The proxy service in VyOS is based on Squid 3 and some related modules.
All examples here assumes that your inside ip address is 192.168.0.1. Replace with your own where applicable.
set service webproxy listen-address 192.168.0.1
By default it will listen to port 3128. If you wan't something else you have to define that.
set service webproxy listen-address 192.168.0.1 port 2050
By default the transparent proxy on that interface is enabled. To disable that you simply
set service webproxy listen-address 192.168.0.1 disable-transparent
URL Filtering is provided by Squidguard
Blocking specific urls
set service webproxy url-filtering squidguard local-block myspace.com
If you want to you can log these blocks
set service webproxy url-filtering squidguard log local-block
Filtering by category
If you wan't to use existing blacklists you have to create/download a database first. Otherwise you will not be able to commit the config changes.
vyos@vyos# commit [ service webproxy ] Warning: no blacklists installed Unknown block-category [ads] for policy [default] service webproxy failed Commit failed
vyos@vyos$ update webproxy blacklists
To download all categories. If you wan to you can download a specific category.
vyos@vyos$ update webproxy blacklists category ads
Use tab completion to get a list of categories.
To auto update the blacklist files
set service webproxy url-filtering squidguard auto-update update-hour 23
To configure the actual blocking add the following to the configuration
set service webproxy url-filtering squidguard block-category ads set service webproxy url-filtering squidguard block-category malware
Adjusting cache size
set service webproxy cache-size Possible completions: <0-4294967295> Disk cache size in MB (default 100) 0 Disable disk caching 100