PFSENSE, Squid + SquidGuard User based ACL´s

acidus

Hi Guys,

Saw a lot of documentation regarding how to setup Squid + SquidGuard, however all of them were IP Based.

So, the question (if you can save me digging time) is:

Is it possible to perform web filtering in pfsense against userlists acls (i.e local user with ncsa_auth + htpasswd)

src usrs-adv {
    userlist  users-adv  #
    log users-advlogs
}
src usrs-std {
    userlist  users-std  #
    log users-stdlogs

acl {
        usrs-adv {
pass exemptions !blacklist !porn !spyware !tracker !webradio !webtv !chat !tunning all
redirect http://localhost:8080/cgi-bin/squidGuard.cgi?clientaddr=%a&clientname=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u
    }

usrs-std {
pass exemptions !blacklist !porn !chat !dating !downloads !gamble !hacking !movies !music !spyware !tracker !warez !webradio !webtv  !tunning all
redirect http://localhost:8080/cgi-bin/squidGuard.cgi?clientaddr=%a&clientname=%n&clientuser=%i&clientgroup=%s&targetgroup=%t&url=%u
    }
}

If yes, or no.. I appreciate your time.
Thanks

KOM

I don't think so.  Here is what you have to work with when using a squidguard ACL:

Enter client's IP address or domain or "username" here. To separate them use space.

Example:
IP: 192.168.0.1 - Subnet: 192.168.0.0/24 or 192.168.1.0/255.255.255.0 - IP-Range: 192.168.1.1-192.168.1.10
Domain: foo.bar matches foo.bar or *.foo.bar
Username: 'user1'
Ldap search (Ldap filter must be enabled in General Settings): ldapusersearch ldap://192.168.0.100/DC=domain,DC=com?sAMAccountName?sub?(&(sAMAccountName=%s)(memberOf=CN=it%2cCN=Users%2cDC=domain%2cDC=com))