<![CDATA[Domain blocking through squid]]>Hello..
I am in a trouble with domain blocking.
I configured the domain blocking through the squid package and its working fine but there is one issue with that.
In the squid proxy server I have to enable the SSL interception and for ssl I have to select the certificate (which is created by me in cert. manager).
Now here the problem comes, that first I have to download that certificate and have to upload in the browser, without that the cert. error is coming on browser but after upload the domain blocking is working fine.

issue:- If i have to block the domain for 20-30 systems then it will create headache for me to upload certificate in each systems ..is there any way so that i can resolve this issue??

]]>https://forum.netgate.com/topic/148221/domain-blocking-through-squidRSS for NodeSat, 13 Jun 2026 06:39:40 GMTTue, 19 Nov 2019 12:18:35 GMT60<![CDATA[Reply to Domain blocking through squid on Thu, 21 Nov 2019 13:39:38 GMT]]>Could be 409 errors, check the Squid real-tome logs:
https://docs.netgate.com/pfsense/en/latest/cache-proxy/squid-troubleshooting.html#sites-not-loading-with-splice-error-409-in-access-log

Steve

]]>https://forum.netgate.com/post/876910https://forum.netgate.com/post/876910Thu, 21 Nov 2019 13:39:38 GMT<![CDATA[Reply to Domain blocking through squid on Thu, 21 Nov 2019 04:44:41 GMT]]>I already enable the transparent proxy .
My problems occurs whenever i m setting spice all in ssl interception field .
few sites get opened like fb ad youtube but twitter showing the CA error.
Moreover i followed tutorial .

]]>https://forum.netgate.com/post/876842https://forum.netgate.com/post/876842Thu, 21 Nov 2019 04:44:41 GMT<![CDATA[Reply to Domain blocking through squid on Wed, 20 Nov 2019 16:14:38 GMT]]>That video is about as step-by-step as it gets.

Id the client still using the proxy specifically? This is intended to be transparent.

Steve

]]>https://forum.netgate.com/post/876745https://forum.netgate.com/post/876745Wed, 20 Nov 2019 16:14:38 GMT<![CDATA[Reply to Domain blocking through squid on Wed, 20 Nov 2019 07:03:55 GMT]]>thanks ...I gone through with that video but still i have problem .
I selected spice all in ssl interception filed (In which I dont have to upload the CA in browser) but still it is not working . As I deleted the cert from the browser and after that again the cert. issue is showing on browser whenever I am opening any site.

Can you please guide me step by step. thanks

]]>https://forum.netgate.com/post/876632https://forum.netgate.com/post/876632Wed, 20 Nov 2019 07:03:55 GMT<![CDATA[Reply to Domain blocking through squid on Tue, 19 Nov 2019 23:42:30 GMT]]>Yup, you can use Peed&Splice for just domain blocking. You see only the FQDN not the full URL but you don't need certs on everything. See: https://www.youtube.com/watch?v=xm_wEezrWf4&t=985s

Steve

]]>https://forum.netgate.com/post/876605https://forum.netgate.com/post/876605Tue, 19 Nov 2019 23:42:30 GMT