Squid Guard, immediately disable local account on visiting blocked sites?
-
Hi Everyone,
We are in the process of deploying a wireless network in our church governed by an instance of pfSense.
Our primary need is a content filter (for obvious reasons :P).
We also intend on using captive portal, authenticated via the local users directory.Is it possible using SquidGuard or any other content filter available on pfSense.. to immediately revoke a users access (disable their account or block their MAC address) as soon as they visit any blacklisted site?
I have a hacky solution (getting SquidGuard to redirect to a custom PHP script).
But its far from elegant!Thanks!
- Daniel
-
Is it possible using SquidGuard or any other content filter available on pfSense.. to immediately revoke a users access
For you situation this is the best way.
-
Hi dvserg,
Thanks for your prompt reply!
Not quite sure I understand what you mean though :P -
I have a hacky solution (getting SquidGuard to redirect to a custom PHP script).
You method very good as solution for problem.
-
Oh I see.. Thanks! :D
I've been doing a bit of digging around in the pfSense source code and I think locking the account using
exec("/usr/sbin/pw lock {$user_name} -q");
And setting the user's shell to "/sbin/nologin" should be sufficient.
Does anyone know of an existing function / better way to do this? (guessing not as I stole my code from https://github.com/bsdperimeter/pfsense/blob/master/etc/inc/auth.inc#L457)