packets, and clean up my failover code, so if squid isn't running, users of the network can still get out to the web.

First, the ZFS configuration, assuming a pool named `tank`:

`` 

This creates the filesystems you need, with compression enabled where it counts. I'm getting 5.1:1 on the logs, and 1.2:1 on the cache itself. No point wasting disk space, right? In the `squid.conf` file, find the `cache_dir`, `access_log`, `cache_log` and `cache_store_log` directives, and modify them as follows:

``` 

This sets up a cache of 16 GB, and puts all logs into the compressed filesystem. I borrowed heavily from <a href="http://mkeadle.org/?p=14" target="_blank">this post</a> on <a href="http://mkeadle.org/" target="_blank">mkeadle.org</a> for the following ACL information. First, create the text files `/tank/squid/conf/banner-ads.acl` and `/tank/squid/conf/denied-domains.acl`. For my setup, `denied-domains.acl` only has the single entry:
  
```` 

The file `banner-ads.acl` has the contents of [this file][1], excerpted below:
  

The last bit of config is to apply the contents of these files to acl rules, and generate an error for the user:

``````

You will need to repeat this process for the denied-domains.acl acl file. It’s best to keep them separate, so it’s easier to modify and debug things later.

Create the following new file, called $SQUIDROOT/squid/errors/English/NOTE_ADS_FILTERED, from one of the other error message files. The name NOTE_ADS_FILTERED must match the error given in the deny_info block above. Modify it suitably to let the user know the ad has been filtered, and you’re in business.

That pretty much wraps it up. To test, fire up squid, and point your web browser’s proxy to the squid server, port 33128. Browse around – checking to make sure that the banner ads you would usually see are replaced with the text you put into the NOTE_ADS_FILTERED file, and that you can’t get to about.com, or any other site you have decided to put into your denied-domains.acl