Squid keeps blocking ips thats not in my blacklist
-
I have Squid and squid guard installed and devices are using wpad or manual proxy for Android. My devices at times are getting all kinds of blocks but they are not in the block list. trying to understand why this is occuring
Common ACL Target rules: !My_Blacklist ^My_Whitelist all
MyBlackList
Domain List: thestar.com thestar.ca
URL List: thestar.com/ thestar.ca/- Do not allow IP-Addresses in URL: Enabled
To make sure that people do not bypass the URL filter by simply using the IP-Addresses instead of the FQDN you can check this option. This option has no effect on the whitelist.
I assume this is my issue???-
Transparent Proxy Settings: Not enabled
-
HTTPS/SSL Interception: Enabled
Block Logs -> Note the block logs are always IPs
21.04.2018 14:44:39 192.168.0.166/rogerspixel.workgroup http://216.58.196.14/generate_204 Request(default/in-addr/-) - GET REDIRECT 21.04.2018 14:44:38 192.168.0.166/rogerspixel.workgroup http://216.58.196.14/generate_204 Request(default/in-addr/-) - GET REDIRECT 21.04.2018 14:43:30 192.168.0.166/rogerspixel.workgroup http://192.168.0.155:7000/playback-info Request(default/in-addr/-) - GET REDIRECT 21.04.2018 14:43:30 192.168.0.166/rogerspixel.workgroup http://192.168.0.127:7000/playback-info Request(default/in-addr/-) - GET REDIRECTwpad and proxy.pac contents
function FindProxyForURL(url,host) { if(isPlainHostName(host)) { return "DIRECT"; } if(isInNet(host,"127.0.0.1","255.255.255.0")) { return "DIRECT"; } if(isInNet(host,"192.168.0.0","255.255.255.0")) { return "DIRECT" } return "PROXY 192.168.0.2:3128"; }Update 1:
Disabled Do not allow IP-Addresses in URL and still getting blocks from IPs internal and external -
When you made your change, did you remember to go back to the General settings page and click Save then Apply?
-
No I did not. That fixed the internal and external IP bases issues. Still have issues with pac on Android tho, doesn't seem to work. Will keep testing.
-
Android doesn't support WPAD, IIRC.
