SquidGuard won't stop filtering one website



  • My first install of pfsense.  SquidGuard with Shalla's list keeps blocking www.windowscentral.com.  I made a whitelist in Target Categories and set it in Common ACL/Target Categories with no change.  I set EVERY target category item to allow, no change.  I cleared the squid cache.  I rebooted.  I stopped the squid and squidGuard services.

    Oddly, www.windowscentral.com itself works, but clicking any link gives me this:

    But following a link from google to WC give me this:

    (SquidGuard Common ACL is the custom message I put in SquidGuard.)

    Dunno why they're different.  So far no other website is blocked.  I can't find any log saying anything was ever blocked.  I don't really care much about windowscentral but I need to know how to keep things from getting blocked.  Any ideas?



  • because when you start squidgaurd , it blocks all access to http traffic by default.

    go ot squidguard settings, udner common ACL tab, in target categories, the final line says: Default access = deny.

    change that to Allow.



  • It doesn't help. Last update of Squid makes this error. Maybe its squidguard fail, I dont know. And don't know how resolve that problem.



  • Any ideas?

    Browser cache?  What do you see at Services - Squidguard - Log when you access that URL?  Is it really being blocked in realtime?  What about another device on your network, can it access this URL?



  • KOM:

    Under SquidGuard-log-blocked is says no data.

    I can hook up another PC to give it a try, but as I am new to pfsense I'm trying to understand it and make sure I can run it before it goes in front of the whole LAN.

    musa.ktk:
    Like I said - EVERYTHING is set to allow except my whitelist which is whitelisted:



  • @RadOD:

    KOM:

    Browser cache?  What do you see at Services - Squidguard - Log when you access that URL?  Is it really being blocked in realtime?  What about another device on your network, can it access this URL?

    It doesn't help. I tried different settings in my network and in network on virtualbox, when I install new pfsense on virtual machine, then install squid and squidguard it stops working. Squidguard logs do not say anything. Just shows blocking from black list filters, so thats good.



  • squidguard logs will only show blocks.  What happens if you just install squid?  Does it work as your proxy before you add squidguard?



  • I think I have  it figured: its Snort blocking not SquidGuard.  I though it was SG because I changed the SG proxy denied error to test it.

    If you are having the same problems as me, you'll want to search your Snort Alerts for the IP in question.  Click the red X in the SID column to disable the rule.  Then click the red X in the source or destination IP column to unblock that host.  You may or may not need to clear cache/restart services.



  • Glad you've got it working.



  • @KOM:

    squidguard logs will only show blocks.  What happens if you just install squid?  Does it work as your proxy before you add squidguard?

    New installation of Pfsense, new installation squid - ok, works fine. Install and start squidguard - the same ok, looks good. Install and start snort - broken. Thats it, but why? Snort is the reason that network is stopped.


  • Banned

    Clearly has nothing to do with Squidguard/Squid. Plus, Snort is certainly not an install and forget package. Do NOT configure it to block things until you are confident that pretty much all false positives were eliminated.



  • Yeah, right. I disabled snort interface and all stuff works. But I need ISP on my network, what should I do to do? Where we can see what is a problem with snort? Last update makes it broken, if I  don't wrong.

    UPDATE:
    I turned on snort after two days and everything works fine… sometimes. Sometimes works and after few minutes stopped, Permission denied or domain no exist (or something like this). Maybe it is some kind of cache error with snort?

    UPDATE2:
    It looks like this http://wiki.squid-cache.org/SquidFaq/TroubleShooting#FATAL:Failed_to_make_swap_directory.2Fvar.2Fspool.2Fcache:_.2813.29_Permission_denied in squid FAQ, but I have cache directory and owner is correctly, user: squid | group: proxy.


Log in to reply