How to block all site except some with Squid?
-
Hi,
I am new to PFSense. I am looking to block all the HTTP access in the local lan network with some exception. (Whitelist)
I read some where that I can change the squid.conf using an acl like
acl whitelist dstdomain "/etc/squid/whitelist" http_access deny !whitelist
How do I access the squid.conf in PFSense
Thanks!
-
Install squidGuard and use it to limit site access. With that you can define a list of sites under Destinations that are good, and deny access to all others
And you can also set ACLs such that a person or group can get to a different set of sites, or no sites at all, basically whatever you want.
-
Is it possible to block HTTPS in squidguard?
-
As I told you in the other thread where you asked, only if you program the proxy settings into the clients. You cannot filter HTTPS transparently.
-
Thank you! Jimp.
I tried it out. It works.
Another questions, can I define a specific white list per individual MAC or IP address?
Scenario would be,
Allow Computer A to only access amazon.com
Allow Computer B to only access google.comThanks!
-
Yes, if you use squidguard you can make an ACL that matches a specific IP or set of IPs, and then a destination list that you can allow or deny them access to.
-
Wow, Jimp. Thanks!
I know this is off the topic. I got the pfsense book. But, I want to know more about secure networking. Do you recommend any book that teaches networks infrastructure and security?
-
I know this is off the topic. I got the pfsense book. But, I want to know more about secure networking. Do you recommend any book that teaches networks infrastructure and security?
Nothing comes to mind, really. There are lots of books out there, but none jump out at me for that. You might start a new thread under "general discussion" to ask everyone.