-
Install the Proxy Server package. Just go to Package Manager in DSM and install Proxy Server.
-
Edit squid.conf to tell it about your ad file. Ssh to the box, and edit the file
/var/packages/ProxyServer/target/squid/etc/squid.conf(viis installed by default)
You're going to add 2 lines to this file. First, under the auth_param section, you're going to add:
acl ads dstdom_regex -i "/var/packages/ProxyServer/target/squid/etc/squid.adservers"
Next, in the http_access section you're going to add:
http_access deny ads
After this was done, squid.conf looks like this (DSM 6.1.5):
#----------
include /var/packages/ProxyServer/target/squid/etc/auth_setting_syno.conf
#----------
auth_param basic children 5
auth_param basic credentialsttl 2 hours
# adblock
acl ads dstdom_regex -i "/var/packages/ProxyServer/target/squid/etc/squid.adservers"
acl Safe_ports_syno port 80 # http
acl Safe_ports_syno port 21 # ftp
acl Safe_ports_syno port 443 # https
acl Safe_ports_syno port 70 # gopher
acl Safe_ports_syno port 210 # wais
acl Safe_ports_syno port 1025-65535 # unregistered ports
acl Safe_ports_syno port 280 # http-mgmt
acl Safe_ports_syno port 488 # gss-http
acl Safe_ports_syno port 591 # filemaker
acl Safe_ports_syno port 777 # multiling http
#----------
include /var/packages/ProxyServer/target/squid/etc/acl_syno.conf
#----------
http_access deny !Safe_ports_syno
http_access allow localhost manager
http_access deny manager
http_access deny to_localhost
http_access allow localhost
http_access deny ads #ad blocking
#deny_info TCP_RESET ads #optional to send RST back
#----------
include /var/packages/ProxyServer/target/squid/etc/access_syno.conf
#----------
http_access deny all
coredump_dir /var/packages/ProxyServer/target/squid/var/logs/
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
shutdown_lifetime 0 seconds
#----------
include /var/packages/ProxyServer/target/squid/etc/general_setting_syno.conf
include /var/packages/ProxyServer/target/squid/etc/cache_setting_syno.conf
#----------
dns_multicast_local on
max_filedesc 4096
httpd_suppress_version_string on
- Create getAds.sh
Now (still in ssh) you're going to add a new file
/var/packages/ProxyServer/target/squid/etc/getAds.sh, the contents of which are below.
Here's the script that downloads an updated squid.adservers file:
#!/bin/sh
### short script that downloads a list of ad servers for use with
### squid to block ads.
###
### details on configuring squid itself can be found here:
###
### http://pgl.yoyo.org/adservers/#withsquid
###
### - originally by Stephen Patterson <steve@lexx.uklinux.net>
### - butchered by Peter Lowe <pgl@yoyo.org>
### - modified by Eric Jones <eljones7@cox.net>
### - for use with Synology ProxyServer
###
## set things
##
# URL of the ad server list to download
listurl='http://pgl.yoyo.org/adservers/serverlist.php?hostformat=squid-dstdom-regex&showintro=0&mimetype=plaintext'
# location of the list of ad servers used by Squid
targetfile='/var/packages/ProxyServer/target/squid/etc/squid.adservers'
# command to reload squid - change according to your system
reloadcmd='/var/packages/ProxyServer/target/bin/squid -k reconfigure'
# temp file to use
tmpfile="/tmp/.adlist.$$"
# command to fetch the list
fetchcmd="wget -q $listurl -O $tmpfile"
## do things
##
# get a fresh list of ad server addresses for squid to refuse
$fetchcmd
# check the temp file exists OK before overwriting the existing list
if [ ! -s $tmpfile ]
then
echo "temp file '$tmpfile' either doesn't exist or is empty; quitting"
exit
fi
# sort and filter out duplicates
sort $tmpfile > $targetfile
# clean up
rm $tmpfile
# restart Squid
$reloadcmd
Make the script runnable: sudo chmod +x getAds.sh and run it to test sudo ./getAds.sh
- Setup Task Scheduler to update weekly.
Lastly, just use the Task Scheduler (in the System section of the DSM Control Panel) to run your
/var/packages/ProxyServer/target/squid/etc/getAds.shscript once a week (as root).