Squid redirect Page

J7529

Hello,

I have squid and squid guard set up and everything is working as it should be but when I go to a blocked site such as Dropbox I recieve a squid error for "Unable to determine IP address from host name "http"" (See below) 0_1533571211353_pfsense Squid Blocked Page.png

instead of my own custom blocked screen which I have created under SquidGuard so it would redirect if the website is blocked.

Is there a way where I can have the blocked page always be the custom page which I created?

Thanks

stephenw10

That's because it's not a blocked page it's a bad hyperlink.
Wherever you're browsing to that from has probably added https incorrectly or maybe the : is missing from the link. Either way it's trying to resolve http as a url and failing.

Steve

J7529

Oh right okay,

When I unblock websites such as Dropbox I am able to get to them without any issue

stephenw10

Does your blocked site error page work correctly for other sites? That could be Squid attempting to apply a bad re-direct.

Is that the only https blocked page?

Whatever is causing that Squid is trying to resolve 'http' as an fqdn which will always fail.

Steve

J7529

It shows the squid block page for mostly all of the blocked sites but only shows the squidguard block page for example:

dropbox.com
0_1534154111766_pfsense Squid Blocked Page(Dropbox.com).png

dropbox.com/login
0_1534154125405_pfsense Squid Blocked Page(Dropbox.com-login).png

This also vary's from browser to browser on IE the top error comes up all the time and on Firefox both appear

stephenw10

Well, it's hard to say without seeing the config and logs etc but in both cases Squid is trying and failing to resolve http and https as a host name which clearly it isn't. Something is passing that Squid to resolve or something is Squid/Squidguard is configured with a URL and should be an FQDN.

Steve

J7529

So I have created another pfSense machine so I can do testing and it seems that the reason I am getting the top error is because I have the "Enable SSL filtering" on.

Am I missing something elsewhere as this option is enabled?

Thanks,
Jord

stephenw10

Try setting the redirect mode in Squidguard to ext url move. You will have to redirect to something, you might create a page for that.

I hit that same error recently and that worked around it.

Steve