squid + squidguard + captive portal issue

heras

Hello,

I'm searching for a solution to authenticate users and logs their trafic with the ip and the username.
For now i have a functionnal captive portal that authenticate users (i'm force to use a custom one since i have multiple connections possibilities)
I have squid + squidguard functionnal in transparent mode but only logging trafic by ip
When i select "captive portal" in authenticate mode in squid, squid crash at every start with error "The external_acl_type helpers are crashing too rapidly".

Unfortunatly its for a public wifi so i can't pass on every device to set proxy neither use GPO (and i feel like WPAD is not user-friendly enough)
I'm looking for a solution that would be transparent-like for users
I already tried to do a port forward to squid proxy with no success (can come from a personnal error)

Do you have idea to solve my problem?

Thanks

heras

@heras
nobody have ideas? :/

greenlight

@heras said in squid + squidguard + captive portal issue:

When i select "captive portal" in authenticate mode in squid

how you can do that? because when i access to squid authentication page i see on the first line

"Authentication cannot be enabled while transparent proxy mode is enabled"

greenlight

@heras To put it simply, a system can be created for this using pfsense + squid + squidguard + lightsquid + captive portal + freeradius.

User management can even be done with some ready-made scripts. You can obtain traffic logs by storing files on var/squid/logs.

heras

@greenlight said in squid + squidguard + captive portal issue:

Authentication cannot be enabled while transparent proxy mode is enabled

yes i saw that after, that might be the reason of crashs

Is there a way (maybe with redirection) to enable squid with authentication, so without transparent mode, but to force uses of it on pfsense without need of having a hand on user's devices?

@greenlight said in squid + squidguard + captive portal issue: