Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SquidGuard Disable "Groups ACL" no work, bug?

    Scheduled Pinned Locked Moved Cache/Proxy
    23 Posts 6 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      FreudyFLC @viktor_g
      last edited by

      @viktor_g
      Good morning, how do I implement what is in that link ????
      I would be very grateful if you could help me.
      I modified the second file by what is shown in the line of codes of the link, but the first one I do not know where to find it ...
      Please help me

      S 1 Reply Last reply Reply Quote 0
      • S
        sisko212 @FreudyFLC
        last edited by sisko212

        @freudyflc A new upgraded package is already available, just go to package manager and update squidguard to latest 1.16.18_17.

        F 1 Reply Last reply Reply Quote 0
        • F
          FreudyFLC @sisko212
          last edited by

          @sisko212 It is the version that I have installed. But it has the bug

          S viktor_gV 2 Replies Last reply Reply Quote 0
          • S
            sisko212 @FreudyFLC
            last edited by

            @freudyflc i am sorry... for your case, should be something else then.

            1 Reply Last reply Reply Quote 0
            • viktor_gV
              viktor_g Netgate @FreudyFLC
              last edited by

              @freudyflc Please provide your SquidGuard configuration for checking
              WebGUI pages + /usr/local/etc/squidGuard/squidGuard.conf

              F 1 Reply Last reply Reply Quote 0
              • F
                FreudyFLC @viktor_g
                last edited by

                @viktor_g said in SquidGuard Disable "Groups ACL" no work, bug?:

                @freudyflc Please provide your SquidGuard configuration for checking
                WebGUI pages + /usr/local/etc/squidGuard/squidGuard.conf

                This is my squidGuard configuration:
                (Excuse the Spanish, I am Cuban)

                ============================================================

                SquidGuard configuration file

                This file generated automaticly with SquidGuard configurator

                (C)2006 Serg Dvoriancev

                email: dv_serg@mail.ru

                ============================================================

                logdir /var/squidGuard/log
                dbhome /var/db/squidGuard

                Horario Para la Navegación

                time Horario {
                weekly * 07:00-18:00
                }

                dest blk_BL_adv {
                domainlist blk_BL_adv/domains
                urllist blk_BL_adv/urls
                log block.log
                }

                dest blk_BL_aggressive {
                domainlist blk_BL_aggressive/domains
                urllist blk_BL_aggressive/urls
                log block.log
                }

                dest blk_BL_alcohol {
                domainlist blk_BL_alcohol/domains
                urllist blk_BL_alcohol/urls
                log block.log
                }

                dest blk_BL_anonvpn {
                domainlist blk_BL_anonvpn/domains
                urllist blk_BL_anonvpn/urls
                log block.log
                }

                dest blk_BL_automobile_bikes {
                domainlist blk_BL_automobile_bikes/domains
                urllist blk_BL_automobile_bikes/urls
                log block.log
                }

                dest blk_BL_automobile_boats {
                domainlist blk_BL_automobile_boats/domains
                urllist blk_BL_automobile_boats/urls
                log block.log
                }

                dest blk_BL_automobile_cars {
                domainlist blk_BL_automobile_cars/domains
                urllist blk_BL_automobile_cars/urls
                log block.log
                }

                dest blk_BL_automobile_planes {
                domainlist blk_BL_automobile_planes/domains
                urllist blk_BL_automobile_planes/urls
                log block.log
                }

                dest blk_BL_chat {
                domainlist blk_BL_chat/domains
                urllist blk_BL_chat/urls
                log block.log
                }

                dest blk_BL_costtraps {
                domainlist blk_BL_costtraps/domains
                urllist blk_BL_costtraps/urls
                log block.log
                }

                dest blk_BL_dating {
                domainlist blk_BL_dating/domains
                urllist blk_BL_dating/urls
                log block.log
                }

                dest blk_BL_downloads {
                domainlist blk_BL_downloads/domains
                urllist blk_BL_downloads/urls
                log block.log
                }

                dest blk_BL_drugs {
                domainlist blk_BL_drugs/domains
                urllist blk_BL_drugs/urls
                log block.log
                }

                dest blk_BL_dynamic {
                domainlist blk_BL_dynamic/domains
                urllist blk_BL_dynamic/urls
                log block.log
                }

                dest blk_BL_education_schools {
                domainlist blk_BL_education_schools/domains
                urllist blk_BL_education_schools/urls
                log block.log
                }

                dest blk_BL_finance_banking {
                domainlist blk_BL_finance_banking/domains
                urllist blk_BL_finance_banking/urls
                log block.log
                }

                dest blk_BL_finance_insurance {
                domainlist blk_BL_finance_insurance/domains
                urllist blk_BL_finance_insurance/urls
                log block.log
                }

                dest blk_BL_finance_moneylending {
                domainlist blk_BL_finance_moneylending/domains
                urllist blk_BL_finance_moneylending/urls
                log block.log
                }

                dest blk_BL_finance_other {
                domainlist blk_BL_finance_other/domains
                urllist blk_BL_finance_other/urls
                log block.log
                }

                dest blk_BL_finance_realestate {
                domainlist blk_BL_finance_realestate/domains
                urllist blk_BL_finance_realestate/urls
                log block.log
                }

                dest blk_BL_finance_trading {
                domainlist blk_BL_finance_trading/domains
                urllist blk_BL_finance_trading/urls
                log block.log
                }

                dest blk_BL_fortunetelling {
                domainlist blk_BL_fortunetelling/domains
                urllist blk_BL_fortunetelling/urls
                log block.log
                }

                dest blk_BL_forum {
                domainlist blk_BL_forum/domains
                urllist blk_BL_forum/urls
                log block.log
                }

                dest blk_BL_gamble {
                domainlist blk_BL_gamble/domains
                urllist blk_BL_gamble/urls
                log block.log
                }

                dest blk_BL_government {
                domainlist blk_BL_government/domains
                urllist blk_BL_government/urls
                log block.log
                }

                dest blk_BL_hacking {
                domainlist blk_BL_hacking/domains
                urllist blk_BL_hacking/urls
                log block.log
                }

                dest blk_BL_hobby_cooking {
                domainlist blk_BL_hobby_cooking/domains
                urllist blk_BL_hobby_cooking/urls
                log block.log
                }

                dest blk_BL_hobby_games-misc {
                domainlist blk_BL_hobby_games-misc/domains
                urllist blk_BL_hobby_games-misc/urls
                log block.log
                }

                dest blk_BL_hobby_games-online {
                domainlist blk_BL_hobby_games-online/domains
                urllist blk_BL_hobby_games-online/urls
                log block.log
                }

                dest blk_BL_hobby_gardening {
                domainlist blk_BL_hobby_gardening/domains
                urllist blk_BL_hobby_gardening/urls
                log block.log
                }

                dest blk_BL_hobby_pets {
                domainlist blk_BL_hobby_pets/domains
                urllist blk_BL_hobby_pets/urls
                log block.log
                }

                dest blk_BL_homestyle {
                domainlist blk_BL_homestyle/domains
                urllist blk_BL_homestyle/urls
                log block.log
                }

                dest blk_BL_hospitals {
                domainlist blk_BL_hospitals/domains
                urllist blk_BL_hospitals/urls
                log block.log
                }

                dest blk_BL_imagehosting {
                domainlist blk_BL_imagehosting/domains
                urllist blk_BL_imagehosting/urls
                log block.log
                }

                dest blk_BL_isp {
                domainlist blk_BL_isp/domains
                urllist blk_BL_isp/urls
                log block.log
                }

                dest blk_BL_jobsearch {
                domainlist blk_BL_jobsearch/domains
                urllist blk_BL_jobsearch/urls
                log block.log
                }

                dest blk_BL_library {
                domainlist blk_BL_library/domains
                urllist blk_BL_library/urls
                log block.log
                }

                dest blk_BL_military {
                domainlist blk_BL_military/domains
                urllist blk_BL_military/urls
                log block.log
                }

                dest blk_BL_models {
                domainlist blk_BL_models/domains
                urllist blk_BL_models/urls
                log block.log
                }

                dest blk_BL_movies {
                domainlist blk_BL_movies/domains
                urllist blk_BL_movies/urls
                log block.log
                }

                dest blk_BL_music {
                domainlist blk_BL_music/domains
                urllist blk_BL_music/urls
                log block.log
                }

                dest blk_BL_news {
                domainlist blk_BL_news/domains
                urllist blk_BL_news/urls
                log block.log
                }

                dest blk_BL_podcasts {
                domainlist blk_BL_podcasts/domains
                urllist blk_BL_podcasts/urls
                log block.log
                }

                dest blk_BL_politics {
                domainlist blk_BL_politics/domains
                urllist blk_BL_politics/urls
                log block.log
                }

                dest blk_BL_porn {
                domainlist blk_BL_porn/domains
                urllist blk_BL_porn/urls
                log block.log
                }

                dest blk_BL_radiotv {
                domainlist blk_BL_radiotv/domains
                urllist blk_BL_radiotv/urls
                log block.log
                }

                dest blk_BL_recreation_humor {
                domainlist blk_BL_recreation_humor/domains
                urllist blk_BL_recreation_humor/urls
                log block.log
                }

                dest blk_BL_recreation_martialarts {
                domainlist blk_BL_recreation_martialarts/domains
                urllist blk_BL_recreation_martialarts/urls
                log block.log
                }

                dest blk_BL_recreation_restaurants {
                domainlist blk_BL_recreation_restaurants/domains
                urllist blk_BL_recreation_restaurants/urls
                log block.log
                }

                dest blk_BL_recreation_sports {
                domainlist blk_BL_recreation_sports/domains
                urllist blk_BL_recreation_sports/urls
                log block.log
                }

                dest blk_BL_recreation_travel {
                domainlist blk_BL_recreation_travel/domains
                urllist blk_BL_recreation_travel/urls
                log block.log
                }

                dest blk_BL_recreation_wellness {
                domainlist blk_BL_recreation_wellness/domains
                urllist blk_BL_recreation_wellness/urls
                log block.log
                }

                dest blk_BL_redirector {
                domainlist blk_BL_redirector/domains
                urllist blk_BL_redirector/urls
                log block.log
                }

                dest blk_BL_religion {
                domainlist blk_BL_religion/domains
                urllist blk_BL_religion/urls
                log block.log
                }

                dest blk_BL_remotecontrol {
                domainlist blk_BL_remotecontrol/domains
                urllist blk_BL_remotecontrol/urls
                log block.log
                }

                dest blk_BL_ringtones {
                domainlist blk_BL_ringtones/domains
                urllist blk_BL_ringtones/urls
                log block.log
                }

                dest blk_BL_science_astronomy {
                domainlist blk_BL_science_astronomy/domains
                urllist blk_BL_science_astronomy/urls
                log block.log
                }

                dest blk_BL_science_chemistry {
                domainlist blk_BL_science_chemistry/domains
                urllist blk_BL_science_chemistry/urls
                log block.log
                }

                dest blk_BL_searchengines {
                domainlist blk_BL_searchengines/domains
                urllist blk_BL_searchengines/urls
                log block.log
                }

                dest blk_BL_sex_education {
                domainlist blk_BL_sex_education/domains
                urllist blk_BL_sex_education/urls
                log block.log
                }

                dest blk_BL_sex_lingerie {
                domainlist blk_BL_sex_lingerie/domains
                urllist blk_BL_sex_lingerie/urls
                log block.log
                }

                dest blk_BL_shopping {
                domainlist blk_BL_shopping/domains
                urllist blk_BL_shopping/urls
                log block.log
                }

                dest blk_BL_socialnet {
                domainlist blk_BL_socialnet/domains
                urllist blk_BL_socialnet/urls
                log block.log
                }

                dest blk_BL_spyware {
                domainlist blk_BL_spyware/domains
                urllist blk_BL_spyware/urls
                log block.log
                }

                dest blk_BL_tracker {
                domainlist blk_BL_tracker/domains
                urllist blk_BL_tracker/urls
                log block.log
                }

                dest blk_BL_updatesites {
                domainlist blk_BL_updatesites/domains
                urllist blk_BL_updatesites/urls
                log block.log
                }

                dest blk_BL_urlshortener {
                domainlist blk_BL_urlshortener/domains
                urllist blk_BL_urlshortener/urls
                log block.log
                }

                dest blk_BL_violence {
                domainlist blk_BL_violence/domains
                urllist blk_BL_violence/urls
                log block.log
                }

                dest blk_BL_warez {
                domainlist blk_BL_warez/domains
                urllist blk_BL_warez/urls
                log block.log
                }

                dest blk_BL_weapons {
                domainlist blk_BL_weapons/domains
                urllist blk_BL_weapons/urls
                log block.log
                }

                dest blk_BL_webmail {
                domainlist blk_BL_webmail/domains
                urllist blk_BL_webmail/urls
                log block.log
                }

                dest blk_BL_webphone {
                domainlist blk_BL_webphone/domains
                urllist blk_BL_webphone/urls
                log block.log
                }

                dest blk_BL_webradio {
                domainlist blk_BL_webradio/domains
                urllist blk_BL_webradio/urls
                log block.log
                }

                dest blk_BL_webtv {
                domainlist blk_BL_webtv/domains
                urllist blk_BL_webtv/urls
                log block.log
                }

                Navegacion Nacional

                dest Intranet {
                expressionlist Intranet/expressions
                redirect https://10.0.67.2:8181/sgerror.php?url=403%20USTED%20NO%20ESTA%20AUTORIZADO%20A%20ACCEDER%20A%20ESTE%20SITIO%21%21%21&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
                log block.log
                }

                Bloqueo General

                dest BL_Generales {
                domainlist BL_Generales/domains
                expressionlist BL_Generales/expressions
                redirect https://10.0.67.2:8181/sgerror.php?url=403%20USTED%20NO%20ESTA%20AUTORIZADO%20A%20ACCEDER%20A%20ESTE%20SITIO%21%21%21&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
                log block.log
                }

                Bloqueo de Correos

                dest BL_Correos {
                expressionlist BL_Correos/expressions
                redirect https://10.0.67.2:8181/sgerror.php?url=403%20USTED%20NO%20ESTA%20AUTORIZADO%20A%20ACCEDER%20A%20ESTE%20SITIO%21%21%21&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
                log block.log
                }

                Youtube

                dest BL_Youtube {
                domainlist BL_Youtube/domains
                redirect https://10.0.67.2:8181/sgerror.php?url=403%20USTED%20NO%20ESTA%20AUTORIZADO%20A%20ACCEDER%20A%20ESTE%20SITIO%21%21%21&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
                log block.log
                }

                rew safesearch {
                s@(google../search?.q=.)@\1&safe=active@i
                s@(google..
                /images.q=.)@\1&safe=active@i
                s@(google../groups.q=.)@\1&safe=active@i
                s@(google..
                /news.q=.)@\1&safe=active@i
                s@(yandex../yandsearch?.text=.)@\1&fyandex=1@i
                s@(search.yahoo..
                /search.p=.)@\1&vm=r&v=1@i
                s@(search.live../.q=.)@\1&adlt=strict@i
                s@(search.msn..
                /.q=.)@\1&adlt=strict@i
                s@(.bing../.q=.)@\1&adlt=strict@i
                s@(duckduckgo..
                /?.q=.)@\1&kp=1@i
                s@(rambler../?.query=.)@\1&adult=family@i
                s@(qwant..
                /?.q=.)@\1&s=2@i
                s@(ecosia../search.q=.)@\1&safesearch=2@i
                s@(onesearch..
                /yhs/search.*)@\1&vm=r@i
                log block.log
                }

                acl {
                #
                default {
                pass !in-addr none
                redirect https://10.0.67.2:8181/sgerror.php?url=403%20USTED%20NO%20ESTA%20AUTORIZADO%20A%20ACCEDER%20A%20ESTE%20SITIO&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
                rewrite safesearch
                log block.log
                }
                }

                viktor_gV 1 Reply Last reply Reply Quote 0
                • viktor_gV
                  viktor_g Netgate @FreudyFLC
                  last edited by

                  @freudyflc right, something wrong - I don't see src entries
                  Could you show your Group ACLs ?

                  F 3 Replies Last reply Reply Quote 0
                  • F
                    FreudyFLC @viktor_g
                    last edited by

                    @viktor_g said in SquidGuard Disable "Groups ACL" no work, bug?:

                    @freudyflc right, something wrong - I don't see src entries
                    Could you show your Group ACLs ?

                    <acls>
                    <0>
                    <name>Intranet</name>
                    <description><![CDATA[Usuarios con Acceso a Intranet]]></description>
                    <disabled></disabled>
                    <timename>Horario</timename>
                    <redirect>Acceso Denegado!!! Usuario de Intranet!!!</redirect>
                    <redirect_mode>rmod_int</redirect_mode>
                    <rewritename>safesearch</rewritename>
                    <log>on</log>
                    <notallowingip>on</notallowingip>
                    <order></order>
                    <overredirect>Acceso Denegado!!! Usuario de Intranet!!!</overredirect>
                    <overrewritename>safesearch</overrewritename>
                    <destname>Intranet none</destname>
                    <overdestname>none</overdestname>
                    </0>
                    <1>
                    <name>Internet</name>
                    <description><![CDATA[Usuarios con Acceso a Internet]]></description>
                    <disabled></disabled>
                    <timename>Horario</timename>
                    <redirect>Acceso Denegado!!! Usuario de Internet!!!</redirect>
                    <redirect_mode>rmod_int</redirect_mode>
                    <rewritename>safesearch</rewritename>
                    <log>on</log>
                    <notallowingip>on</notallowingip>
                    <order></order>
                    <overredirect>Acceso Denegado!!! Usuario de Internet!!!</overredirect>
                    <overrewritename>safesearch</overrewritename>
                    <destname>!BL_Generales !BL_Correos !blk_BL_aggressive !blk_BL_alcohol !blk_BL_anonvpn !blk_BL_chat !blk_BL_dating !blk_BL_drugs !blk_BL_finance_moneylending !blk_BL_finance_trading !blk_BL_gamble !blk_BL_hacking !blk_BL_hobby_games-misc !blk_BL_hobby_games-online !blk_BL_military !blk_BL_movies !blk_BL_music !blk_BL_porn !blk_BL_recreation_humor !blk_BL_recreation_martialarts !blk_BL_recreation_restaurants !blk_BL_recreation_sports !blk_BL_recreation_travel !blk_BL_recreation_wellness !blk_BL_remotecontrol !blk_BL_ringtones !blk_BL_sex_education !blk_BL_sex_lingerie !blk_BL_socialnet !blk_BL_spyware !blk_BL_violence !blk_BL_warez !blk_BL_weapons !blk_BL_webmail all</destname>
                    <overdestname>none</overdestname>
                    </1>
                    <2>
                    <name>Administradores</name>
                    <description><![CDATA[Usuarios Administradores]]></description>
                    <disabled></disabled>
                    <timename></timename>
                    <redirect>Acceso Denegado!!! Adminsitrador!!!</redirect>
                    <redirect_mode>rmod_none</redirect_mode>
                    <rewritename>safesearch</rewritename>
                    <log>on</log>
                    <notallowingip></notallowingip>
                    <order></order>
                    <overredirect>Acceso Denegado!!! Adminsitrador!!!</overredirect>
                    <overrewritename>safesearch</overrewritename>
                    <destname>!blk_BL_porn !blk_BL_sex_education !blk_BL_sex_lingerie all</destname>
                    <overdestname>!blk_BL_porn !blk_BL_sex_education !blk_BL_sex_lingerie all</overdestname>
                    </2>
                    </acls>
                    <default>
                    <name>default</name>
                    <description></description>
                    <disabled></disabled>
                    <timename></timename>
                    <redirect_mode>rmod_int</redirect_mode>
                    <redirect>USTED NO ESTA AUTORIZADO A ACCEDER A ESTE SITIO</redirect>
                    <rewritename>safesearch</rewritename>
                    <log>on</log>
                    <notallowingip>on</notallowingip>
                    <destname>none</destname>
                    </default>
                    <rewrite_children>16</rewrite_children>
                    <rewrite_children_startup>8</rewrite_children_startup>
                    <rewrite_children_idle>4</rewrite_children_idle>
                    <enablelog>on</enablelog>
                    <enableguilog>on</enableguilog>
                    <logrotation>on</logrotation>
                    <adv_blankimg>off</adv_blankimg>
                    <current_lan_ip>10.0.67.2</current_lan_ip>
                    <current_gui_port>8181</current_gui_port>
                    <current_gui_protocol>https</current_gui_protocol>
                    </squidGuard>

                    1 Reply Last reply Reply Quote 0
                    • F
                      FreudyFLC @viktor_g
                      last edited by

                      @viktor_g
                      I found the following difference:
                      In the Squid Folder the SquidGuard.conf file if you have the scr
                      But in the SquidGuard folder the file doesn't have it.
                      I will correct this error and see if it works

                      1 Reply Last reply Reply Quote 0
                      • F
                        FreudyFLC @viktor_g
                        last edited by

                        @viktor_g
                        Sorry for the inconvenience and my ignorance. The problem was with the squid integration with the squidGuard. I have solved the error and the ACLs are working without problems.

                        Thank you very much for attending me and helping me

                        1 Reply Last reply Reply Quote 0
                        • Z
                          ZaTTG
                          last edited by

                          This post is deleted!
                          1 Reply Last reply Reply Quote 0
                          • Z
                            ZaTTG
                            last edited by

                            ProxyConfig.txt
                            FilterConfig.txt

                            Here are my configs. It used to work fine on 2.4.5 redirecting users to google 403 error. The only change I recently made was swap shallalist in favor of UT1 because I read that Viktor had no problem with them. But no luck for me.
                            Hope you can help

                            1 Reply Last reply Reply Quote 0
                            • A
                              Anderson_Sereno @viktor_g
                              last edited by

                              @viktor_g https://forum.netgate.com/topic/162463/squidguard-1-16-18_17-not-filtering-pfsense-2-5?_=1616885707887

                              viktor_gV 1 Reply Last reply Reply Quote 0
                              • viktor_gV
                                viktor_g Netgate @Anderson_Sereno
                                last edited by

                                @anderson_sereno
                                https://redmine.pfsense.org/issues/11738#change-52706

                                Please wait for the next package version...

                                1 Reply Last reply Reply Quote 1
                                • viktor_gV
                                  viktor_g Netgate
                                  last edited by

                                  Fixed
                                  Please update SquidGuard pkg to the latest version

                                  Z 1 Reply Last reply Reply Quote 1
                                  • Z
                                    ZaTTG @viktor_g
                                    last edited by

                                    @viktor_g Updated this morning and tested now, so far is working fine as it was in 2.4.5, thanks @viktor_g .

                                    1 Reply Last reply Reply Quote 0
                                    • First post
                                      Last post
                                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.