[SOLVED]pfsense 2.43: squidguard doesn't deny to download exe, mp3, etc
-
Hey everybody.
I installed pfSense 24.3 (x64) and i'm don't know how to deny download exe, mp3 and others extensions.
I created a rule:.*.(zip|rar|cab|mp3|avi|mpg|swf|exe|mpeg|mpv))
nothing.
After this i trying to write a this rule\.mp3$)|(.*\/.*\.mp3)|(.*\.mp3)|(\/mp3.*)|(.*wallpaper.*)|(.*wallscreen.*)|(.*обои.*)|(.*1internet.tv\/.*Remont.*)|(.*1internet.tv\/.*FAZENDA.*)|(.*\.tv$)|(.*remont.*)|(\.jpg$)|(\.exe$)|(.*\/.*\.exe)|(.*\.exe)|(\/exe.*)
but this does not work.
-
More information needed.
Where are you configuring that?
How are you testing it?
What result are you seeing? What do you expect to see?
Steve
-
Thanks for your reply.
My steps for testing:- added into "Proxy filter SquidGuard: Target categoriesEditTarget categories" new item with including regexp from my first post, named for example "block_ext";
- into "Proxy filter SquidGuard: Groups Access Control List (ACL)EditGroups ACL" add new group, for example "dis_ext", add in "client (source)" ip-address my test PC.
There in the "Target Rules List" I set DENY for "block_ext"; - I go to "PackageProxy filter SquidGuard: General settingsGeneral settings" and click to "Apply";
- On my test PC I open web-browser and try go to address, for example, any site where I can download exe. Here I click to "download program" and this is possible.
Sorry for my very bad English!
-
Ok.
Do you have Squid setup to proxy http and https?
Do other target categories block correctly?
Do you see the .exe files in the Squid log being passed?
Steve
-
Hello.
Yes, I selected "Transparent HTTP Proxy" for LAN.
I was create new CA cert, export and install on my test PC.
Also I was select "HTTPS/SSL Interception" for LAN, check my new CA-cert,
set: SSL Proxy Compatibility Mode" - Modern,
Remote Cert Checks - Do not verify remote certificate,
Certificate Adapt - Sets the "Not before" (setValidBefore)After, I tested download exe on my test PC. And it is possible.
In log I see link to exe.
-
Ok, so it's seeing the file pass but just not triggering on the acl.
Try adding a target category with only.exe
in it. If that triggers we know it's the regex not working as expected.Steve
-
Hello!
This is miracle!
I created the rule\.(exe|mp3)
and when I trying to download exe or mp3 - SquidGuard blocked it!
my screenshot
Thank you for you help for me!!!
Maybe this theme to be helps for somebody.
-
Great! So looks like it was just a regex issue. Thanks for the follow up.
Steve