SQUID - Horário do log / bloqueios
-
Prezados,
Bom dia!
Na última semana tive problemas no meu PFSense e tive que começar do ZERO.
Fiz os procedimentos conforme minhas anotações e dicas que já havia recolhido aqui no fórum e outros how to, antes meu controle de acesso era feito por regras no firewall e no SQUID, porém desde que que subi o SQUID + SQUIDGUARD, observei que o horário dos logs apresentados não são compativeis com o horário do servidor/client (Print3).
A configuração do NTP (Print1) e a visualização no dashboard estão corretas (print2).
2.3.2-RELEASE (amd64) built on Tue Jul 19 12:44:43 CDT 2016 FreeBSD 10.3-RELEASE-p5
Proxy TransparenteLog do Squid
1488484774.671 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 40.117.145.132:443 - HIER_NONE/- - 1488484774.671 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 40.117.145.132:443 - HIER_NONE/- - 1488484774.728 79 192.168.1.44 TCP_DENIED/200 0 CONNECT 40.77.228.69:443 - HIER_NONE/- - 1488484774.782 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 40.77.228.69:443 - HIER_NONE/- - 1488484774.815 166 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484774.815 166 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484775.613 0 192.168.1.42 TCP_DENIED/200 0 CONNECT 104.209.188.76:443 - HIER_NONE/- - 1488484776.868 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 40.77.228.69:443 - HIER_NONE/- - 1488484776.905 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 40.77.228.69:443 - HIER_NONE/- - 1488484778.855 185 192.168.1.24 TCP_DENIED/200 0 CONNECT 72.247.3.30:443 - HIER_NONE/- - 1488484778.956 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 40.77.228.69:443 - HIER_NONE/- - 1488484778.977 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 40.77.228.69:443 - HIER_NONE/- - 1488484779.402 214 192.168.1.44 TCP_DENIED/200 0 CONNECT 64.4.54.18:443 - HIER_NONE/- - 1488484779.464 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 64.4.54.18:443 - HIER_NONE/- - 1488484779.669 0 192.168.1.24 TCP_DENIED/200 0 CONNECT 72.247.3.30:443 - HIER_NONE/- - 1488484780.835 213 192.168.1.44 TCP_DENIED/200 0 CONNECT 65.55.252.202:443 - HIER_NONE/- - 1488484781.011 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 65.55.252.202:443 - HIER_NONE/- - 1488484781.307 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484781.309 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484781.310 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484781.312 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484781.313 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484781.494 0 192.168.1.24 TCP_DENIED/200 0 CONNECT 72.247.3.30:443 - HIER_NONE/- - 1488484782.308 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484782.310 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484784.319 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 65.55.252.202:443 - HIER_NONE/- - 1488484784.500 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 65.55.252.202:443 - HIER_NONE/- - 1488484784.513 13 192.168.1.49 TCP_DENIED/200 0 CONNECT 216.58.202.238:443 - HIER_NONE/- - 1488484784.661 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 65.55.252.202:443 - HIER_NONE/- - 1488484784.788 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 65.55.252.202:443 - HIER_NONE/- - 1488484784.852 10 192.168.1.24 TCP_DENIED/200 0 CONNECT 191.232.0.27:443 - HIER_NONE/- - 1488484784.877 1 192.168.1.106 TCP_DENIED/200 0 CONNECT 201.17.165.162:443 - HIER_NONE/- - 1488484785.011 0 192.168.1.24 TCP_DENIED/200 0 CONNECT 191.232.0.27:443 - HIER_NONE/- - 1488484785.642 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484785.922 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484785.945 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484786.040 466 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484786.240 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484786.241 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484787.097 904 192.168.1.106 TCP_DENIED/200 0 CONNECT 66.110.49.32:443 - HIER_NONE/- - 1488484787.399 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484788.628 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 216.58.202.238:443 - HIER_NONE/- - 1488484789.209 0 192.168.1.106 TCP_DENIED/200 0 CONNECT 66.110.49.22:443 - HIER_NONE/- - 1488484789.682 1 192.168.1.46 TCP_DENIED/200 0 CONNECT 201.17.165.182:443 - HIER_NONE/- - 1488484789.988 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484791.563 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484791.864 1 192.168.1.49 TCP_DENIED/200 0 CONNECT 65.55.44.108:443 - HIER_NONE/- - 1488484791.878 0 192.168.1.49 TCP_DENIED/200 0 CONNECT 64.4.54.254:443 - HIER_NONE/- - 1488484791.948 0 192.168.1.49 TCP_DENIED/200 0 CONNECT 65.55.44.108:443 - HIER_NONE/- - 1488484791.992 0 192.168.1.49 TCP_DENIED/200 0 CONNECT 65.55.44.108:443 - HIER_NONE/- - 1488484792.024 0 192.168.1.49 TCP_DENIED/200 0 CONNECT 65.55.44.108:443 - HIER_NONE/- - 1488484792.072 0 192.168.1.49 TCP_DENIED/200 0 CONNECT 65.55.44.108:443 - HIER_NONE/- - 1488484795.616 0 192.168.1.49 TCP_DENIED/200 0 CONNECT 216.58.202.238:443 - HIER_NONE/- - 1488484796.028 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484796.828 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 201.17.165.162:443 - HIER_NONE/- - 1488484800.702 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484800.818 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484801.158 1 192.168.1.42 TCP_DENIED/200 0 CONNECT 185.85.13.155:443 - HIER_NONE/- - 1488484801.948 1 192.168.1.106 TCP_DENIED/200 0 CONNECT 38.113.165.101:443 - HIER_NONE/- - 1488484802.199 1 192.168.1.106 TCP_DENIED/200 0 CONNECT 38.113.165.113:443 - HIER_NONE/- - 1488484802.224 1 192.168.1.106 TCP_DENIED/200 0 CONNECT 66.110.49.36:443 - HIER_NONE/- - 1488484802.247 1 192.168.1.106 TCP_DENIED/200 0 CONNECT 38.113.165.110:443 - HIER_NONE/- - 1488484802.267 0 192.168.1.106 TCP_DENIED/200 0 CONNECT 38.113.165.68:443 - HIER_NONE/- - 1488484803.496 1 192.168.1.24 TCP_DENIED/200 0 CONNECT 66.110.49.18:443 - HIER_NONE/- - 1488484804.340 1 192.168.1.24 TCP_DENIED/200 0 CONNECT 13.107.3.128:443 - HIER_NONE/- - 1488484804.342 1 192.168.1.24 TCP_DENIED/200 0 CONNECT 13.107.5.88:443 - HIER_NONE/- - 1488484804.845 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484805.371 207 192.168.1.24 TCP_DENIED/403 4075 GET http://dnl-00.geo.kaspersky.com/updates/kdb/i386/diffs/baseb.mft.i9a - HIER_NONE/- text/html 1488484805.378 1 192.168.1.24 TCP_DENIED/403 4043 GET http://dnl-00.geo.kaspersky.com/updates/kdb/i386/baseb.mft - HIER_NONE/- text/html 1488484809.559 0 192.168.1.24 TCP_DENIED/200 0 CONNECT 64.4.54.98:443 - HIER_NONE/- - 1488484810.076 0 192.168.1.24 TCP_DENIED/200 0 CONNECT 72.247.3.30:443 - HIER_NONE/- - 1488484811.294 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484811.324 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484811.326 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484811.341 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484811.342 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484811.344 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484812.245 209 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-19.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484812.250 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-19.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484812.255 0 192.168.1.24 TCP_DENIED/403 4009 GET http://dnl-19.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484812.325 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484812.326 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484813.115 0 192.168.1.24 TCP_DENIED/200 0 CONNECT 72.247.3.30:443 - HIER_NONE/- - 1488484813.633 199 192.168.1.44 TCP_DENIED/200 0 CONNECT 108.160.172.236:443 - HIER_NONE/- - 1488484813.728 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 108.160.172.236:443 - HIER_NONE/- - 1488484815.367 184 192.168.1.49 TCP_DENIED/200 0 CONNECT 201.17.165.153:443 - HIER_NONE/- - 1488484815.666 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484815.982 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484815.983 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484816.516 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-14.geo.kaspersky.com/updaters/updater.xml.dif - HIER_NONE/- text/html 1488484816.519 0 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-14.geo.kaspersky.com/updaters/updater.xml.klz - HIER_NONE/- text/html 1488484816.523 0 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-14.geo.kaspersky.com/updaters/updater.xml - HIER_NONE/- text/html 1488484816.574 134 192.168.1.49 TCP_DENIED/200 0 CONNECT 192.16.48.200:443 - HIER_NONE/- - 1488484816.821 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484816.934 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484816.941 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-16.geo.kaspersky.com/updaters/updater.xml.dif - HIER_NONE/- text/html 1488484816.945 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-16.geo.kaspersky.com/updaters/updater.xml.klz - HIER_NONE/- text/html 1488484816.949 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-16.geo.kaspersky.com/updaters/updater.xml - HIER_NONE/- text/html 1488484817.008 0 192.168.1.49 TCP_DENIED/200 0 CONNECT 64.4.54.98:443 - HIER_NONE/- - 1488484817.720 0 192.168.1.49 TCP_DENIED/200 0 CONNECT 72.247.3.30:443 - HIER_NONE/- - 1488484817.967 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-19.geo.kaspersky.com/updaters/updater.xml.dif - HIER_NONE/- text/html 1488484817.971 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-19.geo.kaspersky.com/updaters/updater.xml.klz - HIER_NONE/- text/html 1488484817.974 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-19.geo.kaspersky.com/updaters/updater.xml - HIER_NONE/- text/html 1488484818.229 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-06.geo.kaspersky.com/updaters/updater.xml.dif - HIER_NONE/- text/html 1488484818.233 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-06.geo.kaspersky.com/updaters/updater.xml.klz - HIER_NONE/- text/html 1488484818.236 0 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-06.geo.kaspersky.com/updaters/updater.xml - HIER_NONE/- text/html 1488484818.459 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-08.geo.kaspersky.com/updaters/updater.xml.dif - HIER_NONE/- text/html 1488484818.463 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-08.geo.kaspersky.com/updaters/updater.xml.klz - HIER_NONE/- text/html 1488484818.466 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-08.geo.kaspersky.com/updaters/updater.xml - HIER_NONE/- text/html 1488484818.677 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-12.geo.kaspersky.com/updaters/updater.xml.dif - HIER_NONE/- text/html 1488484818.681 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-12.geo.kaspersky.com/updaters/updater.xml.klz - HIER_NONE/- text/html 1488484818.687 0 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-12.geo.kaspersky.com/updaters/updater.xml - HIER_NONE/- text/html 1488484818.709 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-18.geo.kaspersky.com/updaters/updater.xml.dif - HIER_NONE/- text/html 1488484818.714 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-18.geo.kaspersky.com/updaters/updater.xml.klz - HIER_NONE/- text/html 1488484818.719 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-18.geo.kaspersky.com/updaters/updater.xml - HIER_NONE/- text/html 1488484818.784 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 108.160.172.236:443 - HIER_NONE/- - 1488484818.800 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 108.160.172.236:443 - HIER_NONE/- - 1488484818.887 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 216.58.202.238:443 - HIER_NONE/- - 1488484818.954 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-11.geo.kaspersky.com/updaters/updater.xml.dif - HIER_NONE/- text/html 1488484818.958 0 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-11.geo.kaspersky.com/updaters/updater.xml.klz - HIER_NONE/- text/html 1488484818.961 0 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-11.geo.kaspersky.com/updaters/updater.xml - HIER_NONE/- text/html 1488484819.019 232 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-02.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484819.024 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-02.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484819.029 1 192.168.1.24 TCP_DENIED/403 4009 GET http://dnl-02.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484819.150 2 192.168.1.44 TCP_DENIED/200 0 CONNECT 107.23.92.178:443 - HIER_NONE/- - 1488484819.164 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 38.99.185.100:443 - HIER_NONE/- - 1488484819.232 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-03.geo.kaspersky.com/updaters/updater.xml.dif - HIER_NONE/- text/html 1488484819.238 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-03.geo.kaspersky.com/updaters/updater.xml.klz - HIER_NONE/- text/html 1488484819.243 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-03.geo.kaspersky.com/updaters/updater.xml - HIER_NONE/- text/html 1488484819.252 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 107.23.92.178:443 - HIER_NONE/- - 1488484819.271 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 107.23.92.178:443 - HIER_NONE/- - 1488484819.306 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 107.23.92.178:443 - HIER_NONE/- - 1488484819.337 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 107.23.92.178:443 - HIER_NONE/- - 1488484819.370 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 107.23.92.178:443 - HIER_NONE/- - 1488484819.412 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 107.23.92.178:443 - HIER_NONE/- - 1488484819.446 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 107.23.92.178:443 - HIER_NONE/- - 1488484819.482 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 107.23.92.178:443 - HIER_NONE/- - 1488484819.516 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 107.23.92.178:443 - HIER_NONE/- - 1488484819.549 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 107.23.92.178:443 - HIER_NONE/- - 1488484819.584 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 107.23.92.178:443 - HIER_NONE/- - 1488484819.616 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 107.23.92.178:443 - HIER_NONE/- - 1488484819.649 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 107.23.92.178:443 - HIER_NONE/- - 1488484819.682 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 107.23.92.178:443 - HIER_NONE/- - 1488484819.713 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 107.23.92.178:443 - HIER_NONE/- - 1488484819.744 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 107.23.92.178:443 - HIER_NONE/- - 1488484819.777 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 107.23.92.178:443 - HIER_NONE/- - 1488484819.787 201 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-10.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484819.787 36 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-10.geo.kaspersky.com/updaters/updater.xml.dif - HIER_NONE/- text/html 1488484819.791 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-10.geo.kaspersky.com/updaters/updater.xml.klz - HIER_NONE/- text/html 1488484819.793 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-10.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484819.795 0 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-10.geo.kaspersky.com/updaters/updater.xml - HIER_NONE/- text/html 1488484819.798 1 192.168.1.24 TCP_DENIED/403 4009 GET http://dnl-10.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484819.809 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 107.23.92.178:443 - HIER_NONE/- - 1488484819.814 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484819.841 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 107.23.92.178:443 - HIER_NONE/- - 1488484819.872 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 107.23.92.178:443 - HIER_NONE/- - 1488484819.905 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 107.23.92.178:443 - HIER_NONE/- - 1488484819.945 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 107.23.92.178:443 - HIER_NONE/- - 1488484819.989 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484820.033 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-04.geo.kaspersky.com/updaters/updater.xml.dif - HIER_NONE/- text/html 1488484820.038 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-04.geo.kaspersky.com/updaters/updater.xml.klz - HIER_NONE/- text/html 1488484820.043 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-04.geo.kaspersky.com/updaters/updater.xml - HIER_NONE/- text/html 1488484820.099 1 192.168.1.24 TCP_DENIED/200 0 CONNECT 66.110.49.42:443 - HIER_NONE/- - 1488484820.237 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-17.geo.kaspersky.com/updaters/updater.xml.dif - HIER_NONE/- text/html 1488484820.242 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-17.geo.kaspersky.com/updaters/updater.xml.klz - HIER_NONE/- text/html 1488484820.248 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-17.geo.kaspersky.com/updaters/updater.xml - HIER_NONE/- text/html 1488484820.409 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-07.geo.kaspersky.com/updaters/updater.xml.dif - HIER_NONE/- text/html 1488484820.413 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-07.geo.kaspersky.com/updaters/updater.xml.klz - HIER_NONE/- text/html 1488484820.416 0 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-07.geo.kaspersky.com/updaters/updater.xml - HIER_NONE/- text/html 1488484820.437 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-02.geo.kaspersky.com/updaters/updater.xml.dif - HIER_NONE/- text/html 1488484820.441 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-02.geo.kaspersky.com/updaters/updater.xml.klz - HIER_NONE/- text/html 1488484820.444 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-02.geo.kaspersky.com/updaters/updater.xml - HIER_NONE/- text/html 1488484820.497 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 38.99.185.100:443 - HIER_NONE/- - 1488484820.569 235 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-15.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484820.574 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-15.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484820.580 1 192.168.1.24 TCP_DENIED/403 4009 GET http://dnl-15.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484820.610 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-01.geo.kaspersky.com/updaters/updater.xml.dif - HIER_NONE/- text/html 1488484820.615 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-01.geo.kaspersky.com/updaters/updater.xml.klz - HIER_NONE/- text/html 1488484820.620 0 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-01.geo.kaspersky.com/updaters/updater.xml - HIER_NONE/- text/html 1488484820.661 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-00.geo.kaspersky.com/updaters/updater.xml.dif - HIER_NONE/- text/html 1488484820.665 0 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-00.geo.kaspersky.com/updaters/updater.xml.klz - HIER_NONE/- text/html 1488484820.670 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-00.geo.kaspersky.com/updaters/updater.xml - HIER_NONE/- text/html 1488484820.764 0 192.168.1.49 TCP_DENIED/200 0 CONNECT 72.247.3.30:443 - HIER_NONE/- - 1488484820.894 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-09.geo.kaspersky.com/updaters/updater.xml.dif - HIER_NONE/- text/html 1488484820.898 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-09.geo.kaspersky.com/updaters/updater.xml.klz - HIER_NONE/- text/html 1488484820.901 0 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-09.geo.kaspersky.com/updaters/updater.xml - HIER_NONE/- text/html 1488484820.964 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-15.geo.kaspersky.com/updaters/updater.xml.dif - HIER_NONE/- text/html 1488484820.967 0 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-15.geo.kaspersky.com/updaters/updater.xml.klz - HIER_NONE/- text/html 1488484820.970 0 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-15.geo.kaspersky.com/updaters/updater.xml - HIER_NONE/- text/html 1488484821.109 0 192.168.1.49 TCP_DENIED/200 0 CONNECT 72.247.3.30:443 - HIER_NONE/- - 1488484821.147 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-09.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484821.163 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-09.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484821.170 1 192.168.1.24 TCP_DENIED/403 4009 GET http://dnl-09.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484821.191 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-05.geo.kaspersky.com/updaters/updater.xml.dif - HIER_NONE/- text/html 1488484821.194 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-05.geo.kaspersky.com/updaters/updater.xml.klz - HIER_NONE/- text/html 1488484821.198 0 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-05.geo.kaspersky.com/updaters/updater.xml - HIER_NONE/- text/html 1488484821.359 1 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-13.geo.kaspersky.com/updaters/updater.xml.dif - HIER_NONE/- text/html 1488484821.367 0 192.168.1.20 TCP_DENIED/403 4033 GET http://dnl-13.geo.kaspersky.com/updaters/updater.xml.klz - HIER_NONE/- text/html 1488484821.370 0 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-13.geo.kaspersky.com/updaters/updater.xml - HIER_NONE/- text/html 1488484821.726 213 192.168.1.49 TCP_DENIED/200 0 CONNECT 40.77.226.224:443 - HIER_NONE/- - 1488484821.760 1 192.168.1.20 TCP_DENIED/403 4048 GET http://downloads0.kaspersky-labs.com/updaters/updater.xml.dif - HIER_NONE/- text/html 1488484821.765 1 192.168.1.20 TCP_DENIED/403 4048 GET http://downloads0.kaspersky-labs.com/updaters/updater.xml.klz - HIER_NONE/- text/html 1488484821.771 1 192.168.1.20 TCP_DENIED/403 4036 GET http://downloads0.kaspersky-labs.com/updaters/updater.xml - HIER_NONE/- text/html 1488484821.816 0 192.168.1.49 TCP_DENIED/200 0 CONNECT 72.247.3.30:443 - HIER_NONE/- - 1488484821.916 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-03.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484821.920 0 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-03.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484821.923 1 192.168.1.20 TCP_DENIED/403 4009 GET http://dnl-03.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484821.937 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-07.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484821.941 0 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-07.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484821.944 0 192.168.1.20 TCP_DENIED/403 4009 GET http://dnl-07.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484821.958 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-10.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484821.962 0 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-10.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484821.965 1 192.168.1.20 TCP_DENIED/403 4009 GET http://dnl-10.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484821.979 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-09.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484821.983 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-09.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484821.986 0 192.168.1.20 TCP_DENIED/403 4009 GET http://dnl-09.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484822.103 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-08.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484822.107 0 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-08.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484822.110 0 192.168.1.20 TCP_DENIED/403 4009 GET http://dnl-08.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484822.124 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-15.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484822.128 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-15.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484822.131 0 192.168.1.20 TCP_DENIED/403 4009 GET http://dnl-15.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484822.145 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-06.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484822.148 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-06.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484822.152 0 192.168.1.20 TCP_DENIED/403 4009 GET http://dnl-06.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484822.165 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-04.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484822.169 0 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-04.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484822.172 1 192.168.1.20 TCP_DENIED/403 4009 GET http://dnl-04.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484822.172 0 192.168.1.24 TCP_DENIED/200 0 CONNECT 72.247.3.30:443 - HIER_NONE/- - 1488484822.205 0 192.168.1.24 TCP_DENIED/200 0 CONNECT 66.110.49.42:443 - HIER_NONE/- - 1488484822.211 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-16.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484822.215 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-16.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484822.219 1 192.168.1.20 TCP_DENIED/403 4009 GET http://dnl-16.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484822.257 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-05.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484822.263 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-05.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484822.268 0 192.168.1.20 TCP_DENIED/403 4009 GET http://dnl-05.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484822.288 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-12.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484822.296 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-12.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484822.301 1 192.168.1.20 TCP_DENIED/403 4009 GET http://dnl-12.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484822.325 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-18.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484822.330 0 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-18.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484822.335 0 192.168.1.20 TCP_DENIED/403 4009 GET http://dnl-18.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484822.356 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-17.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484822.362 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-17.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484822.367 1 192.168.1.20 TCP_DENIED/403 4009 GET http://dnl-17.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484822.386 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-19.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484822.389 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-19.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484822.395 0 192.168.1.20 TCP_DENIED/403 4009 GET http://dnl-19.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484822.416 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-00.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484822.420 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-00.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484822.426 0 192.168.1.20 TCP_DENIED/403 4009 GET http://dnl-00.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484822.686 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-02.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484822.690 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-02.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484822.694 1 192.168.1.20 TCP_DENIED/403 4009 GET http://dnl-02.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484822.707 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-13.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484822.711 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-13.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484822.714 0 192.168.1.20 TCP_DENIED/403 4009 GET http://dnl-13.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484822.729 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-14.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484822.732 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-14.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484822.736 1 192.168.1.20 TCP_DENIED/403 4009 GET http://dnl-14.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484822.756 1 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-01.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484822.759 0 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-01.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484822.763 0 192.168.1.20 TCP_DENIED/403 4009 GET http://dnl-01.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484822.777 0 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-11.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484822.780 0 192.168.1.20 TCP_DENIED/403 4021 GET http://dnl-11.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484822.784 0 192.168.1.20 TCP_DENIED/403 4009 GET http://dnl-11.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484822.816 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 38.99.185.100:443 - HIER_NONE/- - 1488484823.161 1 192.168.1.20 TCP_DENIED/403 4036 GET http://downloads5.kaspersky-labs.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484823.168 1 192.168.1.20 TCP_DENIED/403 4036 GET http://downloads5.kaspersky-labs.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484823.173 1 192.168.1.20 TCP_DENIED/403 4024 GET http://downloads5.kaspersky-labs.com/index/u1313g.xml - HIER_NONE/- text/html 1488484825.660 0 192.168.1.49 TCP_DENIED/200 0 CONNECT 201.17.165.153:443 - HIER_NONE/- - 1488484826.035 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484826.371 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-04.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484826.376 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-04.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484826.381 1 192.168.1.24 TCP_DENIED/403 4009 GET http://dnl-04.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484826.814 0 192.168.1.49 TCP_DENIED/200 0 CONNECT 72.247.3.30:443 - HIER_NONE/- - 1488484826.940 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-14.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484826.945 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-14.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484826.950 1 192.168.1.24 TCP_DENIED/403 4009 GET http://dnl-14.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484827.101 1 192.168.1.44 TCP_DENIED/200 0 CONNECT 201.17.165.168:443 - HIER_NONE/- - 1488484827.414 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 38.99.185.100:443 - HIER_NONE/- - 1488484827.643 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-07.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484827.648 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-07.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484827.654 1 192.168.1.24 TCP_DENIED/403 4009 GET http://dnl-07.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484828.425 158 192.168.1.44 TCP_DENIED/200 0 CONNECT 173.194.212.132:443 - HIER_NONE/- - 1488484828.467 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 173.194.212.132:443 - HIER_NONE/- - 1488484828.695 1 192.168.1.20 TCP_DENIED/200 0 CONNECT 178.79.142.243:443 - HIER_NONE/- - 1488484829.232 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484830.938 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484831.477 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484831.812 1 192.168.1.20 TCP_DENIED/200 0 CONNECT 72.21.91.42:443 - HIER_NONE/- - 1488484831.812 1 192.168.1.20 TCP_DENIED/200 0 CONNECT 72.21.91.42:443 - HIER_NONE/- - 1488484831.947 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484832.008 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 216.58.202.238:443 - HIER_NONE/- - 1488484832.263 318 192.168.1.20 TCP_DENIED/200 0 CONNECT 50.56.166.82:443 - HIER_NONE/- - 1488484833.369 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484834.200 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-13.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484834.206 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-13.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484834.211 1 192.168.1.24 TCP_DENIED/403 4009 GET http://dnl-13.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484834.394 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484834.848 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484836.009 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484837.325 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 50.56.166.82:443 - HIER_NONE/- - 1488484837.326 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 50.56.166.82:443 - HIER_NONE/- - 1488484837.327 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 50.56.166.82:443 - HIER_NONE/- - 1488484837.328 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484837.329 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484837.330 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484837.331 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484837.332 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484837.332 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484837.333 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 72.21.91.42:443 - HIER_NONE/- - 1488484837.334 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 72.21.91.42:443 - HIER_NONE/- - 1488484837.335 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 72.21.91.42:443 - HIER_NONE/- - 1488484837.336 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 72.21.91.42:443 - HIER_NONE/- - 1488484837.337 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 72.21.91.42:443 - HIER_NONE/- - 1488484837.369 1 192.168.1.20 TCP_DENIED/200 0 CONNECT 151.101.92.207:443 - HIER_NONE/- - 1488484837.369 1 192.168.1.20 TCP_DENIED/200 0 CONNECT 151.101.92.207:443 - HIER_NONE/- - 1488484837.397 44 192.168.1.20 TCP_DENIED/200 0 CONNECT 104.20.21.239:443 - HIER_NONE/- - 1488484837.397 44 192.168.1.20 TCP_DENIED/200 0 CONNECT 104.20.21.239:443 - HIER_NONE/- - 1488484837.514 140 192.168.1.20 TCP_DENIED/200 0 CONNECT 52.6.203.138:443 - HIER_NONE/- - 1488484837.514 140 192.168.1.20 TCP_DENIED/200 0 CONNECT 52.6.203.138:443 - HIER_NONE/- - 1488484837.819 347 192.168.1.20 TCP_DENIED/200 0 CONNECT 23.253.121.112:443 - HIER_NONE/- - 1488484837.819 347 192.168.1.20 TCP_DENIED/200 0 CONNECT 23.253.121.112:443 - HIER_NONE/- - 1488484837.819 347 192.168.1.20 TCP_DENIED/200 0 CONNECT 23.253.121.112:443 - HIER_NONE/- - 1488484837.927 582 192.168.1.20 TCP_DENIED/200 0 CONNECT 50.31.164.174:443 - HIER_NONE/- - 1488484837.927 587 192.168.1.20 TCP_DENIED/200 0 CONNECT 50.31.164.174:443 - HIER_NONE/- - 1488484838.320 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 178.79.142.243:443 - HIER_NONE/- - 1488484838.497 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484838.798 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 72.21.91.42:443 - HIER_NONE/- - 1488484838.799 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 72.21.91.42:443 - HIER_NONE/- - 1488484838.885 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 50.56.166.82:443 - HIER_NONE/- - 1488484838.914 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484839.504 0 192.168.1.24 TCP_DENIED/200 0 CONNECT 72.247.3.30:443 - HIER_NONE/- - 1488484839.755 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-01.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484839.759 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-01.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484839.763 1 192.168.1.24 TCP_DENIED/403 4009 GET http://dnl-01.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484840.283 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484840.302 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-08.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484840.312 0 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-08.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484840.321 1 192.168.1.24 TCP_DENIED/403 4009 GET http://dnl-08.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484840.683 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-18.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484840.688 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-18.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484840.693 0 192.168.1.24 TCP_DENIED/403 4009 GET http://dnl-18.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484841.311 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484841.357 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484841.359 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484841.360 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484841.362 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484841.363 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484841.547 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-03.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484841.552 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-03.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484841.557 1 192.168.1.24 TCP_DENIED/403 4009 GET http://dnl-03.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484842.111 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-17.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484842.115 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-17.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484842.120 0 192.168.1.24 TCP_DENIED/403 4009 GET http://dnl-17.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484842.342 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484842.344 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484842.369 154 192.168.1.44 TCP_DENIED/200 0 CONNECT 173.194.215.132:443 - HIER_NONE/- - 1488484842.372 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 178.79.142.243:443 - HIER_NONE/- - 1488484842.479 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-12.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484842.484 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-12.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484842.489 1 192.168.1.24 TCP_DENIED/403 4009 GET http://dnl-12.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484842.532 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484842.596 0 192.168.1.24 TCP_DENIED/200 0 CONNECT 66.110.49.42:443 - HIER_NONE/- - 1488484842.721 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484842.909 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 72.21.91.42:443 - HIER_NONE/- - 1488484842.910 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 72.21.91.42:443 - HIER_NONE/- - 1488484843.051 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-06.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484843.055 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-06.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484843.060 0 192.168.1.24 TCP_DENIED/403 4009 GET http://dnl-06.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484843.264 521 192.168.1.44 TCP_DENIED/200 0 CONNECT 8.18.25.18:443 - HIER_NONE/- - 1488484843.293 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 13.107.5.88:443 - HIER_NONE/- - 1488484843.298 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 50.56.166.82:443 - HIER_NONE/- - 1488484843.349 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484843.611 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-11.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484843.615 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-11.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484843.620 0 192.168.1.24 TCP_DENIED/403 4009 GET http://dnl-11.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484843.689 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 216.58.202.238:443 - HIER_NONE/- - 1488484844.181 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-16.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484844.186 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-16.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484844.192 1 192.168.1.24 TCP_DENIED/403 4009 GET http://dnl-16.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484844.195 0 192.168.1.49 TCP_DENIED/200 0 CONNECT 72.247.3.30:443 - HIER_NONE/- - 1488484844.942 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484845.225 0 192.168.1.24 TCP_DENIED/200 0 CONNECT 66.110.49.42:443 - HIER_NONE/- - 1488484845.444 0 192.168.1.49 TCP_DENIED/200 0 CONNECT 201.17.165.153:443 - HIER_NONE/- - 1488484845.574 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 50.56.166.82:443 - HIER_NONE/- - 1488484845.575 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 50.56.166.82:443 - HIER_NONE/- - 1488484845.576 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 50.56.166.82:443 - HIER_NONE/- - 1488484845.577 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 23.253.121.112:443 - HIER_NONE/- - 1488484845.578 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 23.253.121.112:443 - HIER_NONE/- - 1488484845.579 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 23.253.121.112:443 - HIER_NONE/- - 1488484845.580 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 50.31.164.174:443 - HIER_NONE/- - 1488484845.581 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 50.31.164.174:443 - HIER_NONE/- - 1488484845.582 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 151.101.92.207:443 - HIER_NONE/- - 1488484845.583 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 151.101.92.207:443 - HIER_NONE/- - 1488484845.584 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484845.585 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484845.586 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484845.586 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484845.587 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484845.588 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 52.6.203.138:443 - HIER_NONE/- - 1488484845.589 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 52.6.203.138:443 - HIER_NONE/- - 1488484845.591 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 52.6.203.138:443 - HIER_NONE/- - 1488484845.593 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 104.20.21.239:443 - HIER_NONE/- - 1488484845.594 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 104.20.21.239:443 - HIER_NONE/- - 1488484845.595 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 72.21.91.42:443 - HIER_NONE/- - 1488484845.595 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 72.21.91.42:443 - HIER_NONE/- - 1488484845.596 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 72.21.91.42:443 - HIER_NONE/- - 1488484845.597 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 72.21.91.42:443 - HIER_NONE/- - 1488484845.597 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 72.21.91.42:443 - HIER_NONE/- - 1488484845.598 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 72.21.91.42:443 - HIER_NONE/- - 1488484845.668 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484845.996 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484845.998 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484846.064 349 192.168.1.20 TCP_DENIED/200 0 CONNECT 52.71.159.20:443 - HIER_NONE/- - 1488484846.064 350 192.168.1.20 TCP_DENIED/200 0 CONNECT 52.71.159.20:443 - HIER_NONE/- - 1488484846.068 353 192.168.1.20 TCP_DENIED/200 0 CONNECT 52.71.159.20:443 - HIER_NONE/- - 1488484846.068 353 192.168.1.20 TCP_DENIED/200 0 CONNECT 52.71.159.20:443 - HIER_NONE/- - 1488484846.120 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-05.geo.kaspersky.com/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484846.130 1 192.168.1.24 TCP_DENIED/403 4021 GET http://dnl-05.geo.kaspersky.com/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484846.135 1 192.168.1.24 TCP_DENIED/403 4009 GET http://dnl-05.geo.kaspersky.com/index/u1313g.xml - HIER_NONE/- text/html 1488484846.569 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 178.79.142.243:443 - HIER_NONE/- - 1488484846.663 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484846.776 606 192.168.1.24 TCP_DENIED/403 3991 GET http://212.73.221.205/index/u1313g.xml.dif - HIER_NONE/- text/html 1488484846.782 0 192.168.1.24 TCP_DENIED/403 3991 GET http://212.73.221.205/index/u1313g.xml.klz - HIER_NONE/- text/html 1488484846.787 0 192.168.1.24 TCP_DENIED/403 3979 GET http://212.73.221.205/index/u1313g.xml - HIER_NONE/- text/html 1488484846.955 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 72.21.91.42:443 - HIER_NONE/- - 1488484846.956 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 72.21.91.42:443 - HIER_NONE/- - 1488484847.002 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 50.56.166.82:443 - HIER_NONE/- - 1488484847.048 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484847.286 150 192.168.1.106 TCP_DENIED/200 0 CONNECT 66.110.49.30:443 - HIER_NONE/- - 1488484847.896 0 192.168.1.24 TCP_DENIED/200 0 CONNECT 66.110.49.42:443 - HIER_NONE/- - 1488484848.052 0 192.168.1.106 TCP_DENIED/200 0 CONNECT 66.110.49.32:443 - HIER_NONE/- - 1488484848.167 0 192.168.1.106 TCP_DENIED/200 0 CONNECT 66.110.49.30:443 - HIER_NONE/- - 1488484848.283 0 192.168.1.106 TCP_DENIED/200 0 CONNECT 66.110.49.32:443 - HIER_NONE/- - 1488484848.397 0 192.168.1.106 TCP_DENIED/200 0 CONNECT 66.110.49.30:443 - HIER_NONE/- - 1488484848.512 0 192.168.1.106 TCP_DENIED/200 0 CONNECT 66.110.49.32:443 - HIER_NONE/- - 1488484848.629 0 192.168.1.106 TCP_DENIED/200 0 CONNECT 66.110.49.22:443 - HIER_NONE/- - 1488484848.698 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 178.79.142.243:443 - HIER_NONE/- - 1488484848.742 0 192.168.1.106 TCP_DENIED/200 0 CONNECT 66.110.49.30:443 - HIER_NONE/- - 1488484848.836 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484848.857 0 192.168.1.106 TCP_DENIED/200 0 CONNECT 66.110.49.32:443 - HIER_NONE/- - 1488484849.208 0 192.168.1.106 TCP_DENIED/200 0 CONNECT 66.110.49.30:443 - HIER_NONE/- - 1488484849.301 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 173.194.215.132:443 - HIER_NONE/- - 1488484849.475 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 50.56.166.82:443 - HIER_NONE/- - 1488484849.521 0 192.168.1.44 TCP_DENIED/200 0 CONNECT 201.17.165.168:443 - HIER_NONE/- - 1488484849.533 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484849.572 161 192.168.1.44 TCP_DENIED/200 0 CONNECT 8.18.25.28:443 - HIER_NONE/- - 1488484850.002 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484850.469 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 50.56.166.82:443 - HIER_NONE/- - 1488484850.470 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 50.56.166.82:443 - HIER_NONE/- - 1488484850.470 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 50.56.166.82:443 - HIER_NONE/- - 1488484850.471 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 23.253.121.112:443 - HIER_NONE/- - 1488484850.472 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 23.253.121.112:443 - HIER_NONE/- - 1488484850.473 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 23.253.121.112:443 - HIER_NONE/- - 1488484850.474 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 50.31.164.174:443 - HIER_NONE/- - 1488484850.475 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 50.31.164.174:443 - HIER_NONE/- - 1488484850.476 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 151.101.92.207:443 - HIER_NONE/- - 1488484850.477 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 151.101.92.207:443 - HIER_NONE/- - 1488484850.478 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 52.71.159.20:443 - HIER_NONE/- - 1488484850.480 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 52.71.159.20:443 - HIER_NONE/- - 1488484850.482 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 52.71.159.20:443 - HIER_NONE/- - 1488484850.483 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 52.71.159.20:443 - HIER_NONE/- - 1488484850.486 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484850.486 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484850.487 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484850.488 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 52.6.203.138:443 - HIER_NONE/- - 1488484850.490 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 52.6.203.138:443 - HIER_NONE/- - 1488484850.491 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 52.6.203.138:443 - HIER_NONE/- - 1488484850.493 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 104.20.21.239:443 - HIER_NONE/- - 1488484850.494 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 104.20.21.239:443 - HIER_NONE/- - 1488484850.495 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 72.21.91.42:443 - HIER_NONE/- - 1488484850.495 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 72.21.91.42:443 - HIER_NONE/- - 1488484850.496 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 72.21.91.42:443 - HIER_NONE/- - 1488484850.497 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 72.21.91.42:443 - HIER_NONE/- - 1488484850.497 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 72.21.91.42:443 - HIER_NONE/- - 1488484850.498 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 72.21.91.42:443 - HIER_NONE/- - 1488484851.439 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 178.79.142.243:443 - HIER_NONE/- - 1488484851.673 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484852.304 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 50.56.166.82:443 - HIER_NONE/- - 1488484852.327 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484853.755 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484855.713 0 192.168.1.49 TCP_DENIED/200 0 CONNECT 201.17.165.153:443 - HIER_NONE/- - 1488484856.050 0 192.168.1.46 TCP_DENIED/200 0 CONNECT 216.58.222.110:443 - HIER_NONE/- - 1488484856.280 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484856.465 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484857.644 0 192.168.1.24 TCP_DENIED/200 0 CONNECT 13.107.3.128:443 - HIER_NONE/- - 1488484859.177 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 52.6.203.138:443 - HIER_NONE/- - 1488484859.179 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 178.79.142.243:443 - HIER_NONE/- - 1488484859.184 0 192.168.1.24 TCP_DENIED/200 0 CONNECT 13.107.5.88:443 - HIER_NONE/- - 1488484860.067 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484860.349 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 72.21.91.42:443 - HIER_NONE/- - 1488484860.350 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 72.21.91.42:443 - HIER_NONE/- - 1488484860.431 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 50.56.166.82:443 - HIER_NONE/- - 1488484860.486 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484860.487 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 148.62.0.31:443 - HIER_NONE/- - 1488484861.209 0 192.168.1.42 TCP_DENIED/200 0 CONNECT 185.85.13.155:443 - HIER_NONE/- - 1488484862.222 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 50.56.166.82:443 - HIER_NONE/- - 1488484862.223 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 50.56.166.82:443 - HIER_NONE/- - 1488484862.223 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 50.56.166.82:443 - HIER_NONE/- - 1488484862.224 0 192.168.1.20 TCP_DENIED/200 0 CONNECT 23.253.121.112:443 - HIER_NONE/- - **![Print1.png_thumb](/public/_imported_attachments_/1/Print1.png_thumb) ![Print2.png](/public/_imported_attachments_/1/Print2.png) ![Print2.png_thumb](/public/_imported_attachments_/1/Print2.png_thumb) ![Print3.png](/public/_imported_attachments_/1/Print3.png) ![Print3.png_thumb](/public/_imported_attachments_/1/Print3.png_thumb)**
-
Em times servers coloca isso aqui: a.ntp.org ele vai pegar o horário do BR. Da próxima vez tenta colocar só os print KKKK. Ficou meio poluído.
-
Em times servers coloca isso aqui: a.ntp.org ele vai pegar o horário do BR. Da próxima vez tenta colocar só os print KKKK. Ficou meio poluído.
Cara eu tinha colocado utilizando o```
.... -
Mas deu certo?
-
Mudei no System / General Setup, parei o serviço e iniciei, nada mudou.
Vou reiniciar o servidor daqui a pouco e retorno se houve alguma mudança.
-
Mas deu certo?
Danilov.03
Agora deu certo quanto ao horário que deve gravar no log, agora tenho que resolver outro problema, mas continuo com o problema de TUDO estar bloqueado;
Squid e Squidguard desativados; Se tento acessar alguma página bloqueada, ele não permite acessar (ótimo até aí ;)), porém se ativo o Squid, não estou conseguindo navegar por nenhuma página HTTPS.
Verifiquei as ACL's do Squid e no Blacklist não constam sites como o do google e ainda sim, este é bloqueado.
Será que é alguma configuração do Squidguardian que está impedindo a navegação? :o ???
-
É configuração sim.
Mande print de suas configurações para eu analisar. Der um thanks no comentário que lhe ajudou ;) -
Danilo,
Print's e o squidgard.conf
Valeu!# ============================================================ # SquidGuard configuration file # This file generated automaticly with SquidGuard configurator # (C)2006 Serg Dvoriancev # email: dv_serg@mail.ru # ============================================================ logdir /var/squidGuard/log dbhome /var/db/squidGuard # Livre src free { ip 192.168.1.200 ip 192.168.1.201 } # dest blk_BL_adv { domainlist blk_BL_adv/domains urllist blk_BL_adv/urls log block.log } # dest blk_BL_aggressive { domainlist blk_BL_aggressive/domains urllist blk_BL_aggressive/urls log block.log } # dest blk_BL_alcohol { domainlist blk_BL_alcohol/domains urllist blk_BL_alcohol/urls log block.log } # dest blk_BL_anonvpn { domainlist blk_BL_anonvpn/domains urllist blk_BL_anonvpn/urls log block.log } # dest blk_BL_automobile_bikes { domainlist blk_BL_automobile_bikes/domains urllist blk_BL_automobile_bikes/urls log block.log } # dest blk_BL_automobile_boats { domainlist blk_BL_automobile_boats/domains urllist blk_BL_automobile_boats/urls log block.log } # dest blk_BL_automobile_cars { domainlist blk_BL_automobile_cars/domains urllist blk_BL_automobile_cars/urls log block.log } # dest blk_BL_automobile_planes { domainlist blk_BL_automobile_planes/domains urllist blk_BL_automobile_planes/urls log block.log } # dest blk_BL_chat { domainlist blk_BL_chat/domains urllist blk_BL_chat/urls log block.log } # dest blk_BL_costtraps { domainlist blk_BL_costtraps/domains urllist blk_BL_costtraps/urls log block.log } # dest blk_BL_dating { domainlist blk_BL_dating/domains urllist blk_BL_dating/urls log block.log } # dest blk_BL_downloads { domainlist blk_BL_downloads/domains urllist blk_BL_downloads/urls log block.log } # dest blk_BL_drugs { domainlist blk_BL_drugs/domains urllist blk_BL_drugs/urls log block.log } # dest blk_BL_dynamic { domainlist blk_BL_dynamic/domains urllist blk_BL_dynamic/urls log block.log } # dest blk_BL_education_schools { domainlist blk_BL_education_schools/domains urllist blk_BL_education_schools/urls log block.log } # dest blk_BL_finance_banking { domainlist blk_BL_finance_banking/domains urllist blk_BL_finance_banking/urls log block.log } # dest blk_BL_finance_insurance { domainlist blk_BL_finance_insurance/domains urllist blk_BL_finance_insurance/urls log block.log } # dest blk_BL_finance_moneylending { domainlist blk_BL_finance_moneylending/domains urllist blk_BL_finance_moneylending/urls log block.log } # dest blk_BL_finance_other { domainlist blk_BL_finance_other/domains urllist blk_BL_finance_other/urls log block.log } # dest blk_BL_finance_realestate { domainlist blk_BL_finance_realestate/domains urllist blk_BL_finance_realestate/urls log block.log } # dest blk_BL_finance_trading { domainlist blk_BL_finance_trading/domains urllist blk_BL_finance_trading/urls log block.log } # dest blk_BL_fortunetelling { domainlist blk_BL_fortunetelling/domains urllist blk_BL_fortunetelling/urls log block.log } # dest blk_BL_forum { domainlist blk_BL_forum/domains urllist blk_BL_forum/urls log block.log } # dest blk_BL_gamble { domainlist blk_BL_gamble/domains urllist blk_BL_gamble/urls log block.log } # dest blk_BL_government { domainlist blk_BL_government/domains urllist blk_BL_government/urls log block.log } # dest blk_BL_hacking { domainlist blk_BL_hacking/domains urllist blk_BL_hacking/urls log block.log } # dest blk_BL_hobby_cooking { domainlist blk_BL_hobby_cooking/domains urllist blk_BL_hobby_cooking/urls log block.log } # dest blk_BL_hobby_games-misc { domainlist blk_BL_hobby_games-misc/domains urllist blk_BL_hobby_games-misc/urls log block.log } # dest blk_BL_hobby_games-online { domainlist blk_BL_hobby_games-online/domains urllist blk_BL_hobby_games-online/urls log block.log } # dest blk_BL_hobby_gardening { domainlist blk_BL_hobby_gardening/domains urllist blk_BL_hobby_gardening/urls log block.log } # dest blk_BL_hobby_pets { domainlist blk_BL_hobby_pets/domains urllist blk_BL_hobby_pets/urls log block.log } # dest blk_BL_homestyle { domainlist blk_BL_homestyle/domains urllist blk_BL_homestyle/urls log block.log } # dest blk_BL_hospitals { domainlist blk_BL_hospitals/domains urllist blk_BL_hospitals/urls log block.log } # dest blk_BL_imagehosting { domainlist blk_BL_imagehosting/domains urllist blk_BL_imagehosting/urls log block.log } # dest blk_BL_isp { domainlist blk_BL_isp/domains urllist blk_BL_isp/urls log block.log } # dest blk_BL_jobsearch { domainlist blk_BL_jobsearch/domains urllist blk_BL_jobsearch/urls log block.log } # dest blk_BL_library { domainlist blk_BL_library/domains urllist blk_BL_library/urls log block.log } # dest blk_BL_military { domainlist blk_BL_military/domains urllist blk_BL_military/urls log block.log } # dest blk_BL_models { domainlist blk_BL_models/domains urllist blk_BL_models/urls log block.log } # dest blk_BL_movies { domainlist blk_BL_movies/domains urllist blk_BL_movies/urls log block.log } # dest blk_BL_music { domainlist blk_BL_music/domains urllist blk_BL_music/urls log block.log } # dest blk_BL_news { domainlist blk_BL_news/domains urllist blk_BL_news/urls log block.log } # dest blk_BL_podcasts { domainlist blk_BL_podcasts/domains urllist blk_BL_podcasts/urls log block.log } # dest blk_BL_politics { domainlist blk_BL_politics/domains urllist blk_BL_politics/urls log block.log } # dest blk_BL_porn { domainlist blk_BL_porn/domains urllist blk_BL_porn/urls log block.log } # dest blk_BL_radiotv { domainlist blk_BL_radiotv/domains urllist blk_BL_radiotv/urls log block.log } # dest blk_BL_recreation_humor { domainlist blk_BL_recreation_humor/domains urllist blk_BL_recreation_humor/urls log block.log } # dest blk_BL_recreation_martialarts { domainlist blk_BL_recreation_martialarts/domains urllist blk_BL_recreation_martialarts/urls log block.log } # dest blk_BL_recreation_restaurants { domainlist blk_BL_recreation_restaurants/domains urllist blk_BL_recreation_restaurants/urls log block.log } # dest blk_BL_recreation_sports { domainlist blk_BL_recreation_sports/domains urllist blk_BL_recreation_sports/urls log block.log } # dest blk_BL_recreation_travel { domainlist blk_BL_recreation_travel/domains urllist blk_BL_recreation_travel/urls log block.log } # dest blk_BL_recreation_wellness { domainlist blk_BL_recreation_wellness/domains urllist blk_BL_recreation_wellness/urls log block.log } # dest blk_BL_redirector { domainlist blk_BL_redirector/domains urllist blk_BL_redirector/urls log block.log } # dest blk_BL_religion { domainlist blk_BL_religion/domains urllist blk_BL_religion/urls log block.log } # dest blk_BL_remotecontrol { domainlist blk_BL_remotecontrol/domains urllist blk_BL_remotecontrol/urls log block.log } # dest blk_BL_ringtones { domainlist blk_BL_ringtones/domains urllist blk_BL_ringtones/urls log block.log } # dest blk_BL_science_astronomy { domainlist blk_BL_science_astronomy/domains urllist blk_BL_science_astronomy/urls log block.log } # dest blk_BL_science_chemistry { domainlist blk_BL_science_chemistry/domains urllist blk_BL_science_chemistry/urls log block.log } # dest blk_BL_searchengines { domainlist blk_BL_searchengines/domains urllist blk_BL_searchengines/urls log block.log } # dest blk_BL_sex_education { domainlist blk_BL_sex_education/domains urllist blk_BL_sex_education/urls log block.log } # dest blk_BL_sex_lingerie { domainlist blk_BL_sex_lingerie/domains urllist blk_BL_sex_lingerie/urls log block.log } # dest blk_BL_shopping { domainlist blk_BL_shopping/domains urllist blk_BL_shopping/urls log block.log } # dest blk_BL_socialnet { domainlist blk_BL_socialnet/domains urllist blk_BL_socialnet/urls log block.log } # dest blk_BL_spyware { domainlist blk_BL_spyware/domains urllist blk_BL_spyware/urls log block.log } # dest blk_BL_tracker { domainlist blk_BL_tracker/domains urllist blk_BL_tracker/urls log block.log } # dest blk_BL_updatesites { domainlist blk_BL_updatesites/domains urllist blk_BL_updatesites/urls log block.log } # dest blk_BL_urlshortener { domainlist blk_BL_urlshortener/domains urllist blk_BL_urlshortener/urls log block.log } # dest blk_BL_violence { domainlist blk_BL_violence/domains urllist blk_BL_violence/urls log block.log } # dest blk_BL_warez { domainlist blk_BL_warez/domains urllist blk_BL_warez/urls log block.log } # dest blk_BL_weapons { domainlist blk_BL_weapons/domains urllist blk_BL_weapons/urls log block.log } # dest blk_BL_webmail { domainlist blk_BL_webmail/domains urllist blk_BL_webmail/urls log block.log } # dest blk_BL_webphone { domainlist blk_BL_webphone/domains urllist blk_BL_webphone/urls log block.log } # dest blk_BL_webradio { domainlist blk_BL_webradio/domains urllist blk_BL_webradio/urls log block.log } # dest blk_BL_webtv { domainlist blk_BL_webtv/domains urllist blk_BL_webtv/urls log block.log } # Bionexo dest Personalizada { domainlist Personalizada/domains expressionlist Personalizada/expressions log block.log } # rew safesearch { s@(google\..*/search?.*q=.*)@\1\&safe=active@i s@(google\..*/images.*q=.*)@\1\&safe=active@i s@(google\..*/groups.*q=.*)@\1\&safe=active@i s@(google\..*/news.*q=.*)@\1\&safe=active@i s@(yandex\..*/yandsearch?.*text=.*)@\1\&fyandex=1@i s@(search\.yahoo\..*/search.*p=.*)@\1\&vm=r&v=1@i s@(search\.live\..*/.*q=.*)@\1\&adlt=strict@i s@(search\.msn\..*/.*q=.*)@\1\&adlt=strict@i s@(\.bing\..*/.*q=.*)@\1\&adlt=strict@i log block.log } # acl { # Livre free { pass all } # default { pass Personalizada blk_BL_redirector !in-addr !blk_BL_aggressive !blk_BL_dating !blk_BL_downloads !blk_BL_education_schools !blk_BL_gamble !blk_BL_hobby_cooking !blk_BL_hobby_games-misc !blk_BL_hobby_games-online !blk_BL_hobby_gardening !blk_BL_hobby_pets !blk_BL_homestyle !blk_BL_jobsearch !blk_BL_movies !blk_BL_music !blk_BL_porn !blk_BL_radiotv !blk_BL_religion !blk_BL_remotecontrol !blk_BL_sex_education !blk_BL_sex_lingerie !blk_BL_shopping !blk_BL_socialnet !blk_BL_spyware !blk_BL_violence !blk_BL_webradio !blk_BL_webtv blk_BL_updatesites all redirect www.google.com.br&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u rewrite safesearch log block.log } }
-
Cadê os prints do erro da página e do squid?
Desabilita o "Do not allow IP" no squidguard
Tira todos os IPS do cliente source -
Squid.conf
# This file is automatically generated by pfSense # Do not edit manually ! http_port 192.168.1.1:3128 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=60MB cert=/usr/local/etc/squid/serverkey.pem capath=/usr/local/share/certs/ cipher=EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS tls-dh=prime256v1:/etc/dh-parameters.2048 options=NO_SSLv2,NO_SSLv3,NO_TLSv1,SINGLE_DH_USE,SINGLE_ECDH_USE http_port 127.0.0.1:3128 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=60MB cert=/usr/local/etc/squid/serverkey.pem capath=/usr/local/share/certs/ cipher=EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS tls-dh=prime256v1:/etc/dh-parameters.2048 options=NO_SSLv2,NO_SSLv3,NO_TLSv1,SINGLE_DH_USE,SINGLE_ECDH_USE https_port 127.0.0.1:3129 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=60MB cert=/usr/local/etc/squid/serverkey.pem capath=/usr/local/share/certs/ cipher=EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS tls-dh=prime256v1:/etc/dh-parameters.2048 options=NO_SSLv2,NO_SSLv3,NO_TLSv1,SINGLE_DH_USE,SINGLE_ECDH_USE icp_port 0 dns_v4_first on pid_filename /var/run/squid/squid.pid cache_effective_user squid cache_effective_group proxy error_default_language pt-br icon_directory /usr/local/etc/squid/icons visible_hostname Firewall cache_mgr giorgioghisleni@gmail.com access_log /var/squid/logs/access.log cache_log /var/squid/logs/cache.log cache_store_log none netdb_filename /var/squid/logs/netdb.state pinger_enable on pinger_program /usr/local/libexec/squid/pinger sslcrtd_program /usr/local/libexec/squid/ssl_crtd -s /var/squid/lib/ssl_db -M 4MB -b 2048 sslcrtd_children 30 sslproxy_capath /usr/local/share/certs/ sslproxy_options NO_SSLv2,NO_SSLv3,NO_TLSv1,SINGLE_DH_USE,SINGLE_ECDH_USE sslproxy_cipher EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS sslproxy_cert_error allow all sslproxy_cert_adapt setValidAfter all logfile_rotate 0 debug_options rotate=0 shutdown_lifetime 3 seconds forwarded_for on httpd_suppress_version_string on uri_whitespace strip refresh_pattern -i microsoft.com/.*\.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip|psf) 4320 80% 43200 reload-into-ims refresh_pattern -i windowsupdate.com/.*\.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip|psf) 4320 80% 43200 reload-into-ims cache_mem 256 MB maximum_object_size_in_memory 256 KB memory_replacement_policy heap GDSF cache_replacement_policy heap LFUDA minimum_object_size 0 KB maximum_object_size 12 MB cache_dir ufs /var/squid/cache 1024 16 256 offline_mode on cache_swap_low 90 cache_swap_high 95 cache allow all # Add any of your own refresh_pattern entries above these. refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 #Remote proxies # Setup some default acls # ACLs all, manager, localhost, and to_localhost are predefined. acl allsrc src all acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 443 3128 3129 1025-65535 acl sslports port 443 563 443 acl purge method PURGE acl connect method CONNECT # Define protocols used for redirects acl HTTP proto HTTP acl HTTPS proto HTTPS # SslBump Peek and Splice # http://wiki.squid-cache.org/Features/SslPeekAndSplice # http://wiki.squid-cache.org/ConfigExamples/Intercept/SslBumpExplicit # Match against the current step during ssl_bump evaluation [fast] # Never matches and should not be used outside the ssl_bump context. # # At each SslBump step, Squid evaluates ssl_bump directives to find # the next bumping action (e.g., peek or splice). Valid SslBump step # values and the corresponding ssl_bump evaluation moments are: # SslBump1: After getting TCP-level and HTTP CONNECT info. # SslBump2: After getting TLS Client Hello info. # SslBump3: After getting TLS Server Hello info. # These ACLs exist even when 'SSL/MITM Mode' is set to 'Custom' so that # they can be used there for custom configuration. acl step1 at_step SslBump1 acl step2 at_step SslBump2 acl step3 at_step SslBump3 acl whitelist dstdom_regex -i "/var/squid/acl/whitelist.acl" acl blacklist dstdom_regex -i "/var/squid/acl/blacklist.acl" acl block_reply_mime_type rep_mime_type -i "/var/squid/acl/block_reply_mime_type.acl" http_access allow manager localhost http_access deny manager http_access allow purge localhost http_access deny purge http_access deny !safeports http_access deny CONNECT !sslports # Always allow localhost connections http_access allow localhost request_body_max_size 0 KB delay_pools 1 delay_class 1 2 delay_parameters 1 -1/-1 -1/-1 delay_initial_bucket_level 100 delay_access 1 allow allsrc # Reverse Proxy settings # Custom options before auth # Always allow access to whitelist domains http_access allow whitelist # Block access to blacklist domains http_access deny blacklist # Block access with mime type in the reply http_reply_access deny block_reply_mime_type acl sglog url_regex -i sgr=ACCESSDENIED http_access deny sglog ssl_bump peek step1 ssl_bump splice whitelist ssl_bump bump all # Setup allowed ACLs # Default block all to be sure http_access deny allsrc
–----------------UPDATE----------------------
No Proxy Server: General Settings/General, estava desmarcado a opção "Allow Users on Interface" e na ACL's em Allowed Subnets estava vazio. Foi marcar e funcionou a navegação controlada pelo Squid.Fiz as alterações no squidguard, cliquei em aplicar e ao tentar acessar a página https://www.terra.com.br/ dá a mensagem SSL_ERROR_BAD_CERT_DOMAIN.
Obs. Já desinstalei a CA e instalei novamente na máquina que estou realizando testes.