URL filtering for ALIX + nanobsd install
-
I've installed squid and squidguard on my 1.2.3 RC3 install with ALIX board. I've installed both squid and squidguard for the sole purpose of blocking some URL's (like Facebook) for my kids. I dont want or need any other proxy or caching services. And considering it's running off a CF card, I probably shouldn't do it.
I setup squid per the recommended practices (I think), but I believe it's behaving as squid intended, which I don't want. How can I turn off everything possible to just get the desired result of blocking a few URL's with SquidGuard? I want everything to be as transparent to the user as possible, with the exception that FB is blocked. I don't care about caching or using my precious CF space for anything.
What is the best way to set this up?
-
On NanoBSD, squid cannot use your CF. It may be trying to cache, but it will do it to /var which is just a memory disk. The CF is kept read-only so it cannot be harmed in this way.
You should be able to go into the squid settings and set the disk cache size to 0 and get the intended effect.
-
Cool…thanks. Any other wiki or instructions on the basics of squid?
-
There are a couple articles up on the doc wiki, but nothing really substantial.
http://doc.pfsense.org/index.php/Category:Squid
-
I've installed squid and squidguard on my 1.2.3 RC3 install with ALIX board. I've installed both squid and squidguard for the sole purpose of blocking some URL's (like Facebook) for my kids. I dont want or need any other proxy or caching services. And considering it's running off a CF card, I probably shouldn't do it.
I setup squid per the recommended practices (I think), but I believe it's behaving as squid intended, which I don't want. How can I turn off everything possible to just get the desired result of blocking a few URL's with SquidGuard? I want everything to be as transparent to the user as possible, with the exception that FB is blocked. I don't care about caching or using my precious CF space for anything.
What is the best way to set this up?
use cache_dir null /tmp.
run this at your console or @webgui command.sed 's:^cache_dir\(.*\):cache_dir null \/tmp:g' /usr/local/pkg/squid.inc > squid.inc.tmp && mv squid.inc.tmp /usr/local/pkg/squid.inc -
chudy,
I tried that command but get an error saying it's a read-only file system. I'm running the nanobsd version on an ALIX board. -
Precede that with:
/etc/rc.conf_mount_rwAnd afterward use:
/etc/rc.conf_mount_roThat will let you alter the file if you want.
-
Precede that with:
/etc/rc.conf_mount_rwAnd afterward use:
/etc/rc.conf_mount_roThat will let you alter the file if you want.
That did it. Thanks!
-
OK, my pfSense install started to crawl and now the mgmt GUI is very slow. Any change results in an error stating something is out of space, even though it's not. I can't change any proxy settings without this error. I have uninstalled both squid and squidguard. Something is not right for an embedded install.
-
It may have exhausted the space in the memory disk (/var or /tmp)
A reboot would clear those
Did you have squid or squidguard set to log? that would certainly fill it up.
-
Yah, I think the memory was high - about 75%.
I thought I turned off all logging, but that's okay. I have a different way of accomplishing the same goal now. Thanks for the help.
-
My other method wasn't better, so I reinstalled squid and squidguard after reflashing my CF again (always want to start clean).
It worked fine today until I rebooted due to high memory use. This time the two services would not (and will not) start.
It won't start from the services page, and if I go into Proxy filter separately to start it instead, I get these errors on apply:
The following input errors were detected: * (B1) BLACKLIST 'ads' error: file '/var/db/squidGuard/ads' not found * (B1) BLACKLIST 'aggressive' error: file '/var/db/squidGuard/aggressive' not found * (B1) BLACKLIST 'audio-video' error: file '/var/db/squidGuard/audio-video' not found * (B1) BLACKLIST 'drugs' error: file '/var/db/squidGuard/drugs' not found * (B1) BLACKLIST 'gambling' error: file '/var/db/squidGuard/gambling' not found * (B1) BLACKLIST 'hacking' error: file '/var/db/squidGuard/hacking' not found * (B1) BLACKLIST 'mail' error: file '/var/db/squidGuard/mail' not found * (B1) BLACKLIST 'porn' error: file '/var/db/squidGuard/porn' not found * (B1) BLACKLIST 'proxy' error: file '/var/db/squidGuard/proxy' not found * (B1) BLACKLIST 'violence' error: file '/var/db/squidGuard/violence' not found * (B1) BLACKLIST 'warez' error: file '/var/db/squidGuard/warez' not foundNow, I never downloaded a blacklist file before, nor did I need one to use squidguard. Do I have to now?
-
My services log on bootup, with squid entries only:
Nov 27 05:02:40 squid[1359]: Squid Parent: child process 1361 exited with status 0 Nov 27 05:02:35 php: : Creating squid cache subdirs in /var/squid/cache Nov 27 05:02:32 squid[1359]: Squid Parent: child process 1361 started Nov 27 05:02:31 squid[1249]: Squid Parent: child process 1251 exited with status 0 Nov 27 05:02:27 php: : Creating squid cache subdirs in /var/squid/cache Nov 27 05:02:21 squid[1249]: Squid Parent: child process 1251 started Nov 27 05:02:20 squid[1215]: Squid Parent: child process 1217 exited with status 0 Nov 27 05:02:16 php: : Creating squid cache subdirs in /var/squid/cache Nov 27 05:02:11 squid[1215]: Squid Parent: child process 1217 started Nov 27 05:02:10 squid[1181]: Squid Parent: child process 1183 exited with status 0 Nov 27 05:02:06 php: : Creating squid cache subdirs in /var/squid/cache Nov 27 05:02:01 squid[1181]: Squid Parent: child process 1183 started Nov 27 05:02:00 squid[1147]: Squid Parent: child process 1150 exited with status 0 Nov 27 05:01:56 php: : Creating squid cache subdirs in /var/squid/cache Nov 27 05:01:51 squid[1147]: Squid Parent: child process 1150 started Nov 27 05:01:46 php: : Creating squid cache subdirs in /var/squid/cache Nov 27 05:01:44 squid[1106]: Squid Parent: child process 1109 exited with status 0 Nov 27 05:01:40 php: : Creating squid cache subdirs in /var/squid/cache Nov 27 05:01:36 squid[1106]: Squid Parent: child process 1109 started Nov 27 05:01:35 squid[1071]: Squid Parent: child process 1073 exited with status 0 Nov 27 05:01:31 php: : Creating squid cache subdirs in /var/squid/cache Nov 27 05:01:25 squid[1071]: Squid Parent: child process 1073 started Nov 27 05:01:20 php: : Creating squid cache subdirs in /var/squid/cache Nov 27 05:01:20 php: : Creating Squid cache dir /var/squid/cache Nov 27 05:01:20 php: : Creating squid log dir /var/squid/log/ -
Disable blacklist checkbox.
-
It already was disabled. Both squid and squidguard services are not starting.
