Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Changing SquidGuard config options not listed in the GUI

    Cache/Proxy
    2
    3
    1.4k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      RubberPike
      last edited by

      Hi,
      I'm looking for a way to change the SquidGuard db and log locations:
      The defaults are /var/db/squidGuard and /var/squidGuard/log but these aren't listed in the GUI.

      I'm still relatively new to pfSense and an trying to wrap my head around how the config files are written on boot.

      I can see these log and db parms in these:
      /usr/local/pkg/squidguard_configurator.inc
      /usr/local/etc/squidGuard/squidGuard.conf
      /usr/local/etc/squidGuard/squidguard_conf.xml
      .. however these all appear to be over written on either package (re-)install or on reboot.

      These variables aren't stored in /cf/conf/config.xml but they do appear in /usr/local/etc/squidGuard/squidguard_conf.xml after boot.

      Is there a way this can be achieved?

      I'm currently running pfSense on NanoBSD, but have a secondary drive mounted where I want to store the blacklist caches to (to avoid them getting wiped on boot).
      I know blacklists on NanoBSD are not recommended, but I have 4GB RAM + dual core on the box with a large /tmp and /var so downloading and building the caches don't appear to be an issue.

      Thanks!

      1 Reply Last reply Reply Quote 0
      • N
        Nachtfalke
        last edited by

        Hi,

        .conf files will be overwritten every time you change something in the GUI. The will be persistent if you modify the /usr/local/pkg/*.inc files. The .inc files and the .xml files in this folder will create all other config files (.conf) for this package. So As long as you do not reinstall/upgrade the package the modifications in the .inc file could help you.

        To make it persistent after an upgrade I do the following:

        1.) Installaing "System Patches" package on pfense
        2.) I make a copy of the squidguard_configurator.inc and modified the copy of the file like I need it
        3.) I create a diff / patch file with this command :  diff -Naur FILE1.inc FILE2.inc > DIFF.patch
        4.) In the "Patches" package I create a new entry.
          Description: Something you like
          URL/commit ID: emtpy
          Patch contents: here I paste everything of the DIFF.patch file.
          Path strip count: 1
          Base directory: /usr/local/pkg/
          Ignore whitespaces: checked
          Auto Apply: checked (before enabling this I make sure everything is working. But this will make sure that your changes will be made after a package update).
        5.) After clicking "Save" you can try and "Test" your patch and apply your patch.

        Hope this will help you!

        1 Reply Last reply Reply Quote 0
        • R
          RubberPike
          last edited by

          Awesome.. thanks Nachtfalke! I wasn't aware of that "System Patches" package.

          I tried this with my SquidGuard changes today and Squid + SquidGuard were working perfect.
          Everything seemed great until I did a final reboot test. Something went wrong after that to a point where Unbound and DHCP wouldn't load. I was getting some weird certificate type errors on Unbound.
          I had to revert back to the other slice to recover.

          I'll have a bit more of a play though and see if I can get it going.

          Thanks again!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.