• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

SquidGuard Disable "Groups ACL" no work, bug?

Scheduled Pinned Locked Moved Cache/Proxy
23 Posts 6 Posters 2.1k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • F
    FreudyFLC @viktor_g
    last edited by Mar 26, 2021, 1:13 PM

    @viktor_g
    Good morning, how do I implement what is in that link ????
    I would be very grateful if you could help me.
    I modified the second file by what is shown in the line of codes of the link, but the first one I do not know where to find it ...
    Please help me

    S 1 Reply Last reply Mar 26, 2021, 1:14 PM Reply Quote 0
    • S
      sisko212 @FreudyFLC
      last edited by sisko212 Mar 26, 2021, 1:16 PM Mar 26, 2021, 1:14 PM

      @freudyflc A new upgraded package is already available, just go to package manager and update squidguard to latest 1.16.18_17.

      F 1 Reply Last reply Mar 26, 2021, 1:21 PM Reply Quote 0
      • F
        FreudyFLC @sisko212
        last edited by Mar 26, 2021, 1:21 PM

        @sisko212 It is the version that I have installed. But it has the bug

        S V 2 Replies Last reply Mar 26, 2021, 1:31 PM Reply Quote 0
        • S
          sisko212 @FreudyFLC
          last edited by Mar 26, 2021, 1:31 PM

          @freudyflc i am sorry... for your case, should be something else then.

          1 Reply Last reply Reply Quote 0
          • V
            viktor_g Netgate @FreudyFLC
            last edited by Mar 26, 2021, 1:35 PM

            @freudyflc Please provide your SquidGuard configuration for checking
            WebGUI pages + /usr/local/etc/squidGuard/squidGuard.conf

            F 1 Reply Last reply Mar 26, 2021, 1:42 PM Reply Quote 0
            • F
              FreudyFLC @viktor_g
              last edited by Mar 26, 2021, 1:42 PM

              @viktor_g said in SquidGuard Disable "Groups ACL" no work, bug?:

              @freudyflc Please provide your SquidGuard configuration for checking
              WebGUI pages + /usr/local/etc/squidGuard/squidGuard.conf

              This is my squidGuard configuration:
              (Excuse the Spanish, I am Cuban)

              ============================================================

              SquidGuard configuration file

              This file generated automaticly with SquidGuard configurator

              (C)2006 Serg Dvoriancev

              email: dv_serg@mail.ru

              ============================================================

              logdir /var/squidGuard/log
              dbhome /var/db/squidGuard

              Horario Para la Navegación

              time Horario {
              weekly * 07:00-18:00
              }

              dest blk_BL_adv {
              domainlist blk_BL_adv/domains
              urllist blk_BL_adv/urls
              log block.log
              }

              dest blk_BL_aggressive {
              domainlist blk_BL_aggressive/domains
              urllist blk_BL_aggressive/urls
              log block.log
              }

              dest blk_BL_alcohol {
              domainlist blk_BL_alcohol/domains
              urllist blk_BL_alcohol/urls
              log block.log
              }

              dest blk_BL_anonvpn {
              domainlist blk_BL_anonvpn/domains
              urllist blk_BL_anonvpn/urls
              log block.log
              }

              dest blk_BL_automobile_bikes {
              domainlist blk_BL_automobile_bikes/domains
              urllist blk_BL_automobile_bikes/urls
              log block.log
              }

              dest blk_BL_automobile_boats {
              domainlist blk_BL_automobile_boats/domains
              urllist blk_BL_automobile_boats/urls
              log block.log
              }

              dest blk_BL_automobile_cars {
              domainlist blk_BL_automobile_cars/domains
              urllist blk_BL_automobile_cars/urls
              log block.log
              }

              dest blk_BL_automobile_planes {
              domainlist blk_BL_automobile_planes/domains
              urllist blk_BL_automobile_planes/urls
              log block.log
              }

              dest blk_BL_chat {
              domainlist blk_BL_chat/domains
              urllist blk_BL_chat/urls
              log block.log
              }

              dest blk_BL_costtraps {
              domainlist blk_BL_costtraps/domains
              urllist blk_BL_costtraps/urls
              log block.log
              }

              dest blk_BL_dating {
              domainlist blk_BL_dating/domains
              urllist blk_BL_dating/urls
              log block.log
              }

              dest blk_BL_downloads {
              domainlist blk_BL_downloads/domains
              urllist blk_BL_downloads/urls
              log block.log
              }

              dest blk_BL_drugs {
              domainlist blk_BL_drugs/domains
              urllist blk_BL_drugs/urls
              log block.log
              }

              dest blk_BL_dynamic {
              domainlist blk_BL_dynamic/domains
              urllist blk_BL_dynamic/urls
              log block.log
              }

              dest blk_BL_education_schools {
              domainlist blk_BL_education_schools/domains
              urllist blk_BL_education_schools/urls
              log block.log
              }

              dest blk_BL_finance_banking {
              domainlist blk_BL_finance_banking/domains
              urllist blk_BL_finance_banking/urls
              log block.log
              }

              dest blk_BL_finance_insurance {
              domainlist blk_BL_finance_insurance/domains
              urllist blk_BL_finance_insurance/urls
              log block.log
              }

              dest blk_BL_finance_moneylending {
              domainlist blk_BL_finance_moneylending/domains
              urllist blk_BL_finance_moneylending/urls
              log block.log
              }

              dest blk_BL_finance_other {
              domainlist blk_BL_finance_other/domains
              urllist blk_BL_finance_other/urls
              log block.log
              }

              dest blk_BL_finance_realestate {
              domainlist blk_BL_finance_realestate/domains
              urllist blk_BL_finance_realestate/urls
              log block.log
              }

              dest blk_BL_finance_trading {
              domainlist blk_BL_finance_trading/domains
              urllist blk_BL_finance_trading/urls
              log block.log
              }

              dest blk_BL_fortunetelling {
              domainlist blk_BL_fortunetelling/domains
              urllist blk_BL_fortunetelling/urls
              log block.log
              }

              dest blk_BL_forum {
              domainlist blk_BL_forum/domains
              urllist blk_BL_forum/urls
              log block.log
              }

              dest blk_BL_gamble {
              domainlist blk_BL_gamble/domains
              urllist blk_BL_gamble/urls
              log block.log
              }

              dest blk_BL_government {
              domainlist blk_BL_government/domains
              urllist blk_BL_government/urls
              log block.log
              }

              dest blk_BL_hacking {
              domainlist blk_BL_hacking/domains
              urllist blk_BL_hacking/urls
              log block.log
              }

              dest blk_BL_hobby_cooking {
              domainlist blk_BL_hobby_cooking/domains
              urllist blk_BL_hobby_cooking/urls
              log block.log
              }

              dest blk_BL_hobby_games-misc {
              domainlist blk_BL_hobby_games-misc/domains
              urllist blk_BL_hobby_games-misc/urls
              log block.log
              }

              dest blk_BL_hobby_games-online {
              domainlist blk_BL_hobby_games-online/domains
              urllist blk_BL_hobby_games-online/urls
              log block.log
              }

              dest blk_BL_hobby_gardening {
              domainlist blk_BL_hobby_gardening/domains
              urllist blk_BL_hobby_gardening/urls
              log block.log
              }

              dest blk_BL_hobby_pets {
              domainlist blk_BL_hobby_pets/domains
              urllist blk_BL_hobby_pets/urls
              log block.log
              }

              dest blk_BL_homestyle {
              domainlist blk_BL_homestyle/domains
              urllist blk_BL_homestyle/urls
              log block.log
              }

              dest blk_BL_hospitals {
              domainlist blk_BL_hospitals/domains
              urllist blk_BL_hospitals/urls
              log block.log
              }

              dest blk_BL_imagehosting {
              domainlist blk_BL_imagehosting/domains
              urllist blk_BL_imagehosting/urls
              log block.log
              }

              dest blk_BL_isp {
              domainlist blk_BL_isp/domains
              urllist blk_BL_isp/urls
              log block.log
              }

              dest blk_BL_jobsearch {
              domainlist blk_BL_jobsearch/domains
              urllist blk_BL_jobsearch/urls
              log block.log
              }

              dest blk_BL_library {
              domainlist blk_BL_library/domains
              urllist blk_BL_library/urls
              log block.log
              }

              dest blk_BL_military {
              domainlist blk_BL_military/domains
              urllist blk_BL_military/urls
              log block.log
              }

              dest blk_BL_models {
              domainlist blk_BL_models/domains
              urllist blk_BL_models/urls
              log block.log
              }

              dest blk_BL_movies {
              domainlist blk_BL_movies/domains
              urllist blk_BL_movies/urls
              log block.log
              }

              dest blk_BL_music {
              domainlist blk_BL_music/domains
              urllist blk_BL_music/urls
              log block.log
              }

              dest blk_BL_news {
              domainlist blk_BL_news/domains
              urllist blk_BL_news/urls
              log block.log
              }

              dest blk_BL_podcasts {
              domainlist blk_BL_podcasts/domains
              urllist blk_BL_podcasts/urls
              log block.log
              }

              dest blk_BL_politics {
              domainlist blk_BL_politics/domains
              urllist blk_BL_politics/urls
              log block.log
              }

              dest blk_BL_porn {
              domainlist blk_BL_porn/domains
              urllist blk_BL_porn/urls
              log block.log
              }

              dest blk_BL_radiotv {
              domainlist blk_BL_radiotv/domains
              urllist blk_BL_radiotv/urls
              log block.log
              }

              dest blk_BL_recreation_humor {
              domainlist blk_BL_recreation_humor/domains
              urllist blk_BL_recreation_humor/urls
              log block.log
              }

              dest blk_BL_recreation_martialarts {
              domainlist blk_BL_recreation_martialarts/domains
              urllist blk_BL_recreation_martialarts/urls
              log block.log
              }

              dest blk_BL_recreation_restaurants {
              domainlist blk_BL_recreation_restaurants/domains
              urllist blk_BL_recreation_restaurants/urls
              log block.log
              }

              dest blk_BL_recreation_sports {
              domainlist blk_BL_recreation_sports/domains
              urllist blk_BL_recreation_sports/urls
              log block.log
              }

              dest blk_BL_recreation_travel {
              domainlist blk_BL_recreation_travel/domains
              urllist blk_BL_recreation_travel/urls
              log block.log
              }

              dest blk_BL_recreation_wellness {
              domainlist blk_BL_recreation_wellness/domains
              urllist blk_BL_recreation_wellness/urls
              log block.log
              }

              dest blk_BL_redirector {
              domainlist blk_BL_redirector/domains
              urllist blk_BL_redirector/urls
              log block.log
              }

              dest blk_BL_religion {
              domainlist blk_BL_religion/domains
              urllist blk_BL_religion/urls
              log block.log
              }

              dest blk_BL_remotecontrol {
              domainlist blk_BL_remotecontrol/domains
              urllist blk_BL_remotecontrol/urls
              log block.log
              }

              dest blk_BL_ringtones {
              domainlist blk_BL_ringtones/domains
              urllist blk_BL_ringtones/urls
              log block.log
              }

              dest blk_BL_science_astronomy {
              domainlist blk_BL_science_astronomy/domains
              urllist blk_BL_science_astronomy/urls
              log block.log
              }

              dest blk_BL_science_chemistry {
              domainlist blk_BL_science_chemistry/domains
              urllist blk_BL_science_chemistry/urls
              log block.log
              }

              dest blk_BL_searchengines {
              domainlist blk_BL_searchengines/domains
              urllist blk_BL_searchengines/urls
              log block.log
              }

              dest blk_BL_sex_education {
              domainlist blk_BL_sex_education/domains
              urllist blk_BL_sex_education/urls
              log block.log
              }

              dest blk_BL_sex_lingerie {
              domainlist blk_BL_sex_lingerie/domains
              urllist blk_BL_sex_lingerie/urls
              log block.log
              }

              dest blk_BL_shopping {
              domainlist blk_BL_shopping/domains
              urllist blk_BL_shopping/urls
              log block.log
              }

              dest blk_BL_socialnet {
              domainlist blk_BL_socialnet/domains
              urllist blk_BL_socialnet/urls
              log block.log
              }

              dest blk_BL_spyware {
              domainlist blk_BL_spyware/domains
              urllist blk_BL_spyware/urls
              log block.log
              }

              dest blk_BL_tracker {
              domainlist blk_BL_tracker/domains
              urllist blk_BL_tracker/urls
              log block.log
              }

              dest blk_BL_updatesites {
              domainlist blk_BL_updatesites/domains
              urllist blk_BL_updatesites/urls
              log block.log
              }

              dest blk_BL_urlshortener {
              domainlist blk_BL_urlshortener/domains
              urllist blk_BL_urlshortener/urls
              log block.log
              }

              dest blk_BL_violence {
              domainlist blk_BL_violence/domains
              urllist blk_BL_violence/urls
              log block.log
              }

              dest blk_BL_warez {
              domainlist blk_BL_warez/domains
              urllist blk_BL_warez/urls
              log block.log
              }

              dest blk_BL_weapons {
              domainlist blk_BL_weapons/domains
              urllist blk_BL_weapons/urls
              log block.log
              }

              dest blk_BL_webmail {
              domainlist blk_BL_webmail/domains
              urllist blk_BL_webmail/urls
              log block.log
              }

              dest blk_BL_webphone {
              domainlist blk_BL_webphone/domains
              urllist blk_BL_webphone/urls
              log block.log
              }

              dest blk_BL_webradio {
              domainlist blk_BL_webradio/domains
              urllist blk_BL_webradio/urls
              log block.log
              }

              dest blk_BL_webtv {
              domainlist blk_BL_webtv/domains
              urllist blk_BL_webtv/urls
              log block.log
              }

              Navegacion Nacional

              dest Intranet {
              expressionlist Intranet/expressions
              redirect https://10.0.67.2:8181/sgerror.php?url=403%20USTED%20NO%20ESTA%20AUTORIZADO%20A%20ACCEDER%20A%20ESTE%20SITIO%21%21%21&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
              log block.log
              }

              Bloqueo General

              dest BL_Generales {
              domainlist BL_Generales/domains
              expressionlist BL_Generales/expressions
              redirect https://10.0.67.2:8181/sgerror.php?url=403%20USTED%20NO%20ESTA%20AUTORIZADO%20A%20ACCEDER%20A%20ESTE%20SITIO%21%21%21&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
              log block.log
              }

              Bloqueo de Correos

              dest BL_Correos {
              expressionlist BL_Correos/expressions
              redirect https://10.0.67.2:8181/sgerror.php?url=403%20USTED%20NO%20ESTA%20AUTORIZADO%20A%20ACCEDER%20A%20ESTE%20SITIO%21%21%21&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
              log block.log
              }

              Youtube

              dest BL_Youtube {
              domainlist BL_Youtube/domains
              redirect https://10.0.67.2:8181/sgerror.php?url=403%20USTED%20NO%20ESTA%20AUTORIZADO%20A%20ACCEDER%20A%20ESTE%20SITIO%21%21%21&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
              log block.log
              }

              rew safesearch {
              s@(google../search?.q=.)@\1&safe=active@i
              s@(google..
              /images.q=.)@\1&safe=active@i
              s@(google../groups.q=.)@\1&safe=active@i
              s@(google..
              /news.q=.)@\1&safe=active@i
              s@(yandex../yandsearch?.text=.)@\1&fyandex=1@i
              s@(search.yahoo..
              /search.p=.)@\1&vm=r&v=1@i
              s@(search.live../.q=.)@\1&adlt=strict@i
              s@(search.msn..
              /.q=.)@\1&adlt=strict@i
              s@(.bing../.q=.)@\1&adlt=strict@i
              s@(duckduckgo..
              /?.q=.)@\1&kp=1@i
              s@(rambler../?.query=.)@\1&adult=family@i
              s@(qwant..
              /?.q=.)@\1&s=2@i
              s@(ecosia../search.q=.)@\1&safesearch=2@i
              s@(onesearch..
              /yhs/search.*)@\1&vm=r@i
              log block.log
              }

              acl {
              #
              default {
              pass !in-addr none
              redirect https://10.0.67.2:8181/sgerror.php?url=403%20USTED%20NO%20ESTA%20AUTORIZADO%20A%20ACCEDER%20A%20ESTE%20SITIO&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
              rewrite safesearch
              log block.log
              }
              }

              V 1 Reply Last reply Mar 26, 2021, 1:55 PM Reply Quote 0
              • V
                viktor_g Netgate @FreudyFLC
                last edited by Mar 26, 2021, 1:55 PM

                @freudyflc right, something wrong - I don't see src entries
                Could you show your Group ACLs ?

                F 3 Replies Last reply Mar 26, 2021, 2:01 PM Reply Quote 0
                • F
                  FreudyFLC @viktor_g
                  last edited by Mar 26, 2021, 2:01 PM

                  @viktor_g said in SquidGuard Disable "Groups ACL" no work, bug?:

                  @freudyflc right, something wrong - I don't see src entries
                  Could you show your Group ACLs ?

                  <acls>
                  <0>
                  <name>Intranet</name>
                  <description><![CDATA[Usuarios con Acceso a Intranet]]></description>
                  <disabled></disabled>
                  <timename>Horario</timename>
                  <redirect>Acceso Denegado!!! Usuario de Intranet!!!</redirect>
                  <redirect_mode>rmod_int</redirect_mode>
                  <rewritename>safesearch</rewritename>
                  <log>on</log>
                  <notallowingip>on</notallowingip>
                  <order></order>
                  <overredirect>Acceso Denegado!!! Usuario de Intranet!!!</overredirect>
                  <overrewritename>safesearch</overrewritename>
                  <destname>Intranet none</destname>
                  <overdestname>none</overdestname>
                  </0>
                  <1>
                  <name>Internet</name>
                  <description><![CDATA[Usuarios con Acceso a Internet]]></description>
                  <disabled></disabled>
                  <timename>Horario</timename>
                  <redirect>Acceso Denegado!!! Usuario de Internet!!!</redirect>
                  <redirect_mode>rmod_int</redirect_mode>
                  <rewritename>safesearch</rewritename>
                  <log>on</log>
                  <notallowingip>on</notallowingip>
                  <order></order>
                  <overredirect>Acceso Denegado!!! Usuario de Internet!!!</overredirect>
                  <overrewritename>safesearch</overrewritename>
                  <destname>!BL_Generales !BL_Correos !blk_BL_aggressive !blk_BL_alcohol !blk_BL_anonvpn !blk_BL_chat !blk_BL_dating !blk_BL_drugs !blk_BL_finance_moneylending !blk_BL_finance_trading !blk_BL_gamble !blk_BL_hacking !blk_BL_hobby_games-misc !blk_BL_hobby_games-online !blk_BL_military !blk_BL_movies !blk_BL_music !blk_BL_porn !blk_BL_recreation_humor !blk_BL_recreation_martialarts !blk_BL_recreation_restaurants !blk_BL_recreation_sports !blk_BL_recreation_travel !blk_BL_recreation_wellness !blk_BL_remotecontrol !blk_BL_ringtones !blk_BL_sex_education !blk_BL_sex_lingerie !blk_BL_socialnet !blk_BL_spyware !blk_BL_violence !blk_BL_warez !blk_BL_weapons !blk_BL_webmail all</destname>
                  <overdestname>none</overdestname>
                  </1>
                  <2>
                  <name>Administradores</name>
                  <description><![CDATA[Usuarios Administradores]]></description>
                  <disabled></disabled>
                  <timename></timename>
                  <redirect>Acceso Denegado!!! Adminsitrador!!!</redirect>
                  <redirect_mode>rmod_none</redirect_mode>
                  <rewritename>safesearch</rewritename>
                  <log>on</log>
                  <notallowingip></notallowingip>
                  <order></order>
                  <overredirect>Acceso Denegado!!! Adminsitrador!!!</overredirect>
                  <overrewritename>safesearch</overrewritename>
                  <destname>!blk_BL_porn !blk_BL_sex_education !blk_BL_sex_lingerie all</destname>
                  <overdestname>!blk_BL_porn !blk_BL_sex_education !blk_BL_sex_lingerie all</overdestname>
                  </2>
                  </acls>
                  <default>
                  <name>default</name>
                  <description></description>
                  <disabled></disabled>
                  <timename></timename>
                  <redirect_mode>rmod_int</redirect_mode>
                  <redirect>USTED NO ESTA AUTORIZADO A ACCEDER A ESTE SITIO</redirect>
                  <rewritename>safesearch</rewritename>
                  <log>on</log>
                  <notallowingip>on</notallowingip>
                  <destname>none</destname>
                  </default>
                  <rewrite_children>16</rewrite_children>
                  <rewrite_children_startup>8</rewrite_children_startup>
                  <rewrite_children_idle>4</rewrite_children_idle>
                  <enablelog>on</enablelog>
                  <enableguilog>on</enableguilog>
                  <logrotation>on</logrotation>
                  <adv_blankimg>off</adv_blankimg>
                  <current_lan_ip>10.0.67.2</current_lan_ip>
                  <current_gui_port>8181</current_gui_port>
                  <current_gui_protocol>https</current_gui_protocol>
                  </squidGuard>

                  1 Reply Last reply Reply Quote 0
                  • F
                    FreudyFLC @viktor_g
                    last edited by Mar 26, 2021, 2:19 PM

                    @viktor_g
                    I found the following difference:
                    In the Squid Folder the SquidGuard.conf file if you have the scr
                    But in the SquidGuard folder the file doesn't have it.
                    I will correct this error and see if it works

                    1 Reply Last reply Reply Quote 0
                    • F
                      FreudyFLC @viktor_g
                      last edited by Mar 26, 2021, 2:54 PM

                      @viktor_g
                      Sorry for the inconvenience and my ignorance. The problem was with the squid integration with the squidGuard. I have solved the error and the ACLs are working without problems.

                      Thank you very much for attending me and helping me

                      1 Reply Last reply Reply Quote 0
                      • Z
                        ZaTTG
                        last edited by Mar 26, 2021, 3:32 PM

                        This post is deleted!
                        1 Reply Last reply Reply Quote 0
                        • Z
                          ZaTTG
                          last edited by Mar 26, 2021, 3:38 PM

                          ProxyConfig.txt
                          FilterConfig.txt

                          Here are my configs. It used to work fine on 2.4.5 redirecting users to google 403 error. The only change I recently made was swap shallalist in favor of UT1 because I read that Viktor had no problem with them. But no luck for me.
                          Hope you can help

                          1 Reply Last reply Reply Quote 0
                          • A
                            Anderson_Sereno @viktor_g
                            last edited by Mar 28, 2021, 12:27 AM

                            @viktor_g https://forum.netgate.com/topic/162463/squidguard-1-16-18_17-not-filtering-pfsense-2-5?_=1616885707887

                            V 1 Reply Last reply Mar 28, 2021, 1:04 PM Reply Quote 0
                            • V
                              viktor_g Netgate @Anderson_Sereno
                              last edited by Mar 28, 2021, 1:04 PM

                              @anderson_sereno
                              https://redmine.pfsense.org/issues/11738#change-52706

                              Please wait for the next package version...

                              1 Reply Last reply Reply Quote 1
                              • V
                                viktor_g Netgate
                                last edited by Mar 30, 2021, 9:55 AM

                                Fixed
                                Please update SquidGuard pkg to the latest version

                                Z 1 Reply Last reply Mar 30, 2021, 11:17 AM Reply Quote 1
                                • Z
                                  ZaTTG @viktor_g
                                  last edited by Mar 30, 2021, 11:17 AM

                                  @viktor_g Updated this morning and tested now, so far is working fine as it was in 2.4.5, thanks @viktor_g .

                                  1 Reply Last reply Reply Quote 0
                                  17 out of 23
                                  • First post
                                    17/23
                                    Last post
                                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                                    This community forum collects and processes your personal information.
                                    consent.not_received