Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squid UI proposal: Add input for blacklisting URLs in addition to domains

    Development
    1
    1
    503
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      PakoUser
      last edited by

      I have a pfSense firewall proxying HTTP and HTTPS with Squid.  Non-transparent, bumping SSL with a CA cert on client machines.

      I wanted to block an entire domain, but allow certain exceptions (eg: "reddit.com/r/pfsense" allowed, rest of "reddit.com" blocked).
      Blocking whole domains is easy with Squid in pfSense, but the UI doesn't allow whitelisting or blacklisting URLs like this.  I realized Squid supported it, though, without the overhead of having to run SquidGuard too.  (Obviously, to be able to see the URL at all, this will only work with HTTP or bumping SSL).

      I put together a change that accomplishes this.  Before I jump through the hoops of licensing agreements and a pull-request, I wanted to see if you all like the concept.  I'm happy to post the diff if you want it.

      Attached are the new UI elements and the resulting config file.  It's been tested to work in my environment, at least.

      Has this already been shown to be a dead end, or should I proceed?
      UI.png
      UI.png_thumb
      squid_conf.txt

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.