Squidguard blacklist not working?

SSzretter · May 30, 2011, 3:35 PM

I installed squid and squidguard. I enabled them and they are running. I enabled the blacklist for squidguard and pasted in http://www.shallalist.de/Downloads/shallalist.tar.gz and downlaoded the blacklist. Looked like it downloaded and updated the db properly. I clicked apply and save for squidguard.

However when I try to go to some bad sites (for example using URLs from within that downlaoded file) they still work and are not blocked. What am I missing to fully activate and block these sites?

dvserg · May 30, 2011, 4:55 PM

In addition to downloading blatsklist need to configure it to use.

skear · May 30, 2011, 5:18 PM

You may have already done this but in case you haven't…

Click on the Common ACL tab in Squidguard, then click the green triangle to expand the target rules list. Check to make sure all the categories you want to block are set as deny instead of allow then save your settings. Sometimes I have to stop/start Squidguard after doing this.

SSzretter · May 31, 2011, 12:38 AM

It was already set for "!all", but I just went in and set all of them to deny, so it has a long list of deny entries now. Clicked save, clicked the apply on the first tab, no difference - seems like it is not blocking.

SSzretter · May 31, 2011, 12:45 AM

Ok, maybe a hint - I had the proxy (squid) set to the WAN interface because I have pfsense set to bridged/transparent mode. Squid is also set to transparent mode. If I set it to LAN, I can no longer load web pages. Which should it be - WAN or LAN for bridged?

Nachtfalke · May 31, 2011, 2:42 PM

If you are using squid in transparent mode squidguard only filters http (80) traffic. If you are browsing a https (443) page this will be allowed.

Which interface you should use in bridged mode I don't know.

_igor_ · Jun 9, 2011, 10:24 AM

If i understand you right: as you said, enable squid on LAN and all is blocked. Here it works. Now enable all in squidguard (set it to pass) and you go. Even in bridged mode it should be set to LAN, i think.

elf · Jun 9, 2011, 4:46 PM

Hi everybody,

I would like to ask if is possibly to block "https" sites in "squidGuard" ? I use this service very well but I am able to block only domain via "http". I need to block some "https" site (for example: https://www.facebook.com).

Is possible to do via "Expressions" ? If yes … can you help me with syntax anybody?

Thanks you very much.
Lukas

briggs · Jul 28, 2011, 9:51 AM

I also have the same problem with author. Even if i've done a clean install, then install squid and squidguard, configure, and download blacklist to shallalist.de with transparent or proxy mode, the filtering doesnt seems to work. Any suggestion is appreciated. thanks

Nachtfalke · Jul 28, 2011, 6:25 PM

I am not using the blacklist files BUT:

if you only want to block http (port 80) then it is enough to use squid in transparent mode.
if you like to block https (port 443) then you have to run squid in non-transparent mode. In this mode you have to enter the proxy server address in the clients browse.