Add Blocklist to squid/squidGuard



  • Can someone please please point me to any tutorial/reference on how to add blocklist (ip list) on squid/squidGuard blocklist. It seems it only accept URL and domain.

    I'm using the latest snapshot build in vmware on my testing.



  • Tutorials is a bottom: V



  • Thank you. That is the same tutorial that helps me with squidGuard. But I can't find how to add ip's on the destination list. It only ask for domain and/or URL and don't accept ip.



  • Or maybe I just don't do it right. The error message is:

    _The following input errors were detected:

    DEST 'Tor': Item '12.161.212.22-12.161.212.22 18.42.3.252-18.42.3.252 18.181.2.107-18.181.2.107
    …............................  .................. ...................
    many more ip ranges  .........
    222.254.71.173-222.254.71.173' is not a url._

    I used the list from http://list.iblocklist.com/?list=tor just to test. I just use the ip and delete the "The Onion Router:" string.



  • Try expression
    192.168.1.2 or 192.168.1.105 or 10.0.0.0\24

    (192.168.1.2)|(192\168.1.105)|(10.0\0..*)

    . mean '.'
    . mean any symbol
    .* mean any symbolS



  • Didn't try it yet but do you think this

    (12.161.212.22)-(12.161.212.66)

    will work for ranges?

    (12.161.212..*) will block other ip's that should not be.



  • @Xthink:

    Didn't try it yet but do you think this

    (12.161.212.22)-(12.161.212.66)

    will work for ranges?

    (12.161.212..*) will block other ip's that should not be.

    Range not work. Probably
    (12.161.212.2.)|(12.161.212.3.)|(12.161.212.3.)|(12.161.212.5.)|(12.161.212.6.)

    Must block 12.161.212.2x (not 2xx)  12.161.212.3x …



  • Thanks dvserg.
    One last thing regarding squid/squidGuard, shall I only place my blocklist on squidGuard or will the blocklist directly placed on squid be read and applied too?



  • My posts before for SquidGuard - Destinations.
    You can select deny for this destination in SG rules (Default and ACL)
    Squid have self black/white lists.



  • Can I manually edit squid.conf or squidguard.conf?
    Will an update on the gui erase the manual setting?



  • @Xthink:

    Can I manually edit squid.conf or squidguard.conf?
    Will an update on the gui erase the manual setting?

    • Possible
    • Yes. If you Save Gui changes or reboot you pfSense.

Log in to reply