Test this in a logical, step-by-step fashion so that you can tell what is broken before adding the redirect rule…

1.) Validate that Squid and Dans are both running... If so...
2.) Try connecting the browser (via explicit proxy settings) to squid and make sure you can get out... If so...
3.) Try connecting the browser (via explicit proxy settings) to dans and make sure you can get out... If so...
4.) Add the redirect rule and delete your browser proxy settings.

So, I disabled HAVP and everything works perfectly. I had to reboot the pfSense system after I did because I was getting bandwidth errors. Is there a way that I can just install a virus scanner on the box? I'm using Squid 2.7.9 pkg v.4.3.3

@doktornotor:

@bryan.paradis:

https://redmine.pfsense.org/projects/pfsense/repository/revisions/9399370b367df7b73b84d605f4f44599c93b0bbe/diff

https://redmine.pfsense.org/issues/3015

That fix clearly did not work (presumably due to the fact is is failing to check anything but the first and second DNS entries in System - General Setup.)

It is related to the same problem but it is a fix for DNS zones. I have updated your bug report with the related information.

Thanks a lot for quick fix!

@digdug3:

This works, but then you also have to open all the ports you have configured to this whitelist.
If the IP was not blocked at all it would behave "normally" to the next rules.

Hi digdug3,

The order of the rules in the Firewall tab are important.

Block first and than Pass next.

If you are having a specific issue, post the issue and maybe someone might be able to help.

Just a friendly reply.

I do not have the same configuration. I have one WAN and two OPTs hoping to get a reverse proxy working.

It's not working, but there may be an additional contributing factor that I don't know what I'm doing and the instructions are severely lacking.

very well thank you!!! :)

You are welcome :)

according to the proxy config, you can use a man-in-the-middle approach. It requires that you setup a WPAD/PAC in DNS or DHCP. This is new to me, but reading up on it looks promising. I am using my proxy only as a way to control site my girls should not be seeing. They can get to https sites though. This might be a way to circumvent that limitation.
Please post if you have any success, if you use it.

Hi Guys i had the same problem installing dansGuardian yesterday too….

there was a typo in the dansguardian.inc file when first installing
at line
1201  ----->    @unlink($script))

should read
              @unlink($script);

it has been fixed today.....

@jandohrmann:

Hi Bill,

Brilliant solution - thank you!

Best Regard
Jan

By the way, I plan to add this new IP Reputation Preprocessor option to the next Snort update (should be in the 2.9.6.0 package when it comes out in about a month).

Bill

@fragged:

@BBcan17:

@fragged:

Bills pull request has still not been accepted. The change you saw was this: https://github.com/pfsense/pfsense-packages/commit/048bb82a0e2c814da90816657ecedf59fedf8dbd

Thanks for the update fragged. I thought that security issue on the Web GUI was fixed in the previous release?

It still shows as 3.0.2 after this update.

I'm not an expert with html/php, but it seems like this is a better fix for the same issue that was already fixed by Ermal before.

Yes, this latest fix is an improvement over the first one.  Some more changes similar to this will be coming in the next Snort update to further harden the GUI code a bit.  It contains a lot of quite old HTML/PHP stuff that I had just left alone since it worked.  However, in today's more security conscious environment, some hardening is needed.

Bill

@bmeeks:

I submitted the fix for this problem in the current Snort 2.9.5.6 pkg v3.0.4 Pull Request that is posted on GitHub now.  So as soon as the Core Team guys review and approve the request, this fix will be posted.  Here is the link to the request:  https://github.com/pfsense/pfsense-packages/pull/582

Bill

Thanks Bill. I guess there is the changelog.

Unfortunately after this upgrade, I dont see any of these changes. There are no new icons in the Alerts Tab, Clicking on a remove Block still brings it to the Lan interface. The Rules tab is not updated.

Maybe this is still the previous release? Let me know if you want me to test anything.

Thanks.

Thanks a lot Bill..!

Indeed like Jason writes its likely the page contains contents that it tries to read contents from http://something..  you might also want to give haproxy-devel a try as it natively supports ssl. And also as a possible workaround if the webserver url generation cannot be changed can have the backend connection created over ssl to the webservers.