Chrome is bypassing squidguard

stichguy · Sep 5, 2017, 10:18 AM

Hi everyone, we installed a PFsense firewall for our company and I have been battling with the squidguard. We have the groups ACL for IP addresses that need restricted access to certain websites and it works perfectly when using edge browser or firefox (both on auto proxy). However when using google chrome there is full access to any website. It is strange because edge and chrome both use the same proxy settings.

sichent · Sep 5, 2017, 7:07 PM

Verify by wireshark Chrome is not going direct (hint it uses QUIC protocol if possible, bypassing any configured proxy).

KOM · Sep 5, 2017, 8:46 PM

You should be blocking tcp 80/443 on LAN anyway to ensure people can't go around the proxy unless you allow it.

stichguy · Sep 6, 2017, 7:35 AM

@KOM:

You should be blocking tcp 80/443 on LAN anyway to ensure people can't go around the proxy unless you allow it.

These are being blocked, the problem is not the computers accessing the network its that squidgaurd is not working for google chrome, it can access all websites.

I have tried disabling the QUIC protocol and chrome is still able to access blocked website

One thing I have realised is that if I set the manual proxy in windows then it blocks in chrome, however on automatic proxy chrome can access all sites

doktornotor · Sep 6, 2017, 9:13 AM

Chrome is using system proxy settings. If misconfigured, it won't of course use any proxy at all.

Also, if bypassing proxy is such a huge issue, you should either use transparent proxy, or block direct access via firewall.