Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Problemas com SQUID e SQUIDGUARD autenticando no AD

    Scheduled Pinned Locked Moved Portuguese
    69 Posts 10 Posters 21.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D Offline
      davidjrsp
      last edited by

      Agora ta aparecendo no Ad.

      deixei igual mais não vai.

      Ele autentica e tudo no browser da estação mais deixa passar os sites bloqueados globo.com e terra.com.br dominios cadastrados para bloqueados.

      dominioatrubutos.jpg
      dominioatrubutos.jpg_thumb
      pfsense222lpdapacl.jpg
      pfsense222lpdapacl.jpg_thumb

      1 Reply Last reply Reply Quote 0
      • L Offline
        lucaspolli
        last edited by

        Na Blacklist do grupo o Default access vc deixa como allow e no General Settings vc deixa como deny

        nao esqueca do apply no general settings apos cada mudanca efetuada, senao a regra nao é aplicada

        1 Reply Last reply Reply Quote 0
        • H Offline
          holiveira
          last edited by

          Bom dia,

          Percebi que no AD o nome do grupo está: "bloqueado" (com b em minusculo)
          No pfSense o nome do grupo tem que ser idêntico ao que está no AD, você está colocando "Bloqueado" (com B em maisculo)
          Mude o grupo no pfsense para: "bloqueado" e veja se irá funcionar.

          1 Reply Last reply Reply Quote 0
          • L Offline
            lucaspolli
            last edited by

            @davidjrsp:

            Ele autentica e tudo no browser da estação mais deixa passar os sites bloqueados globo.com e terra.com.br dominios cadastrados para bloqueados.

            ja esta autenticando entao.. agora seu problema é so as configuracoes de blacklist bem mais simples.. segue o que falei acima que vai funcionar

            1 Reply Last reply Reply Quote 0
            • D Offline
              davidjrsp
              last edited by

              Bom dia Lucas

              Tentei fazer as configurações que falou e também não ta bloqueando
              Vc falou General Settings vc deixa como deny no General Setting nao achei a opção Deny

              estou te mandando uns prints.


              Henrique Deixei o b minusculo e também não foi :(

              pfsenselucas01.jpg
              pfsenselucas01.jpg_thumb
              pfsenseluca02.jpg
              pfsenseluca02.jpg_thumb
              pfsenselucas03.jpg
              pfsenselucas03.jpg_thumb
              pfsenselucas04.jpg
              pfsenselucas04.jpg_thumb

              1 Reply Last reply Reply Quote 0
              • D Offline
                davidjrsp
                last edited by

                Estou dando o Apply e ainda vou em status e coloco para recarregar filtro
                fecho o browser do usuario e logo novamente, e limpo o cache também do browser

                1 Reply Last reply Reply Quote 0
                • L Offline
                  lucaspolli
                  last edited by

                  @davidjrsp:

                  Vc falou General Settings vc deixa como deny no General Setting nao achei a opção Deny

                  Desculpe, errei o local é em Common ACL, na blacklist

                  1 Reply Last reply Reply Quote 0
                  • D Offline
                    davidjrsp
                    last edited by

                    Lucas também não funcionou vc acredita !!!!!

                    pfsenselucas05.jpg
                    pfsenselucas05.jpg_thumb

                    1 Reply Last reply Reply Quote 0
                    • L Offline
                      lucaspolli
                      last edited by

                      deixe a Bloqueia Sites como –- nessa pagina vc nao altera nada, somente se for colocar um whitelist

                      1 Reply Last reply Reply Quote 0
                      • D Offline
                        davidjrsp
                        last edited by

                        Coloquei o –----- e também não funcionou

                        pfsense06.jpg
                        pfsense06.jpg_thumb

                        1 Reply Last reply Reply Quote 0
                        • L Offline
                          lucaspolli
                          last edited by

                          limpou o cache do squid?

                          1 Reply Last reply Reply Quote 0
                          • D Offline
                            davidjrsp
                            last edited by

                            Não Limpei, é via Shell Console ? ou da pra fazer com a interface WEB

                            1 Reply Last reply Reply Quote 0
                            • L Offline
                              lucaspolli
                              last edited by

                              prefiro via shell, va no diretorio do cache, pare o squid, remova todos os arquivos (rm -R *), mais antes verifique se esta no local correto, depois de remover digite squid -z para recriar o cache e inicie novamente o squid, limpe o cache do navegador tb

                              1 Reply Last reply Reply Quote 0
                              • D Offline
                                davidjrsp
                                last edited by

                                Olá Lucas

                                fiz os seguintes comados via console e limpei o cache do browser

                                E também não rolo ate parei o serviço do squidguard e subi novamente e nada

                                /usr/local/etc/rc.d/squid.sh stop

                                rm -rf /var/squid/cache/

                                mkdir -p /var/squid/cache/

                                chown proxy:proxy /var/squid/cache/

                                chmod 750 /var/squid/cache/
                                squid -z

                                /usr/local/etc/rc.d/squid.sh start

                                1 Reply Last reply Reply Quote 0
                                • L Offline
                                  lucaspolli
                                  last edited by

                                  a porta esta aberta no seu firewall?

                                  1 Reply Last reply Reply Quote 0
                                  • D Offline
                                    davidjrsp
                                    last edited by

                                    Eu desabilitei o Firewall do Windows Server 2012 r2

                                    1 Reply Last reply Reply Quote 0
                                    • L Offline
                                      lucaspolli
                                      last edited by

                                      firewall do pfsense..

                                      1 Reply Last reply Reply Quote 0
                                      • D Offline
                                        davidjrsp
                                        last edited by

                                        Como o pfsense nao esta em producao ainda ta tudo liberado
                                        Wan e Lan

                                        to mandando print

                                        pfsenseregrasfirewall.jpg
                                        pfsenseregrasfirewall.jpg_thumb
                                        pfsenseregrasfirewall2.jpg
                                        pfsenseregrasfirewall2.jpg_thumb

                                        1 Reply Last reply Reply Quote 0
                                        • L Offline
                                          lucaspolli
                                          last edited by

                                          verifica os logs se aparece algum erro ao reiniciar o squid+squidguard

                                          1 Reply Last reply Reply Quote 0
                                          • D Offline
                                            davidjrsp
                                            last edited by

                                            SquidGuard

                                            Show top 50 entries. List from the line: << 0 >>
                                            16.06.2014 15:16:03 [squid_reconfigure] Add new redirector options to Squid config.
                                            16.06.2014 15:16:03 [squid_reconfigure] Remove old redirector options from Squid config.
                                            16.06.2014 15:16:03 [sg_reconfigure] Save squidGuard config to '/usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard.conf'.
                                            16.06.2014 15:16:03 [sg_redirector_base_url] Select redirector base url (http://192.168.1.240:80/sgerror.php?url=403%20&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
                                            16.06.2014 15:16:03 [sg_create_config] Add Default
                                            16.06.2014 15:16:03 [sg_create_config] Add ACL's: bloqueado;
                                            16.06.2014 15:16:02 [sg_create_config] Add rewrites: safesearch;
                                            16.06.2014 15:16:02 [sg_create_config] Add destinations: Bloqueia_Sites;
                                            16.06.2014 15:16:02 [sg_create_config] Add sources: bloqueado
                                            16.06.2014 15:16:02 [squidguard_rebuild_db] Start rebuild DB.
                                            16.06.2014 15:15:52 [squidguard_rebuild_db] Create rebuild config '/usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard__usrdbrebuild.conf'.
                                            16.06.2014 15:15:52 [sg_redirector_base_url] Select redirector base url (http://192.168.1.240:80/sgerror.php?url=403%20404&a=%a&n=%n&;i=%i&s=%s&t=%t&u=%u)
                                            16.06.2014 15:15:52 [sg_create_simple_config] Added item 'Bloqueia_Sites' = '/var/db/squidGuard/Bloqueia_Sites'.
                                            16.06.2014 15:15:52 [sg_create_simple_config] Begin with dbhome='/var/db/squidGuard'.
                                            16.06.2014 15:15:52 [squidguard_rebuild_db] Begin with path '/var/db/squidGuard'.
                                            16.06.2014 15:15:51 [sg_reconfigure_user_db] Add Bloqueia_Sites domains 'terra.com.br globo.com';
                                            16.06.2014 15:15:51 [sg_reconfigure_user_db] Add user entries
                                            16.06.2014 15:15:51 [sg_reconfigure_user_db] Begin with '/var/db/squidGuard'
                                            16.06.2014 15:15:14 [squid_reconfigure] Add new redirector options to Squid config.
                                            16.06.2014 15:15:14 [sg_reconfigure] Save squidGuard config to '/usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard.conf'.
                                            16.06.2014 15:15:14 [sg_redirector_base_url] Select redirector base url (http://192.168.1.240:80/sgerror.php?url=403%20&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
                                            16.06.2014 15:15:14 [sg_create_config] Add Default
                                            16.06.2014 15:15:14 [sg_create_config] Add ACL's: bloqueado;
                                            16.06.2014 15:15:14 [sg_create_config] Add rewrites: safesearch;
                                            16.06.2014 15:15:14 [sg_create_config] Add destinations: Bloqueia_Sites;
                                            16.06.2014 15:15:14 [sg_create_config] Add sources: bloqueado
                                            16.06.2014 15:15:14 [squidguard_rebuild_db] Start rebuild DB.
                                            16.06.2014 15:14:51 [squidguard_rebuild_db] Create rebuild config '/usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard__usrdbrebuild.conf'.
                                            16.06.2014 15:14:51 [sg_redirector_base_url] Select redirector base url (http://192.168.1.240:80/sgerror.php?url=403%20404&a=%a&n=%n&;i=%i&s=%s&t=%t&u=%u)
                                            16.06.2014 15:14:51 [sg_create_simple_config] Added item 'Bloqueia_Sites' = '/var/db/squidGuard/Bloqueia_Sites'.
                                            16.06.2014 15:14:51 [sg_create_simple_config] Begin with dbhome='/var/db/squidGuard'.
                                            16.06.2014 15:14:51 [squidguard_rebuild_db] Begin with path '/var/db/squidGuard'.
                                            16.06.2014 15:14:51 [sg_reconfigure_user_db] Add Bloqueia_Sites domains 'terra.com.br globo.com';
                                            16.06.2014 15:14:51 [sg_reconfigure_user_db] Add user entries
                                            16.06.2014 15:14:51 [sg_reconfigure_user_db] Begin with '/var/db/squidGuard'
                                            16.06.2014 15:13:57 [squid_reconfigure] Remove old redirector options from Squid config.
                                            16.06.2014 15:13:57 [sg_reconfigure] Save squidGuard config to '/usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard.conf'.
                                            16.06.2014 15:13:57 [sg_redirector_base_url] Select redirector base url (http://192.168.1.240:80/sgerror.php?url=403%20&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
                                            16.06.2014 15:13:57 [sg_create_config] Add Default
                                            16.06.2014 15:13:57 [sg_create_config] Add ACL's: bloqueado;
                                            16.06.2014 15:13:57 [sg_create_config] Add rewrites: safesearch;
                                            16.06.2014 15:13:57 [sg_create_config] Add destinations: Bloqueia_Sites;
                                            16.06.2014 15:13:57 [sg_create_config] Add sources: bloqueado
                                            16.06.2014 15:13:57 [squidguard_rebuild_db] Start rebuild DB.
                                            16.06.2014 15:13:46 [squidguard_rebuild_db] Create rebuild config '/usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard__usrdbrebuild.conf'.
                                            16.06.2014 15:13:46 [sg_redirector_base_url] Select redirector base url (http://192.168.1.240:80/sgerror.php?url=403%20404&a=%a&n=%n&;i=%i&s=%s&t=%t&u=%u)
                                            16.06.2014 15:13:46 [sg_create_simple_config] Added item 'Bloqueia_Sites' = '/var/db/squidGuard/Bloqueia_Sites'.
                                            16.06.2014 15:13:46 [sg_create_simple_config] Begin with dbhome='/var/db/squidGuard'.
                                            16.06.2014 15:13:46 [squidguard_rebuild_db] Begin with path '/var/db/squidGuard'.
                                            16.06.2014 15:13:45 [sg_reconfigure_user_db] Add Bloqueia_Sites domains 'terra.com.br globo.com';

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.