Installing SquidGuard 1.14_4 pfsense 2.3.2(amd64)
-
All of your ALL IP rules are useless since that traffic is handled by the Default Allow LAN to Any rule at the bottom. Get rid of all of those rules and then your users will not be able to go around the proxy.
-
Hi KOM,
What do you mean by rid?
you mean the default allow LAN to any rule will be transfer to top above the pfblocker?
thanks,
papartsharngan
-
Please, avoid multiposts. https://forum.pfsense.org/index.php?topic=124567.0
Additionally, both posted in wrong forum. :(
-
What do you mean by rid?
rid = delete
you mean the default allow LAN to any rule will be transfer to top above the pfblocker?
No. I didn't say anything about the pfBlocker rules. I said delete all of your user rules contained within the ALL IP section because their functionality is already handled by the Default Allow rule.
-
Hi KOM,
1 Last question here..
No. I didn't say anything about the pfBlocker rules. I said delete all of your user rules contained within the ALL IP section because their functionality is already handled by the Default Allow rule.
What if i will disabled the Default allow LAN to any rule?..is it ok?…
because i cant't delete the ALL IP it is because in there i can adjust there bandwithd and other options in rules.
thanks,
papartsharingan
-
What if i will disabled the Default allow LAN to any rule?..is it ok?…
If you do that then nothing on your network will have Internet access except for those users under ALL IP.
because i cant't delete the ALL IP it is because in there i can adjust there bandwithd and other options in rules.
There are better ways to use traffic shaping or limiters to manage bandwidth. Having a hard cap per user usually isn't optimal as bandwidth above the cap doesn't get used.
-
Hi KOM,
If you do that then nothing on your network will have Internet access except for those users under ALL IP.
This is what i want..
thanks KOM
papartsharingan
-
There are better ways to use traffic shaping or limiters to manage bandwidth. Having a hard cap per user usually isn't optimal as bandwidth above the cap doesn't get used.
I don't have any config on that
-
Then head on over to the Traffic Shaping forum and start asking questions.
-
Thanks KOM
-
It seems the old known problem ( http://https* ) is still present on version 2.3.4
Also, for some reason, when using HTTPS for pfsense console, Squidguard is not redirecting the error page for Https, but http.
Still investigatin it here…
