Squid vs firewall rules
-
Hi guys,
i'm having a trouble while want to activating SQUID as a proxy.
Now, i'm having access policy at my firewall rules, and it's easy to managed, because the aliases, the schedule time, and the protocol that we can manage just a few click.But then, my boss want me to generate report about who and what website people has been access. And i have browse for the package, said that the Lightsquid is maybe what i need.
So, i install the squid, the squid guard, and the lightsquid.
But suddently when i'm turning on my squid to LAN, it appears that ALL WORKSTATION have the ability for browsing. Seems that the firewall rules that i've made is useless to the squid.My question, is by installing and activating the squid on my LAN, the firewall rules bypassed ??
Second, how can i have the ability to build the report without squid and lightsquid ??
Third, i want my firewall rules are still work with my squid turn on. In that way, i want the rules for access is still on my firewall rules, because it's easy to manage (really i enjoying the firewall rules in pfsense). How can i do this?Thanks… :-* :-*
-
This has been brought up before. Squid happens before the firewall - That is to say that by enabling squid (in transparent mode) the box opens port 80 on pfSense box LAN and accepts connections from any subnet you have allowed in the squid interface. I believe you can still accomplish your goal by using the 'Allowed subnets' and 'Banned Host Addresses' boxes in the Squid GUI. You can further modify allowed and blocked sites manually through the black and white lists. If you want to block all except the white list, put a '.' in the block box without the quotes.
As for your report, you will not need SquidGuard. SquidGuard's job is to apply block lists and content filters to the Squid proxy (these are available from several sources). For simple logging and report viewing, squid+lightsquid would be your best bet.
-
hiks… :'(
so, i cannot use my firewall rules on the top of squid hah?
:-\well, ok.
but what about the schedule. My firewall rules contain the rules that manage users to have their internet access in custom time. How can i do it in squid?My request of course, the pfsense developing package like squid so it can have ability :
-create report for website accessed by user
-ban a website by 'keyword' -
well, ok.
but what about the schedule. My firewall rules contain the rules that manage users to have their internet access in custom time. How can i do it in squid?
SquidGuard - time rules for ACL'sMy request of course, the pfsense developing package like squid so it can have ability :
-create report for website accessed by user
LightSquid report-ban a website by 'keyword'
No, only by URL/domain (squidGuard) or his part's -
ok, thx.
i'm trying to move to squid and lightsquid.
now i'm listing what else that i need in squid.o ya!
what about the relation about ACL and list URL.
for example, i want the 192.168.7.5 can only access www.google.com at 19:00.
how can i do this in my pfsense?and one final question, are you mostly use pfsense + squid or pfsense + firewall rules?
if most of you using the squid, maybe i can change my mind that say the firewall rules works nice and simpl for me…and start using squid. -
All of this is possible with Squid + Squiguard, I have ACL's for workhours,lunchtime and after work hours.
During lunch the filter is less strict and it allows more websites like youtube etc.
-
okey.
i'm happy about this solution.but, i have figured the acl, the time, the destination…but still i cant work it out.
1. if i turn on the squid, do the firewall rules work?
what should i do with the firewall rules?
should i deny all or allow all in LAN and WAN?2. in squid guard, what should i do with the default rules? should i deny all or allow all?
i've made a rules for allowing the acl to the specified destination.i've tried to do this, but still the allowing rules seems depend on firewall rules...
strange but true...