Squidguard doesn't work, please help…
-
Hi !
I follow all the step by step procedures (founded here, like http://diskatel.narod.ru/sgquick.htm) to configure Squidguard but, unfortunately, it does not work. I mean, it does not filtering nothing.
I uploaded blaklist (shallalist) and set default rules to deny all. Also, i made a destination rule for facebook.com but doesn't work..
Can you help me, please ?Thanks a lot !
-
Show you SG settings.
-
Attached
![SquidGuard default 1.png](/public/imported_attachments/1/SquidGuard default 1.png)
![SquidGuard default 1.png_thumb](/public/imported_attachments/1/SquidGuard default 1.png_thumb)
![SquidGuard default 2.png](/public/imported_attachments/1/SquidGuard default 2.png)
![SquidGuard default 2.png_thumb](/public/imported_attachments/1/SquidGuard default 2.png_thumb)
![SquidGuard destinations.png](/public/imported_attachments/1/SquidGuard destinations.png)
![SquidGuard destinations.png_thumb](/public/imported_attachments/1/SquidGuard destinations.png_thumb) -
Below squidguard config:
webConfigurator
pfsense.local*
System
o Advanced
o Firmware
o General Setup
o Packages
o Setup wizard
o Static routes
*
Interfaces
o (assign)
o WAN
o LAN
*
Firewall
o Aliases
o NAT
o Rules
o Schedules
o Traffic Shaper
o Virtual IPs
*
Services
o Captive portal
o DNS forwarder
o DHCP relay
o DHCP server
o Dynamic DNS
o Load Balancer
o OLSR
o PPPoE Server
o RIP
o SNMP
o UPnP
o OpenNTPD
o Wake on LAN
o Proxy server
o Proxy filter
*
VPN
o IPsec
o OpenVPN
o PPTP
*
Status
o CARP (failover)
o DHCP leases
o Filter Reload Status
o Interfaces
o IPsec
o Load Balancer
o Package logs
o Queues
o RRD Graphs
o Services
o System
o System logs
o Traffic graph
o UPnP
*
Diagnostics
o ARP Tables
o Backup/Restore
o Command Prompt
o Edit File
o Factory defaults
o Halt system
o Ping
o Reboot system
o Routes
o States
o Traceroute
o Packet CaptureProxy filter SquidGuard: Log
General settings Default ACL Destinations Times Rewrites Log
Log type
/usr/local/etc/squidGuard/squidGuard.conf============================================================
SquidGuard configuration file
This file generated automaticly with SquidGuard configurator
(C)2006 Serg Dvoriancev
email: dv_serg@mail.ru
============================================================
logdir /var/squidGuard/log
dbhome /var/db/squidGuarddest blk_BL_adv {
domainlist blk_BL_adv/domains
urllist blk_BL_adv/urls
log block.log
}dest blk_BL_aggressive {
domainlist blk_BL_aggressive/domains
urllist blk_BL_aggressive/urls
log block.log
}dest blk_BL_alcohol {
domainlist blk_BL_alcohol/domains
urllist blk_BL_alcohol/urls
log block.log
}dest blk_BL_automobile_bikes {
domainlist blk_BL_automobile_bikes/domains
urllist blk_BL_automobile_bikes/urls
log block.log
}dest blk_BL_automobile_boats {
domainlist blk_BL_automobile_boats/domains
urllist blk_BL_automobile_boats/urls
log block.log
}dest blk_BL_automobile_cars {
domainlist blk_BL_automobile_cars/domains
urllist blk_BL_automobile_cars/urls
log block.log
}dest blk_BL_automobile_planes {
domainlist blk_BL_automobile_planes/domains
urllist blk_BL_automobile_planes/urls
log block.log
}dest blk_BL_chat {
domainlist blk_BL_chat/domains
urllist blk_BL_chat/urls
log block.log
}dest blk_BL_costtraps {
domainlist blk_BL_costtraps/domains
urllist blk_BL_costtraps/urls
log block.log
}dest blk_BL_dating {
domainlist blk_BL_dating/domains
urllist blk_BL_dating/urls
log block.log
}dest blk_BL_downloads {
domainlist blk_BL_downloads/domains
urllist blk_BL_downloads/urls
log block.log
}dest blk_BL_drugs {
domainlist blk_BL_drugs/domains
urllist blk_BL_drugs/urls
log block.log
}dest blk_BL_dynamic {
domainlist blk_BL_dynamic/domains
urllist blk_BL_dynamic/urls
log block.log
}dest blk_BL_education_schools {
domainlist blk_BL_education_schools/domains
urllist blk_BL_education_schools/urls
log block.log
}dest blk_BL_finance_banking {
domainlist blk_BL_finance_banking/domains
urllist blk_BL_finance_banking/urls
log block.log
}dest blk_BL_finance_insurance {
domainlist blk_BL_finance_insurance/domains
urllist blk_BL_finance_insurance/urls
log block.log
}dest blk_BL_finance_moneylending {
domainlist blk_BL_finance_moneylending/domains
urllist blk_BL_finance_moneylending/urls
log block.log
}dest blk_BL_finance_other {
domainlist blk_BL_finance_other/domains
urllist blk_BL_finance_other/urls
log block.log
}dest blk_BL_finance_realestate {
domainlist blk_BL_finance_realestate/domains
urllist blk_BL_finance_realestate/urls
log block.log
}dest blk_BL_finance_trading {
domainlist blk_BL_finance_trading/domains
urllist blk_BL_finance_trading/urls
log block.log
}dest blk_BL_fortunetelling {
domainlist blk_BL_fortunetelling/domains
urllist blk_BL_fortunetelling/urls
log block.log
}dest blk_BL_forum {
domainlist blk_BL_forum/domains
urllist blk_BL_forum/urls
log block.log
}dest blk_BL_gamble {
domainlist blk_BL_gamble/domains
urllist blk_BL_gamble/urls
log block.log
}dest blk_BL_government {
domainlist blk_BL_government/domains
urllist blk_BL_government/urls
log block.log
}dest blk_BL_hacking {
domainlist blk_BL_hacking/domains
urllist blk_BL_hacking/urls
log block.log
}dest blk_BL_hobby_cooking {
domainlist blk_BL_hobby_cooking/domains
urllist blk_BL_hobby_cooking/urls
log block.log
}dest blk_BL_hobby_games-misc {
domainlist blk_BL_hobby_games-misc/domains
urllist blk_BL_hobby_games-misc/urls
log block.log
}dest blk_BL_hobby_games-online {
domainlist blk_BL_hobby_games-online/domains
urllist blk_BL_hobby_games-online/urls
log block.log
}dest blk_BL_hobby_gardening {
domainlist blk_BL_hobby_gardening/domains
urllist blk_BL_hobby_gardening/urls
log block.log
}dest blk_BL_hobby_pets {
domainlist blk_BL_hobby_pets/domains
urllist blk_BL_hobby_pets/urls
log block.log
}dest blk_BL_homestyle {
domainlist blk_BL_homestyle/domains
urllist blk_BL_homestyle/urls
log block.log
}dest blk_BL_hospitals {
domainlist blk_BL_hospitals/domains
urllist blk_BL_hospitals/urls
log block.log
}dest blk_BL_imagehosting {
domainlist blk_BL_imagehosting/domains
urllist blk_BL_imagehosting/urls
log block.log
}dest blk_BL_isp {
domainlist blk_BL_isp/domains
urllist blk_BL_isp/urls
log block.log
}dest blk_BL_jobsearch {
domainlist blk_BL_jobsearch/domains
urllist blk_BL_jobsearch/urls
log block.log
}dest blk_BL_library {
domainlist blk_BL_library/domains
urllist blk_BL_library/urls
log block.log
}dest blk_BL_military {
domainlist blk_BL_military/domains
urllist blk_BL_military/urls
log block.log
}dest blk_BL_models {
domainlist blk_BL_models/domains
urllist blk_BL_models/urls
log block.log
}dest blk_BL_movies {
domainlist blk_BL_movies/domains
urllist blk_BL_movies/urls
log block.log
}dest blk_BL_music {
domainlist blk_BL_music/domains
urllist blk_BL_music/urls
log block.log
}dest blk_BL_news {
domainlist blk_BL_news/domains
urllist blk_BL_news/urls
log block.log
}dest blk_BL_podcasts {
domainlist blk_BL_podcasts/domains
urllist blk_BL_podcasts/urls
log block.log
}dest blk_BL_politics {
domainlist blk_BL_politics/domains
urllist blk_BL_politics/urls
log block.log
}dest blk_BL_porn {
domainlist blk_BL_porn/domains
urllist blk_BL_porn/urls
log block.log
}dest blk_BL_radiotv {
domainlist blk_BL_radiotv/domains
urllist blk_BL_radiotv/urls
log block.log
}dest blk_BL_recreation_humor {
domainlist blk_BL_recreation_humor/domains
urllist blk_BL_recreation_humor/urls
log block.log
}dest blk_BL_recreation_martialarts {
domainlist blk_BL_recreation_martialarts/domains
urllist blk_BL_recreation_martialarts/urls
log block.log
}dest blk_BL_recreation_restaurants {
domainlist blk_BL_recreation_restaurants/domains
urllist blk_BL_recreation_restaurants/urls
log block.log
}dest blk_BL_recreation_sports {
domainlist blk_BL_recreation_sports/domains
urllist blk_BL_recreation_sports/urls
log block.log
}dest blk_BL_recreation_travel {
domainlist blk_BL_recreation_travel/domains
urllist blk_BL_recreation_travel/urls
log block.log
}dest blk_BL_recreation_wellness {
domainlist blk_BL_recreation_wellness/domains
urllist blk_BL_recreation_wellness/urls
log block.log
}dest blk_BL_redirector {
domainlist blk_BL_redirector/domains
urllist blk_BL_redirector/urls
log block.log
}dest blk_BL_religion {
domainlist blk_BL_religion/domains
urllist blk_BL_religion/urls
log block.log
}dest blk_BL_remotecontrol {
domainlist blk_BL_remotecontrol/domains
urllist blk_BL_remotecontrol/urls
log block.log
}dest blk_BL_ringtones {
domainlist blk_BL_ringtones/domains
urllist blk_BL_ringtones/urls
log block.log
}dest blk_BL_science_astronomy {
domainlist blk_BL_science_astronomy/domains
urllist blk_BL_science_astronomy/urls
log block.log
}dest blk_BL_science_chemistry {
domainlist blk_BL_science_chemistry/domains
urllist blk_BL_science_chemistry/urls
log block.log
}dest blk_BL_searchengines {
domainlist blk_BL_searchengines/domains
urllist blk_BL_searchengines/urls
log block.log
}dest blk_BL_sex_education {
domainlist blk_BL_sex_education/domains
urllist blk_BL_sex_education/urls
log block.log
}dest blk_BL_sex_lingerie {
domainlist blk_BL_sex_lingerie/domains
urllist blk_BL_sex_lingerie/urls
log block.log
}dest blk_BL_shopping {
domainlist blk_BL_shopping/domains
urllist blk_BL_shopping/urls
log block.log
}dest blk_BL_socialnet {
domainlist blk_BL_socialnet/domains
urllist blk_BL_socialnet/urls
log block.log
}dest blk_BL_spyware {
domainlist blk_BL_spyware/domains
urllist blk_BL_spyware/urls
log block.log
}dest blk_BL_tracker {
domainlist blk_BL_tracker/domains
urllist blk_BL_tracker/urls
log block.log
}dest blk_BL_updatesites {
domainlist blk_BL_updatesites/domains
urllist blk_BL_updatesites/urls
log block.log
}dest blk_BL_violence {
domainlist blk_BL_violence/domains
urllist blk_BL_violence/urls
log block.log
}dest blk_BL_warez {
domainlist blk_BL_warez/domains
urllist blk_BL_warez/urls
log block.log
}dest blk_BL_weapons {
domainlist blk_BL_weapons/domains
urllist blk_BL_weapons/urls
log block.log
}dest blk_BL_webmail {
domainlist blk_BL_webmail/domains
urllist blk_BL_webmail/urls
log block.log
}dest blk_BL_webphone {
domainlist blk_BL_webphone/domains
urllist blk_BL_webphone/urls
log block.log
}dest blk_BL_webradio {
domainlist blk_BL_webradio/domains
urllist blk_BL_webradio/urls
log block.log
}dest blk_BL_webtv {
domainlist blk_BL_webtv/domains
urllist blk_BL_webtv/urls
log block.log
}dest Facebook {
domainlist Facebook/domains
redirect http://127.0.0.1:80/sgerror.php?url=403%20Error&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
log block.log
}rew safesearch {
s@(google../search?.q=.)@\1&safe=active@i
s@(google../images.q=.)@\1&safe=active@i
s@(google../groups.q=.)@\1&safe=active@i
s@(google../news.q=.)@\1&safe=active@i
s@(yandex../yandsearch?.text=.)@\1&fyandex=1@i
s@(search.yahoo../search.p=.)@\1&vm=r@i
s@(search.live../.q=.)@\1&adlt=strict@i
s@(search.msn../.q=.)@\1&adlt=strict@i
log block.log
}acl {
default {
pass !in-addr none
redirect http://127.0.0.1:80/sgerror.php?url=403%20Error&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
log block.log
}
}pfSense is 2004 - 2009 by BSD Perimeter LLC. All Rights Reserved. [view license]
[Commercial Support Available] -
You are disable all access and dont allow Facebook.
Now you HTTP are blocking -
You can try and look at the traffic as it spools by using:
tail -f /var/squid/log/access.log
(using your console or ssh)if should show you all the squid traffic as it spools by and thus be able to see if you get any 200/403 messages. (200=allowed and 403=denied)
Kind regards
Aubrey -
dvserg
My http trafic it is not blocked. I can browse anywere. I think squidguard is not working….
cyber7
This folder /var/squid/log/ does not exist. You mean /var/squid/logs ? In this folder i found just cache.log.
-
dvserg
My http trafic it is not blocked. I can browse anywere. I think squidguard is not working….
cyber7
This folder /var/squid/log/ does not exist. You mean /var/squid/logs ? In this folder i found just cache.log.
Probably you configure transparent proxy.
You are sure what you browser have HTTPaccess via squid ? Enter proxy options (ip/port) directly to the IE. -
I don't use transparent proxy, as you see in attachament.
And i don't use acl, either.But it doesn't work…
Thank you for your patience.
-
You need squid for squid guard to work…it looks like nothing is set in squid.
-
Please be more specific.
What do you mean with setting up squid ? I have installed squid before squidguard and yes, i didn't make any changes to squid.Is there anything to setup in squid ?
Thank you !
-
I used tutorial from http://doc.pfsense.org/index.php/Setup_Squid_as_a_Transparent_Proxy and follow the instructions.
I tried with transparent proxies checked and not checked, reboot etc.
Still doesn't work.Can you help, please ?
-
Squidguard can works if squid does not use transparent proxies ?
Thanks
-
You must configure squid package. Select interface/enable logging/enterproxy port