Filtering confusion
-
i checked quite a decent amount of tutos and never can get SquidGuard running and I do not see any log where i can see what is going on :'(
edit: I also tried squid3 -
Is there any way you can run x64 instead of i386? I haven't played much with the 32-bit stuff as it's going EOL soon enough.
-
unfortunately no i cannot :( hardware limitation
-
Well, I would install Squid3 and get that working first. Then move to SquidGuard.
-
@KOM:
Well, I would install Squid3 and get that working first. Then move to SquidGuard.
I get squid 3 running no problem but the SquidGuqrd never starts
Is there any screenshot or log I can show you to help you pinpoint the issue ?here is an example of logs:
21.02.2015 21:49:23 squidGuard stopped (1424573363.735)
21.02.2015 21:49:23 db update done
21.02.2015 21:49:23 squidGuard 1.4 started (1424573301.973)
21.02.2015 21:47:32 squidGuard stopped (1424573252.961)
21.02.2015 21:47:32 db update done
21.02.2015 21:47:32 squidGuard 1.4 started (1424573252.960)
21.02.2015 21:46:41 squidGuard stopped (1424573201.525)
21.02.2015 21:46:41 db update done
21.02.2015 21:46:41 squidGuard 1.4 started (1424573201.523)
21.02.2015 21:45:53 squidGuard stopped (1424573153.959)Squid is running, I can see entries populating in the proxy monitor section
-
From what I understand, with the new SquidGuard it can appear to be in a stopped state when there is nothing for it to do. Have you tested the blocking functionality?
-
@KOM:
From what I understand, with the new SquidGuard it can appear to be in a stopped state when there is nothing for it to do. Have you tested the blocking functionality?
I loaded the blacklist from shallalist.tar.gz and created one custom target category with the facebook and amazon keyword
also Denied the Social ACLStill I am able to fully able browse those sites :(
-
Are you running Squid in standard or transparent mode? If standard, do you have ports 80 and 443 blocked on LAN? What is your browser set to for proxy config? Your browser may be going straight out the firewall instead of via Squid.
-
I am using the transparent mode.
My understanding was i do not need to set up the proxy on my browser with that mode.( i would like to avoid to ahve to configure a prxy on each devices) -
The problem with transparent mode is that you can't effectively filter HTTPS sites without installing a trusted cert on every client. Better to use WPAD to allow your clients to dynamically locate and use the proxy. You can filter HTTPS without triggering Man in the Middle warnings. Details here:
You can even use pfSense to host the wpad.dat file as long as you have WebGUI running in HTTP mode and not HTTPS.
-
thx i ll give it a try