how to Configure squidGuard

firefox

I'm trying to find a guide how to Configure squidGuard Package

i find this url [link text]https://docs.netgate.com/pfsense/en/latest/cache-proxy/squidguard-package.html#configure-the-squidguard-package(link url)

But it's not working
In section 2 it is written Click Target Rules List to show defined blacklists and target categories
There is nothing there

I'm trying to replace pfBlockerNG with squidGuardcolored text

firefox

Is there another guide
There is only one step before and I did it
And in the second step does not appear what is written there
How do I proceed
What are the correct settings

coffeelover

I assume you miss the blacklist categories.
For these to appear, a blacklist has to be downloaded.
You have to enable the blacklist support on the first page and enter a blacklist url, these are in the docs.
The next step is to download the blacklist using the "Blacklist" tab.
Once it is downloaded and extracted, the categories will appear.

firefox

Thanks
The link was incorrect

After I marked what to block and saved
It still does not work

What did I miss?

coffeelover

Squid is enabled and working?
Have you clicked Save at the bottom and Apply at the top?

Is there something in the log?

firefox

@coffeelover said in how to Configure squidGuard:

Squid is enabled and working?
Have you clicked Save at the bottom and Apply at the top?

Is there something in the log?

yes i did

In Services status it does not work

coffeelover

squidguard is started from squid, so if squid is not running, neither will squidguard.

When I asked "Squid is enabled and working?" i really meant squid and not squidguard.

A common issue at the beginning is the setting for the local cache.

Please disable squidguard until you have squid running.

firefox

problem
I wanted to use pfBlockerNG
But he did not work
One or more servers are down

That's why I switched to squidguard
I'll try
I do not know if Squid will work well
pfsense is installed on a small 64GB ssd drive

coffeelover

just to be clear:

squid is a http proxy server
squidguard is a filter that can be included in squid, it can not be used standalone

So when you want to use squidguard, you have to use squid.
And to be able to use squidguard, squid has to be configured and running.

firefox

I installed and config squid

now squidguard is Works but
It does not filter

Are these settings correct ?

this is
proxy config

# This file is automatically generated by pfSense
# Do not edit manually !

http_port 192.168.1.1:3128
icp_port 0
digest_generation off
dns_v4_first off
pid_filename /var/run/squid/squid.pid
cache_effective_user squid
cache_effective_group proxy
error_default_language en
icon_directory /usr/local/etc/squid/icons
visible_hostname localhost
cache_mgr admin@localhost
access_log /dev/null
cache_log /var/squid/logs/cache.log
cache_store_log none
netdb_filename /var/squid/logs/netdb.state
pinger_enable on
pinger_program /usr/local/libexec/squid/pinger

logfile_rotate 0
debug_options rotate=0
shutdown_lifetime 3 seconds
# Allow local network(s) on interface(s)
acl localnet src  192.168.1.0/24
forwarded_for on
uri_whitespace strip

acl dynamic urlpath_regex cgi-bin ?
cache deny dynamic

cache_mem 64 MB
maximum_object_size_in_memory 256 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
minimum_object_size 0 KB
maximum_object_size 4 MB

offline_mode off
cache_swap_low 90
cache_swap_high 95
cache allow all
# Add any of your own refresh_pattern entries above these.
refresh_pattern ^ftp:    1440  20%  10080
refresh_pattern ^gopher:  1440  0%  1440
refresh_pattern -i (/cgi-bin/|?) 0  0%  0
refresh_pattern .    0  20%  4320


#Remote proxies


# Setup some default acls
# ACLs all, manager, localhost, and to_localhost are predefined.
acl allsrc src all
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901  3128 3129 1025-65535 
acl sslports port 443 563  

acl purge method PURGE
acl connect method CONNECT

# Define protocols used for redirects
acl HTTP proto HTTP
acl HTTPS proto HTTPS
acl allowed_subnets src 192.168.1.0/24
http_access allow manager localhost

http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports

# Always allow localhost connections
http_access allow localhost

request_body_max_size 0 KB
delay_pools 1
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_initial_bucket_level 100
delay_access 1 allow allsrc

# Reverse Proxy settings


# Package Integration
url_rewrite_program /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf
url_rewrite_bypass off
url_rewrite_children 16 startup=8 idle=4 concurrency=0

# Custom options before auth


# Setup allowed ACLs
# Allow local network(s) on interface(s)
http_access allow allowed_subnets
http_access allow localnet
# Default block all to be sure
http_access deny allsrc

icap_enable on
icap_send_client_ip on
icap_send_client_username on
icap_client_username_encode off
icap_client_username_header X-Authenticated-User
icap_preview_enable on
icap_preview_size 1024

icap_service service_avi_req reqmod_precache icap://127.0.0.1:1344/squid_clamav bypass=off
adaptation_access service_avi_req allow all
icap_service service_avi_resp respmod_precache icap://127.0.0.1:1344/squid_clamav bypass=on
adaptation_access service_avi_resp allow all

coffeelover

The squid configuration looks ok to me. What do you mean by "it does not filter". You are not being redirected to sgerror.php, you get a browser warning or you the blocked site loads?

firefox

@coffeelover said in how to Configure squidGuard:

What do you mean by "it does not filter".

If I browse to a web page that appears on it
Advertisements or pop-ups related to the topic I chose to block

They still appear

firefox

you get a browser warning or you the blocked site loads?

Not getting a warning
i Get the blocked sites or blocked ads