I have had it! Four hours and I cannot get squidguard to block anything
-
I waited 5 minutes, no file available. Firefox is blocking it I bet.
-
Hmm.. ??? It was kind of the point with video to show how you could do it if wanted it to work. As you can see adding the URLBlacklist takes a few sec.
I tried downloading the shallalist from the gui and it takes 5 min or so, while with URLBlacklist.com (none free) it made pfsense stop responding. So yes something is rotten in the state of Denmark and I'm sure dvserg will take a look at it.
It can be that you have paid for URLBlacklist.com access, but do remember that this addon to pfSense has been made by dvserg who don't get paid and have been using well over 100 hours on it.
-
I got it going. The only thing you did different than I was you manually placed the blacklist.gz, where I put the URL into it.
-
I paid for it. And the my uninstalling / reinstalling used up my four downloads for the damn month in 1 hour! I'm pissed. I also tried doing what you suggested in the video. It didn't work. I don't have the exact same list though I uploaded /var/tmp/shallailist.tar.gz and marked a couple of items and the deny column as well next to it. I assume Default Access (all) has to be checked, just not the deny access to the right of it. Any other tests I can do since I don't have the same blacklist you have.
-
Nothing blocked. I tried a Domain from shallist affaire18.com, I had BL_dating checked and denied checked. I tried this with Default access [all] checked, Default access [all] deny access both checked and unchecked. I wanted to see if checking Default access [all] deny access on or off made a difference. It didn't make a difference. The domain was viewable in both cases.
-
I would like to know how to manually install this. I dont think it is installing correct. Often times I have to hit apply three times and the save button to stop service or start it. I have tried everything in these forums and it just will not work.
-
reinstall pfSense
-
over the top or new install and import config?
-
I would make a new install and only import a config from before any packages was installed. You don't want any trace of the old SquidGuard install.
-
The clean reinstall worked. I just redid the whole system. Now my big question is will I be able to import the BlacklistURL.com blacklist without squidguard freaking out? Right now I have the Shallist loaded.
-
Yes if you copy the list over with winscp. I would also stop Squidguard before hitting the upload button.
-
This how I did it.
-
install package squid and squidguard and go to console menu and press 8 to exit console menu.
-
chown of /var/squid and /var/squidGuard to proxy:proxy (ex. chown -R proxy:proxy /var/squid)
-
create /download directory
-
cd /download
-
pkg_add -r http://62.4.17.14/pub/FreeBSD/ports/i386/packages-6.2-release/All/wget-1.10.2.tbz
-
/usr/local/bin/wget http://www.shallalist.de/Downloads/shallalist.tar.gz ( at least you can see download progress using this way)
-
click to Service>Proxy Content>General Setting
-
in Blacklist URL = /download/shallalist.tar.gz
see squidguard1.JPG
-
click save button
-
click Upload URL button
-
click save button (just to make sure)
-
although it says "SquidGuard service state: STARTED" just click apply button
-
GOTO Default tab
-
Follow my example using squidguard2.JPG and squidguard3.JPG or customize as you like but leave Default access [all]
-
click save
-
go to ACL tab and create new ACL (click the + button)
-
for "Source IP Address" put your network address/Masks bit (not ip address) example squidguard4.JPG
-
for "Destination" –--> customize as you like but leave Default access [all] and click save when finish. (squidguard5.JPG)
-
go to General Stting tab and click apply button to restart squid (and squidGuard too)
Note: Make sure in Service>Proxy server>Access Control –--> the allow subnet is/are the same with (17) (subnet = network address/Masks bit)
The End
BTW it took me about 3 to 4 months to figure this out by looking here and there in the forum. :)
-