Squidguard on pf2.1 release STILL fails after a Year !!
-
Running Squidguard + pfSense 2.1 current releases.
In the Proxy, Filter settings, click on tab for TIMES.
I have times defined, but the filter items fails to change.This was working (but not reliably) on 2.1 until a month or so ago, but now, it always fails to switch over.
Also, when it DOES work, the switchover takes a while to load and traffic is dropped for 20-30 seconds. If the Shalla Blacklist is enabled, the switchover often cause crashes (maybe from buffer over flows). If it does not crash, it takes 100+ seconds to start passing traffic again. (FW hardware is AMD Athlon 4400+ CPU with 4GB RAM, 250GB Caviar Black drive)
See my previous complaint: https://forum.pfsense.org/index.php?topic=59671
snips of config:
time Lunch_And_Break {
weekly * 11:57-12:30
weekly fri 11:27-12:00
weekly * 09:27-10:00
weekly * 13:57-14:30
}src WLmachines {
ip 10.1.5.231-10.1.5.248
ip 10.1.5.191/32
ip 10.1.5.150/32
log block.log
}src Normal {
ip 10.1.5.0/24
log block.log
}dest Porn {
expressionlist Porn/expressions
redirect http://10.1.1.5:81/sgerror.php?url=403%20Videos%20are%20currently%20blocked%20due%20to%20excess%20usage.%20%28Please%20do%20not%20use%20videos%20for%20radio%20stations.%29&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
log block.log
}dest Videos {
domainlist Videos/domains
redirect http://10.1.1.5:81/sgerror.php?url=403%20Videos%20are%20currently%20blocked%20due%20to%20excess%20usage.%20%28Please%20do%20not%20use%20videos%20for%20radio%20stations.%29&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
log block.log
}Facebook Block
dest Facebook {
domainlist Facebook/domains
redirect http://10.1.1.5:81/sgerror.php?url=403%20Due%20to%20excess%20usage%20during%20work%20hours%2C%20Facebook%20is%20currently%20blocked.&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
}acl {
WLmachines {
pass Videos Facebook !Porn all
redirect http://10.1.1.5:81/sgerror.php?url=403%20Blocked%20By%20Firewall.&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
log block.log
}Normal within Lunch_And_Break {
pass Videos Facebook !Porn all
redirect http://10.1.1.5:81/sgerror.php?url=403%20Some%20pages%20are%20blocked%20during%20work%20times.&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
log block.log
} else {
pass !Porn !Videos !Facebook all
redirect http://10.1.1.5:81/sgerror.php?url=403%20Some%20pages%20are%20blocked%20during%20work%20times.&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
log block.log
}default {
pass !Porn Videos Facebook all
redirect http://10.1.1.5:81/sgerror.php?url=403%20&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
}
} -
FYI - I uninstalled and reinstalled Suid and Squidguard.
Here are the specific Packages on my system:
2.1-RELEASE (amd64)
built on Wed Sep 11 18:17:37 EDT 2013
FreeBSD 8.3-RELEASE-p11AutoConfigBackup Services 1.20
Lightsquid Network Report 1.8.2 pkg v.2.33
OpenVPN Client Export Utility Security 1.2.4
pfBlocker Firewall 1.0.2
squid3 Network 3.1.20 pkg 2.0.6
squidGuard-squid3 Network Management 1.4_4 pkg v.1.9.5 -
This problem goes back YEARS !!
Seriously, does no one ever use time restrictions on Squidguard ?
https://forum.pfsense.org/index.php/topic,43352.0.html