Proxy server - access control - blacklist problem



  • Proxy is working great, filtering all sex, chat, dating, warez, hacking, web proxy etc…
    but
    i add web page to Proxy server - access control - blacklist and it just want to block it, why? i try to reinstall package and same thing.

    Im using proxy in transparent mode, and pfs 1.2

    thanks



  • any ideas?



  • Any more info? Logs, installed packages version?



  • sorry
    using squid vr. 2.6.18.1_06, and squidGuard  vr. 1.2.0_1-1

    everything that is checked as deny on
    services–>proxy content-->default it blocks and working great

    but i need to put some pages to block them and that are not on uploaded blacklist services-->proxy content-->general settings tab - blacklist url

    so, under
    services-->proxy server-->access control tab, blacklist i have add couple of urls and they are not filtered.  :(

    and proxy want pass urls that are on whitelist too.



  • Why you not use "Destinations" in SquidGuard ?
    Possible define self destinations and allow/deny this too.



  • hm, dont know didnt even think about that, and now try and it can block

    but this with blacklist worked in 1.2 alpha versions



  • @dvserg:

    Why you not use "Destinations" in SquidGuard ?
    Possible define self destinations and allow/deny this too.

    nope, not working.

    tryed and nothing, want block added domains, and to be even more bad, blacklist seems to stop working …



  • @josey:

    blacklist seems to stop working

    Possible view errors. logs. messages ?



  • nope, nothing in log, no errors, proxy just stop to block ???
    i think i can try to reinstall PFS from start, but i have already done that, and same thing…



  • @josey:

    nope, nothing in log, no errors, proxy just stop to block ???
    i think i can try to reinstall PFS from start, but i have already done that, and same thing…

    Can you call from putty

    /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf -d

    Must be 3 last lines

    2008-11-10 16:42:37 [80344] squidGuard 1.2.0 started (1226324557.820)
    2008-11-10 16:42:37 [80344] recalculating alarm in 1043 seconds
    2008-11-10 16:42:37 [80344] squidGuard ready for requests (1226324557.980)



  • hm, yes it is started …
    nothing, it seems that i must accept that this cant work...



  • @josey:

    hm, yes it is started …
    nothing, it seems that i must accept that this cant work...

    Sorry my question.
    You say 'this cant work' - this is mean: squid not worked OR not filter sites?
    What you squid/squidGuard services state?  Started or NO ?



  • im talking about squid which works great (sometimes stops to block but reboot fix things) and manually entered domains to black list which are not blocked by squid…

    here whatever i add on this page it wont work ...

    and when i add here squid stops to block, but service is running…



  • I do, how you say

    • adding site to squid blacklist
    • create (only!)  squidGuard Dest item with this site

    Result - all success blocked



  • I've defined my own destinations here as well, no problem.
    Created destination with my own URL's listed

    Under default blocked the destination
    Under specific ACL's blocked the destination

    Works like a charm.

    The blacklist URL is for downloading a blacklist from a publisher.



  • ok then,
    please put print screen of your configuration, and put, uumm,,,

    www.google.com to blacklist

    thanks



  • Hello,

    I'm having the same issue with Squid; where the black list is not working. I have set "www.google.com" into the black list, and ALL" web traffic gets blocked by Squid even browsing to the GUI itself of PFsense "Localhost" gets blocked, even though I have checked the bypass proxy for local addresses.

    I also tested this on the latest platform on PFsense "pfSense 1.2.3-RC1" and the Squid is worst on this one, the tabs are no longer present, there are drop down menus; which are not working on Internet Explorer only on firefox, in addition to the black list not working.  ???

    Attached you will find the info of my platform and tests performed. Any help would be appreciated. Thanks!












  • you can always use the Custom Options under General Settings of Proxy Server:
    for sample sites: www.youporn.com www.pornhub.com

    acl blocksite url_regex youporn pornhub; http_access deny blocksite
    ```this will only blocked if squid sees in URL youporn or pornhub now what if client will ping youporn.com and use the ip addess in exchange of domain name(youporn.com)…
    then use dstdom_regex. But its slower than url_regex.
    

    acl blocksite dstdom_regex youporn pornhub; http_access deny blocksite

    
    now its up to you to decide. ;)
    
    This problem is just in GUI but squid 2.6 will always work as it should be. For more info about acl and http_access deny visit the wiki page of www.squid-cache.org
    
    In black list have you tried```
    google;youporn;pornhub
    ```it should be with ;

Log in to reply