SquidGurad service stop issue

sjain

It is possible to install squid3 3.1.20 pkg 2.1.2 and squidGuard-squid3 1.4_4 pkg v.1.9.6 in pfsense 2.2

Thanks,
Sjain

KOM

Nope. The packages are specific to the base version.

sjain

Thanks I have move in pfsense 2.1.5 version and it is working fine

appreciate of your help :)

I have two issue

1. I am not able to block the facebook already enable the socialnet in blocking categories and user able to access the facebook
(Screenshot Attached- File name Blocking_Categoried_1 & Blocking_Categoried_2)

So please help me how i can block the facebook and other https websites.

2. second issue related Blocking message. I want the customized the blocking message.
(Screenshot attached- File Name blocking_Messages_Screen_Shot)

So please help me how i can customized the blocking message.

Thanks,
Sjain

sjain

Thanks I have move in pfsense 2.1.5 version and it is working fine

appreciate of your help :)

I have two issue

1. I am not able to block the facebook already enable the socialnet in blocking categories and user able to access the facebook
(Screenshot Attached- File name Blocking_Categoried_1 & Blocking_Categoried_2)

So please help me how i can block the facebook and other https websites.

2. second issue related Blocking message. I want the customized the blocking message.
(Screenshot attached- File Name blocking_Messages_Screen_Shot)

So please help me how i can customized the blocking message.

Thanks,
Sjain

Blocking_Categoried_1.JPG_thumb

Blocking_Categoried_2.JPG_thumb

blocking_Messages_Screen_Shot.JPG_thumb

KOM

1. Blocking of Facebook works for me using the Socialnet category. Are you running in explicit mode or transparent mode?

2. Read this -> https://forum.pfsense.org/index.php?topic=93097.0

sjain

1. I am running Squid as a Transparent mode (Configuration Screen shot attached)

2. How i can access the sgerror.php and pfsense directory /usr/local/www/, Please guide me….

3. One more query that I am giving the internet access on user mobile & laptop also, so please guide how i can configure the mac address filter in pfsense. ( I don't want configure the mac filter in wifi Access point).

Thanks,
Sjain

Squid_Transparent_Mode_1.JPG_thumb

Squid_Transparent_Mode_2.JPG_thumb

Squid_Transparent_Mode_3.JPG_thumb

KOM

2. How i can access the sgerror.php and pfsense directory /usr/local/www/, Please guide me

Either Enable Secure Shell in System - Advanced - Admin Access - Secure Shell and then use SCP to copy files over or install the File Manager package and use that to copy files to & from.

killmasta93

facebook will be only block http not https unless you run explicit mode which then you need to configure WPAD.

KOM

facebook will be only block http not https unless you run explicit mode which then you need to configure WPAD.

You can block HTTPS in Transparent mode, but you need to install a pfSense server certificate on every client that will use the proxy, which is a massive pain in the ass.

sjain

Hi Kom,

As per your steps I am trying to access the scp but it is giving the error (screen shot attached).

Kindly suggest..

Thanks,
Sjain

scp_error.JPG_thumb

KOM

Assuming WinSCP, you have the File Protocol set to SCP and not SFTP?

sjain

I have choose scp.(screen shot attached).

Thanks,
Sjain

screenshot_scp.JPG_thumb

KOM

Sorry, I forgot that the pfSense startup menu confuses WinSCP login.

Just install the File Manager package and do it that way with a web interface.

sjain

As per your steps I have installed the file Manager in pfsense and you have provide the link for the changing the block message https://forum.pfsense.org/index.php?topic=93097.0

but I have tried to find out the file sgerror.php and pfsense directory in /usr/local/www, i can't find out

(Screen Shot attached)

So please can you tell me the current location of pfsense directory and file sgerror.php in pfsense 2.1.5

Thanks,
Sjain

screenshot_1.JPG_thumb

screenshot_2.JPG_thumb

sjain

Hi KOM,

I am using the pfsense with squid & squidguard in my company to give the access internet in users mobiles.

It is not possible to install the pfSense server certificate in all users mobiles so please can you give other option to block the https websites.

Thanks,
Sjain

KOM

You were in the right place, but you need to use your mouse wheel or the scroll button to go down the list past the folders to the files. It's in alphabetical order, with folders listed first and then files, sort of like how every computer in the world shows folders and files. This is basic computer stuff. If you don't know your way around a file system then I'm not sure how you think you're going to configure a routing firewall with proxy support.

If you want to avoid installing certs, use squid in explicit mode and then configure WPAD to allow your clients to auto-detect the proxy.

killmasta93

You can block HTTPS in Transparent mode, but you need to install a pfSense server certificate on every client that will use the proxy, which is a massive pain in the ass.

haha i love that "pain in the ass" so true ;D

Also @sjain WPAD will work but there's some androids that wont work. As chris4916 pointed out to me that you would need Drony to install on the androids, which may not work in your situation. Tell you truth if you don't mind just showing a blank error page on block sites use pfBlockerNG it gets the job done maybe not as neat but usually people enter www.facebook.com it comes up at HTTP (which squidGuard will show the nice blocked page) but if they Google search Facebook it comes up at HTTPS pfBlockerNG will not let it connect.