SquidGuard Blacklists
-
Hello,
I'm new with the whole PFSense system and I've been trying to setup PFSense with Squid+SquidGuard to use blacklists.
I've installed everything but I can't figure out where to go to select which blacklists to use. I'm using the Shalla list and have downloaded it useing the download tool in the GUI.
I've looked at a few tutorials and one of them had some screenshots showing a tab called "default" which I do not see. I'm not sure if this is just from an older version or if something is wrong (or I'm missing something) with my setup.
Please help!
Note: I've included a few screenshots of my UI.
Thanks. :)
-
Now look 'Common ACL' for configure filter rules.
-
Thanks for the info. I didnt notice that little green button beside the Target Rules List. :)
Is it possible to create multiple lists for different groups?
Thanks!
-
Thanks for the info. I didnt notice that little green button beside the Target Rules List. :)
Is it possible to create multiple lists for different groups?
Thanks!
Yes - Special ACL
-
Oh I see it now. Not under 'common' but under 'special' :)
Thanks for your help.
-
Oh I see it now. Not under 'common' but under 'special' :)
Thanks for your help.
I just can not find another name for this tab. Can someone suggest another option?
-
Are you talking about the names for Common and Special? I'd call them Common = Global and Special = Groups or Custom. :)
Cheers!
-
Are you talking about the names for Common and Special? I'd call them Common = Global and Special = Groups or Custom. :)
Cheers!
'Common' fairly accurately determine its value as a setting for all those who no have special settings. Perhaps a "Groups ACL" closer to the meaning than the "special ACL".
Thanks. -
Still seem to be having issue.
I've setup as follows.
[internet] – [main router/firewall] – [pfsense] – [switch] – [lan]
-PF sense is in bridging mode
-I don't seem to be able to browse at all when I try and use transparent mode
-When browsing through the proxy manually; I go to a site that shows http headers and I see I'm on a proxy. Yet none of my filter rules seem to apply. I've tried using 'common', 'special', and 'target cat…'Thoughts?
-
Still seem to be having issue.
I've setup as follows.
[internet] – [main router/firewall] – [pfsense] – [switch] – [lan]
-PF sense is in bridging mode
-I don't seem to be able to browse at all when I try and use transparent mode
-When browsing through the proxy manually; I go to a site that shows http headers and I see I'm on a proxy. Yet none of my filter rules seem to apply. I've tried using 'common', 'special', and 'target cat…'In bridging mode transparent do not work
Show you SG config -
Is there a way I can export my config or do I need to screenshot?
Thanks.
-
Is there a way I can export my config or do I need to screenshot?
Thanks.
Log > Proxy filter config. Copy-paste
-
Oh thanks. :)
# Do not edit manually ! http_port 10.10.200.254:8080 icp_port 0 pid_filename /var/run/squid.pid cache_effective_user proxy cache_effective_group proxy error_directory /usr/local/etc/squid/errors/English icon_directory /usr/local/etc/squid/icons visible_hostname ffdfw002 cache_mgr ithelp@dontcare.com access_log /var/log/httpproxy/access.log cache_log /var/log/httpproxy/cache.log cache_store_log none logfile_rotate 8 shutdown_lifetime 3 seconds # Allow local network(s) on interface(s) acl localnet src 10.10.200.0/255.255.255.0 uri_whitespace strip cache_mem 512 MB maximum_object_size_in_memory 32 KB memory_replacement_policy lru cache_replacement_policy lru cache_dir aufs /var/squid/cache 2500 16 256 minimum_object_size 0 KB maximum_object_size 1024 KB offline_mode off cache_swap_low 90 cache_swap_high 95 # No redirector configured # Setup some default acls acl all src 0.0.0.0/0.0.0.0 acl localhost src 127.0.0.1/255.255.255.255 acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 3128 1025-65535 acl sslports port 443 563 acl manager proto cache_object acl purge method PURGE acl connect method CONNECT acl dynamic urlpath_regex cgi-bin \? acl allowed_subnets src 10.10.200.0/24 cache deny dynamic http_access allow manager localhost http_access deny manager http_access allow purge localhost http_access deny purge http_access deny !safeports http_access deny CONNECT !sslports # Always allow localhost connections http_access allow localhost request_body_max_size 0 KB reply_body_max_size 0 allow all delay_pools 1 delay_class 1 2 delay_parameters 1 -1/-1 -1/-1 delay_initial_bucket_level 100 delay_access 1 allow all # Setup allowed acls # Allow local network(s) on interface(s) http_access allow allowed_subnets http_access allow localnet # Custom options redirect_program /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf redirector_bypass on redirect_children 3 # Default block all to be sure http_access deny all
Thoughts?