Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SquidGuard package TEST

    Scheduled Pinned Locked Moved Russian
    175 Posts 14 Posters 145.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      sullrich
      last edited by

      Is this package ready to be included?

      1 Reply Last reply Reply Quote 0
      • D
        dvserg
        last edited by

        @sullrich:

        Is this package ready to be included?

        Yes, ready

        SquidGuardDoc EN  RU Tutorial
        Localization ru_PFSense

        1 Reply Last reply Reply Quote 0
        • S
          sullrich
          last edited by

          Can you send everything over?  I am also waiting on the lightsquid pkg_info.xml information.

          1 Reply Last reply Reply Quote 0
          • D
            dvserg
            last edited by

            Repeat send all on you mail

            SquidGuardDoc EN  RU Tutorial
            Localization ru_PFSense

            1 Reply Last reply Reply Quote 0
            • M
              mhohman
              last edited by

              Any news on when this package will be up in the list? I have been so eagerly awaiting a GUI…. Thanks for all your hard work.

              Matt Hohman
              New Heights Church

              1 Reply Last reply Reply Quote 0
              • D
                dvserg
                last edited by

                "Waite mode"=ON  ;D
                I all sources already sent.

                SquidGuardDoc EN  RU Tutorial
                Localization ru_PFSense

                1 Reply Last reply Reply Quote 0
                • S
                  sullrich
                  last edited by

                  I have received them and they are on my list.  I am still waiting for confirmation that lightsquid works as well before I keep adding untested packages.

                  1 Reply Last reply Reply Quote 0
                  • M
                    mhohman
                    last edited by

                    Great! Lightsquid gave me problems when I first installed. The script that pulls and processes the log files didn't run the first time automatically I had to go in on the shell to execute it. It's still not running automatically, I have to click the refresh now button.

                    Matt Hohman
                    New Heights Church

                    1 Reply Last reply Reply Quote 0
                    • D
                      dvserg
                      last edited by

                      @mhohman:

                      Great! Lightsquid gave me problems when I first installed. The script that pulls and processes the log files didn't run the first time automatically I had to go in on the shell to execute it. It's still not running automatically, I have to click the refresh now button.

                      Shedules compatible only on pfsense 1.2 What you version use?
                      If older-need setup task manually

                      SquidGuardDoc EN  RU Tutorial
                      Localization ru_PFSense

                      1 Reply Last reply Reply Quote 0
                      • M
                        mhohman
                        last edited by

                        @dvserg:

                        @mhohman:

                        Great! Lightsquid gave me problems when I first installed. The script that pulls and processes the log files didn't run the first time automatically I had to go in on the shell to execute it. It's still not running automatically, I have to click the refresh now button.

                        Shedules compatible only on pfsense 1.2 What you version use?
                        If older-need setup task manually

                        1.2 Beta 1

                        1 Reply Last reply Reply Quote 0
                        • D
                          dvserg
                          last edited by

                          Post plz here or to my PM file '/etc/crontab' content

                          SquidGuardDoc EN  RU Tutorial
                          Localization ru_PFSense

                          1 Reply Last reply Reply Quote 0
                          • M
                            mhohman
                            last edited by

                            cat /etc/crontab

                            SHELL=/bin/sh
                            PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin
                            HOME=/var/log
                            #minute hour    mday    month  wday    who      command

                            pfSense specific crontab entries

                            Created: June 3, 2007, 10:54 pm

                            0      *      *      *      *      root    /usr/bin/nice -n20 newsyslog
                            1,31    0-5    *      *      *      root    /usr/bin/nice -n20 adjkerntz -a
                            1      *      1      *      *      root    /usr/bin/nice -n20 /etc/rc.update_bogons.sh
                            */60    *      *      *      *      root    /usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout
                            1      1      *      *      *      root    /usr/bin/nice -n20 /etc/rc.dyndns.update
                            */60    *      *      *      *      root    /usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot
                            */60    *      *      *      *      root    /usr/bin/nice -n20 /usr/local/sbin/expiretable -t 1800 snort2c
                            */5    *      *      *      *      root    /usr/local/bin/checkreload.sh

                            If possible do not add items to this file manually.

                            If you do so, this file must be terminated with a blank line (e.g. new line)

                            */60    *        1      *      *      root    /usr/bin/nice -n20 /usr/local/pkg/snort_check_for_rule_updates.php

                            1 Reply Last reply Reply Quote 0
                            • D
                              dvserg
                              last edited by

                              I'm have small problem with eanglish  ::) Sorry for my many questions

                              • Do you setup auto refresh (update) period in Lightsquid GIU?

                              Post pls '/cf/conf/config.xml' file part

                              SquidGuardDoc EN  RU Tutorial
                              Localization ru_PFSense

                              1 Reply Last reply Reply Quote 0
                              • D
                                dhipo
                                last edited by

                                squidguard is not in official packages ??? only squidgurad … whats is wrong ??

                                Dhix Networks
                                Everything Secure

                                http://www.dhix.com.br

                                1 Reply Last reply Reply Quote 0
                                • D
                                  dvserg
                                  last edited by

                                  @dhipo:

                                  squidguard is not in official packages ??? only squidgurad … whats is wrong ??

                                  Nothing wrong.
                                  Expects(Waits) his queue
                                  May be developers veri bisy ?

                                  SquidGuardDoc EN  RU Tutorial
                                  Localization ru_PFSense

                                  1 Reply Last reply Reply Quote 0
                                  • D
                                    dhipo
                                    last edited by

                                    ok

                                    can you help with some situaton in squidguard ?

                                    look

                                    3 sources
                                    3 destinations
                                    3 ACL

                                    sourceA = 100.0.0.0/24
                                    sourceB = 192.168.0.0/16
                                    sourceC= 100.0.0.1 192.168.2.1

                                    destX = xxx.com
                                    destY = yyy.com
                                    destZ = zzz.com

                                    ACL1 =  sourceA pass destZ !all
                                    acl2  = sourceB pass destY !all
                                    acl3 =  sourceC pass !destX all

                                    everything  and everybody have full access ….
                                    i'm going crazy ...

                                    Dhix Networks
                                    Everything Secure

                                    http://www.dhix.com.br

                                    1 Reply Last reply Reply Quote 0
                                    • D
                                      dhipo
                                      last edited by

                                      @dhipo:

                                      ok

                                      can you help with some situaton in squidguard ?

                                      look

                                      3 sources
                                      3 destinations
                                      3 ACL

                                      sourceA = 100.0.0.0/24
                                      sourceB = 192.168.0.0/16
                                      sourceC= 100.0.0.1 192.168.2.1

                                      destX = xxx.com it's  a blacklist
                                      destY = yyy.com it's a whitelist
                                      destZ = zzz.com  it's a whitelist

                                      ACL1 =  sourceA pass destZ !all
                                      acl2  = sourceB pass destY !all
                                      acl3 =  sourceC pass !destX all

                                      everything  and everybody have full access ….
                                      i'm going crazy ...

                                      Dhix Networks
                                      Everything Secure

                                      http://www.dhix.com.br

                                      1 Reply Last reply Reply Quote 0
                                      • D
                                        dvserg
                                        last edited by

                                        Pls Show me you SG config
                                        This situation can be if  SG not started or used default config
                                        Default config created if found any error in you config data.
                                        Also how old you SG package installation?

                                        SquidGuardDoc EN  RU Tutorial
                                        Localization ru_PFSense

                                        1 Reply Last reply Reply Quote 0
                                        • D
                                          dhipo
                                          last edited by

                                          more /usr/local/etc/squidGuard/squidGuard.conf

                                          ============================================================

                                          SquidGuard configuration file

                                          This file generated automaticly with SquidGuard configurator

                                          (C)2006 Serg Dvoriancev

                                          email: dv_serg@mail.ru

                                          ============================================================

                                          logdir /var/squidGuard/log
                                          dbhome /var/db/squidGuard

                                          Todas as lojas (users in  branchoffice)

                                          src lojas {
                                                  ip 192.168.0.0/255.255.0.0
                                                  log block.log
                                          }

                                          Todos do Escritorio Central (users in HeadOffice)

                                          src EC {
                                                  ip 100.0.2.0/16
                                                  log block.log
                                          }

                                          Acesso especial (special access users)

                                          src especiais_loja {
                                                  ip 192.168.11.98
                                                  ip 192.168.37.32
                                                  ip 192.168.38.12
                                                  log block.log
                                          }

                                          Acesso sem limites (without limits users)

                                          src super-users {
                                                  ip 100.0.0.1
                                                  ip 100.0.0.195
                                                  ip 100.0.2.40
                                                  log block.log
                                          }

                                          dest ads {
                                                  domainlist ads/domains
                                                  urllist ads/urls
                                                  log block.log
                                          }

                                          dest aggressive {
                                                  domainlist aggressive/domains
                                                  urllist aggressive/urls
                                                  log block.log
                                          }

                                          dest audio-video {
                                                  domainlist audio-video/domains
                                                  urllist audio-video/urls
                                                  log block.log
                                          }

                                          dest drugs {
                                                  domainlist drugs/domains
                                                  urllist drugs/urls
                                                  log block.log
                                          }

                                          dest gambling {
                                                  domainlist gambling/domains
                                                  urllist gambling/urls
                                                  log block.log
                                          }

                                          dest hacking {
                                                  domainlist hacking/domains
                                                  urllist hacking/urls
                                                  log block.log
                                          }

                                          dest mail {
                                                  domainlist mail/domains
                                                  log block.log
                                          }

                                          dest porn {
                                                  domainlist porn/domains
                                                  expressionlist porn/expressions
                                                  urllist porn/urls
                                                  log block.log
                                          }

                                          dest proxy {
                                                  domainlist proxy/domains
                                                  urllist proxy/urls
                                                  log block.log
                                          }

                                          dest redirector {
                                                  domainlist redirector/domains
                                                  urllist redirector/urls
                                                  log block.log
                                          }

                                          dest spyware {
                                                  domainlist spyware/domains
                                                  urllist spyware/urls
                                                  log block.log
                                          }

                                          dest suspect {
                                                  domainlist suspect/domains
                                                  urllist suspect/urls
                                                  log block.log
                                          }

                                          dest violence {
                                                  domainlist violence/domains
                                                  expressionlist violence/expressions
                                                  urllist violence/urls
                                                  log block.log
                                          }

                                          dest warez {
                                                  domainlist warez/domains
                                                  urllist warez/urls
                                                  log block.log
                                          }

                                          Lista Negra Leo (our black list)

                                          dest ListaNegra {
                                                  domainlist ListaNegra/domains
                                                  expressionlist ListaNegra/expressions
                                                  urllist ListaNegra/urls
                                                  log block.log
                                          }

                                          Lista de Sites Liberados (our white list)

                                          dest ListaBranca {
                                                  domainlist ListaBranca/domains
                                                  expressionlist ListaBranca/expressions
                                                  urllist ListaBranca/urls
                                          }

                                          Sites liberados para lojas (free sites to branchoffice users)

                                          dest permitidosLoja {
                                                  domainlist permitidosLoja/domains
                                                  log block.log
                                          }

                                          Sites Liberados para EC (free sites to HeadOffice)

                                          dest permitidosEC {
                                                  domainlist permitidosEC/domains
                                                  log block.log
                                          }

                                          acl {
                                                  # Lista de Lojas Liberadas
                                                  lojas {
                                                          pass ListaBranca permitidosLoja none
                                                  }

                                          # permitidos EC
                                                  EC {
                                                          pass ListaBranca permitidosEC none
                                                  }

                                          # usuarios controlados com acesso total
                                                  especiais_loja {
                                                          pass !ads !aggressive !audio-video !drugs !gambling !hacking !m
                                          ail !porn !proxy !redirector !spyware !suspect !violence !warez !ListaNegra all
                                                  }

                                          # Super usuarios
                                                  super-users {
                                                          pass all
                                                  }
                                                default {
                                                          pass ListaBranca none
                                                          redirect http://127.0.0.1/sgerror.php
                                                  }
                                          }

                                          Dhix Networks
                                          Everything Secure

                                          http://www.dhix.com.br

                                          1 Reply Last reply Reply Quote 0
                                          • D
                                            dvserg
                                            last edited by

                                            Make this for testing

                                            • disable all ACL's (checkbox on every acl)
                                            • uncheck all items on Default rule and set !all (deny all) - test this for block all traffic
                                            • enable ListaBranca in default and test acces to him and no-access for other
                                            • one by one enable ACLS and test him for access (first enable you special acls)

                                            You need find what ACL wrong configured.

                                            PS after any change before test press Apply button and see Servise string for green (in latest version SG)(mean - SG success started) below Apply button

                                            SquidGuardDoc EN  RU Tutorial
                                            Localization ru_PFSense

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.