URL Blacklist squidGuard

dolson11

I am really surprised that netgate does not offer a list. because the advertise that is has pfsense but its really of no use without a active list. Someone needs to start a new business and charge $20 a month for list access.

Rhuan

@dolson11
Utilizo o Squid + SquidGuard.
Veja como fiz.

Vá em: Services > Proxy filter SquidGuard > General settings

Depois seleciono Blacklist e clico em Download para baixar a lista e categorias.

Agora clico em Groups ACL e crio uma.

Logo abaixo, veja que as categorias da lista aparecem pra mim.

Espero ter ajudado!

dolson11

@rhuan I think I am missing something. It downloaded ok

Rhuan

@dolson11

Vi que foi apresentado uma mensagem de erro. Você precisa adicionar a rede que seu SquidGuard vai trabalhar, ex.: 10.10.0.0/23

Nesta rede (LAN) que as políticas de acesso serão empregadas.

dolson11

@rhuan Still no luck .... I must be doing something wrong.

senseivita

Hey guys, on OPNsense there another one:
http://pgl.yoyo.org/adservers/serverlist.php?hostformat=nohtml
I don't know if the format can be used as is or if it needs to be converted. It also parses categories so I assume it has all the fields needed to work and should be n't be too hard toeverything in there to work and shouldn't be that hard in a Bash script, or from what I hear trivial in Python. I don't know Python myself so…yeah.

I already checked, it looks like the categories are nothing but lists in folders:

Knowing that you can easily use one of the many lists there are, e.g;

Many with their own classifications, for example; Steven Black's. grep or awk or whatever is the easiest to remove the bad IP address-per-entry these come with put 'em in category folders, tar it, rsync it into a local web server, point pfSense to it. Maybe even add to the script to trigger the Squidguard update, there are some examples in the ACME package if I remember correctly. :) They should serve at least as hints to places in the filesystem.

Another option that comes to mind, is transforming the already-in-pfSense lists from pfBlockerNG but, I've never found it easy dealing with any native package-related thing on pfSense. They have some sort of obfuscation or inexplicably obvious oversight, I can't tell exactly what, but will make you miserable.

The file from l'Université Toulouse 1 appears to have additional files for heuristics or something (somebody will correct me, I hope), but the domain lists are on every category/folder whereas the others aren't, so I think it's a safe bet you'll be fine without them. Good luck!

pontoexe

O único link que consegui encontrar que ainda está funcionando na nova versão do pfsense é esse aqui:

http://dsi.ut-capitole.fr/blacklists/download/all.tar.gz

Sr.Sayonara

I have follow the steps of @Reeko and restore to default blacklist update then i download it again and when everything was completed i enable the blacklist in general settings and put the url of capitole and works fine here.

jaoms2024

@aGeekhere said in URL Blacklist squidGuard:

http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense.tar.gz

cuando trato de actualizar la lista me pone esto

Begin blacklist update
Start download.
Download archive http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense.tar.gz
Bad content from http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense.tar.gz. Terminate.

aGeekhere

@jaoms2024 said in URL Blacklist squidGuard:

http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense.tar.gz

I just updated and it works still

Begin blacklist update
Start download.
Download archive http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense.tar.gz
Download complete
Unpack archive
Scan blacklist categories.
Found 64 items.
Start rebuild DB.
Copy DB to workdir.
Reconfigure Squid proxy.
Blacklist update complete.