(CLOSED) PROBLEMS WITH PROXY SETTINGS

Greetings, I hope someone can give me a help'm setting the transparent proxy, I installed the squidguard to the filter, so I activated as well as the Blacklist and option to download the url (img 1); Likewise I created in Groups ACL a group called admin which you place the address range comprising the group and the target rules block the porn category (img 2) followed that also believes in Times the access schedule for the group and then relates (img 3).

But to do a test first saw that the client computer has the ip intended in the range that was placed after tried before the start time to see who would not give me access but still allowed me to navigate, wait until the start time and I went back to try and just as it allowed me to navigate but also for the category "porn" despite being under the blacklist to deny what

I made a last test and Proxy Server - ACLs on the option "Blacklist" manually place the block addresses (img 4) and thus if blocking all content. What could be wrong? I hope someone can give me a help from already thank you very much.

KOM

For future reference, questions about packages like Squid & SquidGuard should be put in the Packages forum.

Are any of these sites that you are trying to block HTTPS? You said you are running Squid in transparent mode. Do you have it setup to filter HTTPS? If you remove the Time setting, does it block correctly?

thanks for you response but i try only block http in the category porn, i create a new rule in Proxy filter SquidGuard – Groups ACL and there i create a new rule "tst" is the name, in client (source) the ip of my client win xp, in "Target rules" i marked the category "porn"and also the option "Do not allow IP-Addresses in URL". i Try access to page porn in my machine win xp but dont block the page. plase help me.

KOM

It sounds like you have done everything correctly. However, when you make changes to SquidGuard, I believe that you must go back to the first tab and click the Apply button. Just clicking Save by itself is not enough to make your changes take effect. I have been caught by this myself more than once.

Hi, i press the buttom Aplply and late Save in General Setting but not block the pages.

KOM

Have you checked with Shalla that the domain that you want to be blocked is actually on their list? Have you managed to get SquidGuard to filter anything at all, such as blocking news and then going to cnn.com?

i try block the category "[blk_BL_news]" in the two sections – Target Categories / Target Categories for off-time (If 'Time' not defined, this is column will be ignored.) even try to deny it! all [! all]

you can tell me what steps you perform to make this work?

--MySelf-- 0

I am VERY new at this. But as I looked at your screen captures I started to wonder if you completely setup the blacklist.

I saw that you added the blacklist under Services => Proxy Filter => General Settings => Blacklist Options => Blacklist URL.

Did you also click on the Services => Proxy Filter => Blacklist tab and download the Blacklist? If you didn't, you should, and wait until you see "Blacklist update complete."

Then click on the "Common ACL" tab. You will see a white arrow in a green box just after the words, "Target Rules List (click here)". In the list that appears locate "[blk_BL_porn]" and set it to "deny". (You can set others later if you wish, this is just a test.) At the bottom of the list set "Default access [all]" to allow (if it is not already).

Scroll to the bottom of the page and click on [Save], then on the "General Settings" tab and click on "Apply".

Is porn blocked now? Can you still get to non-porn sites?

KOM

Did you also click on the Services => Proxy Filter => Blacklist tab and download the Blacklist?

I don't think he would see any Target Categories if he didn't already download the list.

Looking at the screenshot, you have a Time of 19:45-20:00 with a 5 minute window. If you link that time to your rules then the rules will only be in effect for that timeframe. Are you testing between 19:45 and 20:00? Remove the time setting and then try your rules again just to verify that they are working.

Thanks KOM, I removed the option of time and I'm doing just with blocking blacklist, you can tell me if is right that only configure in General active the squidguard and the url of shalla and tab group ACL i create a new group specifying the ip and select the category to block? can you tell me what steps you perform ru for this to work?

--MySelf-- 0

I thought so too, but I seem to have gotten a little lost as started writing my reply - it has been a long day for me.

I do find it interesting that we can see the Target Rules in 2.png but then he added what he wanted to block under Squid Access Control Lists => "Blacklist"

What I did not see (or missed) was his setting "[blk_BL_porn]" to "deny" as a test to block porn (which 4.png seems to indicate he would like to block).

Also, if memory serves, he doesn't mention Proxy Server:Antivirus. It seems to me I experienced several headaches until I went there and made the recommended changes. (Click [Save], do what the red messages at the top told me to do, click [Save] again. Oh! and ran freshclam from the command line.)

KOM

Klaus, you pretty much have it right. Did you test without a schedule linked to your rules? Does it block properly if you make your changes to Common ACL instead of a Group?

hi today i configure one ip for win xp, squid active and in the "Proxy filter SquidGuard: Common Access Control List (ACL)" and select the category "porn & news" then when i try access in url cnn.com now block:

Request denied by pfSense proxy: 403 Forbidden

Reason:
Client address: 192.168.128.3
Client group: default
Target group: blk_BL_news
URL: http://www.cnn.com/

But if i put the url depor.pe appears in the bar appear me this

https://172.16.1.1/sgerror.php?url=403%20&a=172.16.1.3&n=&i=&s=default&t=none&u=http://depor.pe/

and …

Request denied by pfSense proxy: 403 Forbidden

Reason:
Client address: 172.16.1.3
Client group: default
Target group: none
URL: http://depor.pe/

But if i access to google.com this ok and i write the word google and select google.com this ok. Why is this?

KOM

You are saying that it is blocking depor.pe and you don't know why? Perhaps this site is in the News category of the blacklist you are using? Which blacklist are you using anyway? Shallalist or some other one?

This block all but if i navigate with browser in google and enter a depor, this page enter.

Well, i re-install the pfsense in version 2.2 and now is all ok. Thanks for all.

ptt

@ klausneil

If/when you want to "close" a"Topic/Thread" that you've started, use the "Lock Topic" Button (at Bottom Left side) ;)

Cerrar_tema.png_thumb