Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Squidguard not blocking sites, http OR https (SSL squid MitM up) pfSense 2.3

    Cache/Proxy
    2
    5
    2557
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pfBasic Banned last edited by

      As stated in the Subject. My Squid & SquidGuard are up and running, blacklists (shallalist) downloading successfully, dummy rule enabled. But, squidguard won't block sites on http OR https. I'm posting pics of the squidguard settings that I've adjusted. I can post logs if helpful? I'm not a network guy and a total pfSense newbie.

      I've tried uninstalling Squid & SquidGuard, deleting squid & squidguard folders after uninstall via SSH using rm-rf:
      rm -rf /var/squid
      rm  -rf /var/squidGuard
      rm  -rf /logs/squid
      rm -rf /logs/squidGuard
      Rebooting, Reinstalling Squid then Squidguard (and opposite order) Rebooting again. Both packages show running, but squidguard still not blocking sites.

      Please tell me how to fix this! What am I doing wrong?










      1 Reply Last reply Reply Quote 0
      • Kalle13
        Kalle13 last edited by

        Hi,

        I have the same problem. Did you solve it?

        Regards
        Kalle

        1 Reply Last reply Reply Quote 0
        • P
          pfBasic Banned last edited by

          I did get it working with MiTM, I ended up uninstalling all packages, removing all remaining folder, then reinstalling squidguard and squid. I had to uninstall and reinstall squid and squidguard multiple times before it worked. Seems like a pretty flaky solution, but I read somewhere on here that other users were able to get it working the same way.

          I quickly stopped using squid in transparent mode though, too many SSL sites were still inaccessible due to SSLv3 incompatibility.

          I tried explicit squid, but have had serious issues with it, if you're interested you can read about my issues with it here, https://forum.pfsense.org/index.php?topic=117194.0.

          I'm about ready to give up on squid, something to do with my installation (which as far as I can tell is not abnormal, and I have done a clean reinstall) causes squid to be extremely flaky for me.

          pfBlockerNG does everything that I want out of squid except for implementing shallalist blacklisting, and it justs works with no issues.

          Caching would have been nice, but with so much SSL out there and so many SSLv3 issues, not enough is being cached to make it worthwhile, IMO.

          1 Reply Last reply Reply Quote 0
          • Kalle13
            Kalle13 last edited by

            Hi,

            thank you for your answer.
            What is "MiTM"?
            I have had working on version 2.2 without any issue. On 2.3 I uninstalled squidguard and tried pfBlockerNG. But now I want squidguard back. ::)
            I will still try on it some time. Perhaps I will do it like you.

            Best regards

            1 Reply Last reply Reply Quote 0
            • Kalle13
              Kalle13 last edited by

              Ive found the solution for me.  ;D I simply reinstalled squid. Now its working properly.

              Cheers

              1 Reply Last reply Reply Quote 0
              • First post
                Last post

              Products

              • Platform Overview
              • TNSR
              • pfSense Plus
              • Appliances

              Services

              • Training
              • Professional Services

              Support

              • Subscription Plans
              • Contact Support
              • Product Lifecycle
              • Documentation

              News

              • Media Coverage
              • Press
              • Events

              Resources

              • Blog
              • FAQ
              • Find a Partner
              • Resource Library
              • Security Information

              Company

              • About Us
              • Careers
              • Partners
              • Contact Us
              • Legal
              Our Mission

              We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

              Subscribe to our Newsletter

              Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

              © 2021 Rubicon Communications, LLC | Privacy Policy