Squid is a proxy server. It separates the internal network from the Internet for HTTP and FTP access. This way no user can access the Internet directly.
apt-get install squid
The squid configuration can be found in /etc/squid.conf
http_port 3128 icp_port 3130 htcp_port 4827 cache_mem 16 MB refresh_pattern . 0 20% 8640 hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY # snews 563 # gopher 70 # wais 210 acl www_ports 80 443 acl ftp_ports 21 acl localhost src 127.0.0.1/32 acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl CONNECT method CONNECT acl PURGE method PURGE http_access allow manager localhost http_access deny manager http_access allow PURGE localhost http_access deny PURGE
acl executables url_regex [.]exe$ http_access deny executables authenticate_program /usr/lib/squid/smb_auth -W DOMEIN -U SERVER acl network proxy_auth REQUIRED http_access allow users network cache_peer proxy1.kpn.net parent 3128 7 no-query default
acl wwwusers src 192.168.1.0/24 http_access allow wwwusers www_ports
ftp_user Squid@domain.com ftp_passive off acl ftpusers src 192.168.1.0/24 http_access allow ftpusers ftp_ports
never_direct allow all always_direct deny all http_access deny all icp_access allow all miss_access allow all