Is there a work-around for bug in "Bypass Proxy for These Destination IPs"?



  • _Symtom: squidGuard stops filtering altogether, even things explicitly blacklisted.

    Cause: You have entered values (semi-colon delimited) under 'Proxy Server/General/Bypass Proxy for These Destination IPs' that are not in the blacklist.

    Solution: Remove all data and save, squidGuard works properly again._

    –--

    Is there a work around for this?  I really have no need to proxy my email and other such sites.  I found the above solution when I hit the problem but can't find that post again to see if there was a work-around or if a bug had even been submitted yet.

    Thanks!



  • It is working fine at my end, I think you can only put destination IP not hostname like gmail.com. In some cases it is not working like in wetransfer.com. Any suggestion.



  • I'll try IP and post results, but there are some IP's I want to whitelist that are dynamic, so that's why domain is needed versus IP, but first let me try IP for the one's are static and see how that works.  Thanks for the reply!


  • Rebel Alliance Developer Netgate

    Don't put hostnames in there directly. A DNS failure will cause the rules to fail.

    Put all your IP addresses and hostnames for that in an alias, and then reference the alias in that field. The alias code and filterdns will keep the DNS record updated over time. Putting the hostname in that proxy bypass field directly will only attempt to resolve it once, when the rules are reloaded, so it won't keep it updated over time.



  • I will try alias' and follow-up.  Thanks!



  • Hello there,

    Having the same problem. Currently on 2.3.1 stable release, with squid 0.4.23_1 and squidGuard 1.14_4.

    I am using aliases as recommended above, but still have the problem. Sometimes squidGuard will simply stop filtering and
    allow everything, and cleaning the "Bypass Proxy for those source IP's" field and saving solves the problem.

    Couldn't really find a workout, have to constantly check if filtering is active and wipe the bypass proxy field if
    it doesn't. Maybe I should create a bug report?

    Thank you!