Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Privileges by Groups of user

    Scheduled Pinned Locked Moved pfSense Packages
    4 Posts 2 Posters 964 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      peruvichito2014
      last edited by

      Hi Gurus
      I have a doubt
      Wel In my company exist differents areas, for example Account, Engineers, Operations & Mantaince, directors and managers
      So for example Account area have three user (3 IP's belongs to this area)
      Engineer have Four user, so these area have 4 IP address
      Operations & Mantaince  have five user, This area has IP's address
      Directors and manager, five users (Five IP address)
      The need is to create groups

      For example Directors and Manager must be access to any pages (like youtube, Social Networks, Banks, etc)
      Operations & Mantaince Only must be acces to certain types of pages like hotmail. yahoo mail, gmail, and blocks social media (like facebook or twitters)
      Engineers must be access to hotmail, gmail and block youtube
      Account only must be acces to bank webs and block the rest of web

      Let me know if existe any module that I must be install to obtain the need lines above explain, Or any other suggestion how to manages this type of requeriments

      Best regard

      1 Reply Last reply Reply Quote 0
      • KOMK
        KOM
        last edited by

        Squid and SquidGuard are what you need.  Squid does the caching and SquidGuard does the filtering.  The tricky part is that a lot of sites are going HTTPS, which means you either need to force the use of Squid as a web proxy for al your client systems, or install SSL certificates created by pfSense on all client systems.

        1 Reply Last reply Reply Quote 0
        • P
          peruvichito2014
          last edited by

          Hi KOM
          thanks for your suggestion. So let me know if with squidguard I can create group (like Account, Engenier, operation, Research and Development, VIP area, guest) and the permit web pages is by groups.

          For example, Operation can access to gmail.com. 
          Account only access to gmail and pages of banks
          Engineers, only access to gmail and pages of universities
          Research and Development access to any pages

          I think that the profile that you apply to squidguard apply to all user, So all users have the same profile

          1 Reply Last reply Reply Quote 0
          • KOMK
            KOM
            last edited by

            Well, Squid and SquidGuard are common FOSS packages for doing caching and filtering, so you could actually download those packages and try for yourself.  Or, you could use a search engine to read up on the documentation to get most of your answers.

            Yes, you can create custom groups.  No, there is not just one common profile/group.  Look into Group ACL.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.