Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Add Blocklist to squid/squidGuard

    Scheduled Pinned Locked Moved pfSense Packages
    11 Posts 2 Posters 6.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • X
      Xthink
      last edited by

      Can someone please please point me to any tutorial/reference on how to add blocklist (ip list) on squid/squidGuard blocklist. It seems it only accept URL and domain.

      I'm using the latest snapshot build in vmware on my testing.

      1 Reply Last reply Reply Quote 0
      • D
        dvserg
        last edited by

        Tutorials is a bottom: V

        SquidGuardDoc EN  RU Tutorial
        Localization ru_PFSense

        1 Reply Last reply Reply Quote 0
        • X
          Xthink
          last edited by

          Thank you. That is the same tutorial that helps me with squidGuard. But I can't find how to add ip's on the destination list. It only ask for domain and/or URL and don't accept ip.

          1 Reply Last reply Reply Quote 0
          • X
            Xthink
            last edited by

            Or maybe I just don't do it right. The error message is:

            _The following input errors were detected:

            DEST 'Tor': Item '12.161.212.22-12.161.212.22 18.42.3.252-18.42.3.252 18.181.2.107-18.181.2.107
            …............................  .................. ...................
            many more ip ranges  .........
            222.254.71.173-222.254.71.173' is not a url._

            I used the list from http://list.iblocklist.com/?list=tor just to test. I just use the ip and delete the "The Onion Router:" string.

            1 Reply Last reply Reply Quote 0
            • D
              dvserg
              last edited by

              Try expression
              192.168.1.2 or 192.168.1.105 or 10.0.0.0\24

              (192.168.1.2)|(192\168.1.105)|(10.0\0..*)

              . mean '.'
              . mean any symbol
              .* mean any symbolS

              SquidGuardDoc EN  RU Tutorial
              Localization ru_PFSense

              1 Reply Last reply Reply Quote 0
              • X
                Xthink
                last edited by

                Didn't try it yet but do you think this

                (12.161.212.22)-(12.161.212.66)

                will work for ranges?

                (12.161.212..*) will block other ip's that should not be.

                1 Reply Last reply Reply Quote 0
                • D
                  dvserg
                  last edited by

                  @Xthink:

                  Didn't try it yet but do you think this

                  (12.161.212.22)-(12.161.212.66)

                  will work for ranges?

                  (12.161.212..*) will block other ip's that should not be.

                  Range not work. Probably
                  (12.161.212.2.)|(12.161.212.3.)|(12.161.212.3.)|(12.161.212.5.)|(12.161.212.6.)

                  Must block 12.161.212.2x (not 2xx)  12.161.212.3x …

                  SquidGuardDoc EN  RU Tutorial
                  Localization ru_PFSense

                  1 Reply Last reply Reply Quote 0
                  • X
                    Xthink
                    last edited by

                    Thanks dvserg.
                    One last thing regarding squid/squidGuard, shall I only place my blocklist on squidGuard or will the blocklist directly placed on squid be read and applied too?

                    1 Reply Last reply Reply Quote 0
                    • D
                      dvserg
                      last edited by

                      My posts before for SquidGuard - Destinations.
                      You can select deny for this destination in SG rules (Default and ACL)
                      Squid have self black/white lists.

                      SquidGuardDoc EN  RU Tutorial
                      Localization ru_PFSense

                      1 Reply Last reply Reply Quote 0
                      • X
                        Xthink
                        last edited by

                        Can I manually edit squid.conf or squidguard.conf?
                        Will an update on the gui erase the manual setting?

                        1 Reply Last reply Reply Quote 0
                        • D
                          dvserg
                          last edited by

                          @Xthink:

                          Can I manually edit squid.conf or squidguard.conf?
                          Will an update on the gui erase the manual setting?

                          • Possible
                          • Yes. If you Save Gui changes or reboot you pfSense.

                          SquidGuardDoc EN  RU Tutorial
                          Localization ru_PFSense

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.