Squid Guard basic setup

  • Hi all,

    I've done a bit of research on Squid Guard and it seems like a good solution for what I am looking for:

    Basic "NSFW" website blocking. Some of the tutorials online showed how to set up cache, to optimize downloads across the LAN for others when exact data has been previously downloaded - but that's not a feature I really need at the moment.

    Could I simply install the Squid Guard package, and add the "shalla secure services"

    And deny the categories I want to block?

    We have a DNS server and I thought I saw in one of the guides that DNS resolver has to be enabled with as the IP so that devices look to the firewall for what traffic is allowed / denied but I am hesitant to do this without having a better understanding of what each change entails.

    Can someone point me to the direction of a noob guide or provide barebones instructions / advise for simply blacklisting the categories in the "shalla" list once it is added?


  • I'm also after this solution and any pointers/guide etc will be really appreciated. Ive got DNS resolver disabled and have DNS forwarder enabled with two interface enabled for CP.

    LAN -

  • Have you watched the Hangout video?

    Squid, SquidGuard, and Lightsquid on pfSense 2.4

  • @KOM Yes, Ive seen that video.Almost finish the video, but haven't seen/heard anything about about CP with squid/suidGuard.

    I install this last night using my own notes I made out of certain videos I watched - https://www.youtube.com/watch?v=e6J2yRYNoKs&t=302s

    The CP page pops up and when I enter the credential it goes to this error - captive portal request denied by pfsense proxy: 403 forbidden

  • Sorry, my question was for OP. I've never used captive portal so I can't help you there. I assume you've posted your issue in the Captive Portal forum? Maybe someone there can help.

    Also, if you haven't already, take a look at these as they might have something for you.

    Captive Portal on pfSense 2.3/2.4

    Advanced Captive Portal on pfSense

  • Yay !!! Got this working.👌 Have to add rule to both interface to allow proxy port. Users will log in using CP credentials then access go through squidGuard 👏 👏

Log in to reply