SquidGuard Not Blocking Porn Sites

ITlomb

Greetings.

Please may i request your assistance. With my latest PFsense installation. i setup SquidGaurd proxy with the shallalist rules set, Under the Common ACL Rules there is an option to block/Deny Porn.
Ive applied the changes, Restarted PFsense, But these sites are still accessible.

Not sure now as I thought that itll just work.

Any suggestions?

Thank you

KOM

Any changes you make in Squidguard must be saved and then applied via the General Settings page.

Second, how do you know they aren't blocked? Have you confirmed the URL in question is in the list? Have you confirmed that your client is actually using the proxy?

ITlomb

Greetings Kom

This time round i did as mentioned. Made sure to save changes then applied. For good measure i restarted Firewall again. Still no luck. I am using a Transparent Proxy so clients shouldnt need to have any proxy settings setup.

I have a PC here that im testing with, ( i obviously clean my IE Settings/DNS ) when testing so as to not get the cache pages. Doesnt matter what i search in Google i am always able to access these sites.

Im not sure what you mean by " is the URL in Q in the list?" Under SquidGaurd Prxy CommonACL-TargetRulz- it just has the option to block_BL_Porn.

Am fairly new to Pfsense :(

KOM

Go to the Shallalist site. On the right, click Search for URL/Domains. Type in the URL and see if it's in the list at all, and if so, which category it's in.

Are these sites https? Do you have https support properly configured? It's not simple. When testing, does the Squidguard log show anything?

IIRC there was also something about how some part of squidguard wouldn't work unless a default Whitelist ACL was created first, but I don't remember the specifics.

ITlomb

Hi Kom.

Thanks for your response.

Did as mentioned. Shallalist def shows the result .. Im using xnxx.com as an example. Looks like its https.
as for the domain part i think its "porn/domain" according to shallalist website.

When you say "Do I have HTTPS support properly configured". Then im not sure i understand completely as ive followed all the basic setups on Squid/Squidgaurd.

Squidgaurd log doesnt show up when testing searching xnxx.com.

I def do have a whitelist in my ACL- Target catargories.

I do have SNORT as well, not sure if this is now also to be part of my problem. But even disablins SNORT still same problem. I getting the feeling my Squid is brocken. LOl

Regards

KOM

Have you had a look at this official video from Netgate about configuring squid & squidguard?

https://www.youtube.com/watch?v=xm_wEezrWf4

ITlomb

Hi Kom

Yes i have seen this vid, and did wat was suggested, i watched this vid prior to installation.

LostInIgnorance

Have you flushed the cache on squid prior to doing this test as I have seen it pull from there and not block as it was able to pull the cached copy.

ITlomb

Greetings LostInIgnorance.

Am sorry for long delay in response, was on leave,

Under my Proxy server --> SquidHDisk cache settings --> Clear Disk Cache NOW.
-- I did clear that Cache and restarted Firewall. Still no difference.

I did notice Under Dynamic and Update Contect: Cache Dynamic Content radio block is unticked. Not sure if this has means anything or if it needs to be ticked.

Are there other Squid Cache areas that one needs to also clear?

Thank you

toimagine

I too just within the week followed that same video and the firewall isn't blocking sites.
I followed it to the "T"

I found another link that talks about setting up the wpad.da file for https. I did this and verified that the test PC is using the routers DNS. Still not blocking. Is there anything else left out of the video that is obvious that we could be missing?

I may open a thread so that I don't troll yours, but I believe that we might be both having the same issue.

I'm setting up on a new Netgate SG-3100 Ver. 2.4.3
Squid 0.4.43_1
squidGuard 1.16.4

ITlomb

Hi toimagine.

If you do find a solution. please let me know. At the moment i am looking at SNORT as there too are rules to test and hoping that might also solve this issue. When i do , i will revert back with the solution i found.

revengineer

Just for grins, you did go to the squidguard->blacklist tab and hit the download button, right? I once reinstalled pfsense and restored my config and had the same problem.... until I manually downloaded the list in the above manner.

ITlomb

HI Revengineer

As an extra effort, i did redownload blacklist, restarted firewall etc.
Made sure the Target rule is set to deny.

Still no difference.

waqasalisha

squid guard not deduct most of Https website like youtube/facebook and other https secure site. so you need to block these all site from Firewall Rules with IP cidr