Help needed: squid blocks antivirus updates, http://www.iblocklist.com/lists.php



  • Hello,
    I 've just installed and configured pfsense+snort+squid+pfblocker.

    Everything works fine with the exception of squid, which blocks the updates of my antivirus (Avast), the access to http://www.iblocklist.com/lists.php for pfblocker, etc.
    For all other web navigations, squid works fine.
    Squid is configured as transparent proxy and ClamAV is active.

    I am new to pfsense and I would like to ask help to the community.

    Actions taken without success:

    1. Squid is the problem, because if I stop squid services everything works fine
    2. Put in whitelist Avast update servers (they are listed in a specific file, I copied in squid whitelist all servers)
    3. In Squidguard put in allow all categories with the exception of hacking sites (deny).
    4. Stop ClamAV and leave Squid on.

    Any kind help or suggestion? If needed, pls let me know which part of my configuration you need and I will provide it.

    Thanks in advance to everybody who will help me.

    Bye,

    GL



  • By the way, as further info, another kind of websites stopped are the speed tests…



  • Are you sure it isn't Snort blocking the speed test site's?

    Avast has the option to define the proxy setting's under setting's,update's,Proxy setting's.



  • Hello,
    many thanks for your reply.
    With snort service up and Squid down everything was fine. So I was sure the problem was with Squid and some setting.

    During the week end i found the problem and I report the solution for any newbie like me.

    The problem was in SquidGuard and the standard categories: you have four option per each category, -, allow, deny, whitelist.
    I configured all categories with deny or allow. For categories for which you are not interested if you put the - option and populate with deny only the ones you want to block, then everything works fine.

    I'm still missing the reason and as a newbie it is still not very clear to me the difference between the - option and the allow.
    In other professional appliances, you must put the option allow or by default it is intended as blocked.

    As general experience after installing pfsense, what I miss is a comprehensive manual where all options are described and related effects are listed. For the rest, this firewall is great and has nothing less than several professional appliances.


Log in to reply