Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SquidGuard - Squid - what am I doing wrong

    Scheduled Pinned Locked Moved pfSense Packages
    4 Posts 4 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      d_will
      last edited by

      I have a typical 3 interface setup, LAN, WAN, DMZ. 
      ver 1.2.2 stable with squid and squidguard packages

      I have LAN rules allowing all outgoing to to Ports 25, 110 & 143 for public mail services
      I have WAN rules allowing inbound mail services to the DMZ
      All e-mail works as expected

      Squid is setup to run as transparent proxy

      Squidguard has a single acl of approximately 50 individual IP's entered of priveledged users (should be allowed to access the internet)  sg is enabled and blacklist is enabled

      The blacklist is working as expected, however, all hosts are allowed to access the internet, not just the priveledged users.
      I'm lost on how to configure the ACL to allow only the hosts entered and block anyhting else on the subnet.

      I've viewed every tutorial and read the entire squidguard page, examples,etc…
      any help is greatly appreciated

      1 Reply Last reply Reply Quote 0
      • J
        josey
        last edited by

        on which interface did you enable transparent proxy?
        LAN?
        So, are users that suppose to use proxy on LAN network?
        if not, just add that network

        1 Reply Last reply Reply Quote 0
        • Z
          zabidin2
          last edited by

          Hope this will be helpful.

          On Default tab, none of blacklist you don't have to select.On ACL tab, in source ip box, fill with ip hosts that you allow to access internet or you can put range of ip. On destination rule set, select which blacklist you want to use. When done do that, click save.

          Go to General settings tab and click apply. As my experience, once you click Apply sometimes state will show stop. When you click save at bottom it will appear started. And now you can test.

          1 Reply Last reply Reply Quote 0
          • E
            eethore
            last edited by

            As my experience, once you click Apply sometimes state will show stop
            in my experience, this cause by the Blacklist turned ON.

            but since the blacklist worked fine, then like zabidin said, it must be in the Default tab.
            In the destination rules, set Default access [all] = deny

            might be work.
            ;D

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.