• URL Filtering Question

    3
    0 Votes
    3 Posts
    943 Views
    K

    sure So let me get this:

    A group of users to ignore the squid proxy?

    A group of users to use squid proxy and block pages?

    LDAP? yikes :( I would rather just create a grey list

  • after New Main.cvd clamav stop update

    1
    0 Votes
    1 Posts
    578 Views
    No one has replied
  • Setting up a Website reverse proxy?

    1
    0 Votes
    1 Posts
    717 Views
    No one has replied
  • [SOLVED] Where to configure squid log format please

    2
    0 Votes
    2 Posts
    4k Views
    D

    Well I found, so here's the ugly hack.

    In local cache, activate Cache Dynamic Content and add the following in Custom Refresh Patterns

    logformat special %>a %[ui %[un [%tl] "%rm %ru HTTP/%rv" %>Hs %<st %ss:%sh<br="">access_log /var/squid/logs/access.log special</st>

    There are already predefined logformats like the special here so you could actually just add access_log /var/squid/logs/access.log common but in my case, I can play with the format.

    Also, log into ssh and launch

    service squid.sh restart

    to see whether there are error messages or not.

  • Shallalist alternative?

    5
    0 Votes
    5 Posts
    12k Views
    D

    There's a French University list which is quite complete out here:
    http://dsi.ut-capitole.fr/blacklists/

    They have a special pfSense version (english language categories so it won't break pfSense's squid) here:
    http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense.tar.gz

    Regards,
    Ozy.

  • Squidguard and blacklist

    2
    0 Votes
    2 Posts
    2k Views
    A

    Try cleaning it up.

    Go to /var/db/squidGuard/ and do a 'rm -rf'

    Then download your blacklist again. Once it is done, it should populate back all the folders in this location.

    Next, clean up your old ACL.

    /usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard.conf - Scroll to the bottom and find a section called acl. Change the 'pass xxxx' line to 'pass all'

    Go to squidGuard's first page and click apply, then go back to your 'common' to select the categories you want to block.

  • Squid3 cache test?

    9
    0 Votes
    9 Posts
    2k Views
    K

    So i think i might have figured out a workaround not the best but its something. I created a !ignore list for ONLY users that need to connect to another site that is running OpenVPN in my case its only 1 person because hes a programer and connects to other sites that also have pfSense. Theres no need for him blocking sites either because hes a freelancer and He still gets the transparent proxy working also.

    EDIT: NVM…It was working because i uncheck the automatic proxy settings  :'(

    Clipboarder.2016.03.19-007.png
    Clipboarder.2016.03.19-007.png_thumb

  • Squid3 cannot bind to OpenVPN client interface ?

    3
    0 Votes
    3 Posts
    1k Views
    M

    What mode of OpenVPN connection are you using?

  • Too many pinger process

    2
    0 Votes
    2 Posts
    1k Views
    C

    That's not gateway monitoring, it's part of Squid. Moved to that board.

  • [SOLVED]Problem squidguard GUI

    3
    0 Votes
    3 Posts
    1k Views
    vallumV

    @japr:

    I've solved the problem, I found the solution in a similar post only have to apply this code

    killall -9 php; killall -9 lighttpd; /etc/rc.restart_webgui

    You have 2 ways:
    The first is through the SSH console (if you have it enabled) you put your username and password, then selects the option 8 "SHELL" and executes the code

    the second is using a monitor and keyboard connected to pfsense server and do the same procedure as above (select option 8 "SHELL" and run the code).

    The server works perfect again, I hope it is helpful to many here in the forum

    You can select Option 11 i.e Restart webConfigurator .
    It will work.

  • Squid3 transparent proxy works, but…

    1
    0 Votes
    1 Posts
    667 Views
    No one has replied
  • 0 Votes
    2 Posts
    1k Views
    D

    Hi Jsheed,

    I followed your steps, however I'm able to use "" to enter "domain-name\username", are you using the latest pfsense version, have you tried copying and pasting "domain-name\username" from notepad

    misc-proxy.JPG
    misc-proxy.JPG_thumb

  • Migrate Squid.conf from Linux to Pfsense 2.2.6

    17
    0 Votes
    17 Posts
    3k Views
    vallumV

    @KOM:

    No idea where that config might hlive, but it will be overwritten at every pfSense upgrade so that's not really the best solution.

    Hey Kom,

    Thanks .

    For now i have done changes in /usr/local/pkg/squidguard_configurator.inc

    now the value is permanent after, Save + Apply.

  • 0 Votes
    9 Posts
    11k Views
    T

    Not just quickly, it's working like there's nothing in between. Just as it should be.

    To summarize for everyone who might have this or a similar issue, I got this problem fixed by going the route of non-transparent proxy(or explicit if you will). Some bumps along the road, but comrade KOM helped me see the error of my ways and set me on the right path.

    Phase 1 complete, Phase 2 of my "Ban-Facebook-and-Youtube-for-EVERYONE" is just starting…

  • Squid3+squidGuard

    17
    0 Votes
    17 Posts
    4k Views
    A

    @Naughty:

    i did create a text file with the below content :
    function FindProxyForURL(url,host)
    {
    return "PROXY 192.168.1.1:3128";
    }
    but as per the article i can't loaded in the specified path "/usr/local/www/" as it's not supported in pfsense 2.2.6 so it went to /tmp/wpad.dat.

    so would u please explain to me if that will work <<

    Hi, if it helps follow how i set up my wpad
    https://forum.pfsense.org/index.php?topic=93060.0

  • Caching Steam game downloads

    12
    0 Votes
    12 Posts
    15k Views
    R

    I tried to make it work with perl in pfsense 2.6 with little success.

    anyways I did make a helper in PHP with and loaded with some configs and rewrite parterns

    works pretty fine altough I had some hangs in steam do not know why.

    https://github.com/rudiservo/pfsense_storeid

  • [SOLVED] Disk Usage at 100%

    8
    0 Votes
    8 Posts
    16k Views
    V

    Great @KOM, thanks!  Deleted the archived (the .0) access and cache files and it greatly freed up HD spaces and keeps pfsense working.  I've not checked upon reboot but I think it will be okay.

    Again, many thanks KOM!

  • How Do I prevent users to use UC Browser

    13
    0 Votes
    13 Posts
    6k Views
    S

    Hello Everyone,
    This is my first post on pfsense.org
    As a System / Network admin it is really difficult to adapt new changes happening in technology or in Internet World. As well as end users on a Restricted network always look for bypass & which leads to serious flaws to the security policies deployed by System Admin or to the entire company.
    I am not a System / Network admin but I am a geek & want my Home Network to be secured from External attacks as well as I make sure that no one will breach the policies that I deploy for my network.
    (My home network used by 6 homes of my Family & friend with extended routers or repeaters) To secure the whole network & ensures that everything on my network stay under control, I strictly monitor whole traffic every time using OpenDNS. I have been using OpenDNS for a long time & I am a kind of expert in that. Now if you want to block an access to the UC Browser that I found sometime back was able to bypass my OpenDNS rules, so I did an extensive research & continuously monitoring my network traffic, reading hundreds of forums. Simultaneously I was using UC Browser as well as mini to understand its working.
          i found following hosts of UC Browser & blocked access to them using OpenDNS. Now not a single query or single request disobey my OpenDNS law. i ruled UC & I am having complete control over my network.

    BLOCK THE FOLLOWING DOMAINS & THEIR SUB-DOMAINS:

    1. baidu.com
    2. mandriva-art.org
    3. meego-central.org
    4. ucweb.com
    5. ijinshan.com (This is I think DNS Resolver for UC Browser which leads to proxy server connections & allows users to access blocked sites.)
    6. umengcloud.com
    7. uc.cn
    8. 9game.com (UC Game Market Place)
    9. 9apps.com (UC App Market Place)
    10. umeng.com
    11. ucweb.co

    Block all above domains to restrict access on UC & remain under control of your firewall.

    No difficult firewall rule creation, no hassle. Just add above domains in block list.

    NOTE: Block all the sub-domains of above mentioned domains. Then only you will receive 100% result. BLOCK ALL SUB-DOMAINS OF ABOVE DOMAINS!

    Please let me know that whether this works for you or not.

    Screenshot_20160311_104737.png
    Screenshot_20160311_104737.png_thumb
    Screenshot_2016-03-11-10-12-10.png
    Screenshot_2016-03-11-10-12-10.png_thumb

  • How to make squid log actual URL instead of CDN domain?

    1
    0 Votes
    1 Posts
    722 Views
    No one has replied
  • Squid3 not starting with ssl interception enabled

    10
    0 Votes
    10 Posts
    2k Views
    E

    @mark81:

    Hi,

    I have a working setup with squid3 & antivirus. When I enable ssl interception and restart my firewall squid3 doesn't start.
    If I disable ssl interception and restart all works well.

    I'm not sure how I can troubleshoot this. Hope somebody can help.

    Thanks!

    Same thing does not start when I enable ssl…...

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.