Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Add Blocklist to squid/squidGuard

    Scheduled Pinned Locked Moved pfSense Packages
    11 Posts 2 Posters 6.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dvserg
      last edited by

      Tutorials is a bottom: V

      SquidGuardDoc EN  RU Tutorial
      Localization ru_PFSense

      1 Reply Last reply Reply Quote 0
      • X
        Xthink
        last edited by

        Thank you. That is the same tutorial that helps me with squidGuard. But I can't find how to add ip's on the destination list. It only ask for domain and/or URL and don't accept ip.

        1 Reply Last reply Reply Quote 0
        • X
          Xthink
          last edited by

          Or maybe I just don't do it right. The error message is:

          _The following input errors were detected:

          DEST 'Tor': Item '12.161.212.22-12.161.212.22 18.42.3.252-18.42.3.252 18.181.2.107-18.181.2.107
          …............................  .................. ...................
          many more ip ranges  .........
          222.254.71.173-222.254.71.173' is not a url._

          I used the list from http://list.iblocklist.com/?list=tor just to test. I just use the ip and delete the "The Onion Router:" string.

          1 Reply Last reply Reply Quote 0
          • D
            dvserg
            last edited by

            Try expression
            192.168.1.2 or 192.168.1.105 or 10.0.0.0\24

            (192.168.1.2)|(192\168.1.105)|(10.0\0..*)

            . mean '.'
            . mean any symbol
            .* mean any symbolS

            SquidGuardDoc EN  RU Tutorial
            Localization ru_PFSense

            1 Reply Last reply Reply Quote 0
            • X
              Xthink
              last edited by

              Didn't try it yet but do you think this

              (12.161.212.22)-(12.161.212.66)

              will work for ranges?

              (12.161.212..*) will block other ip's that should not be.

              1 Reply Last reply Reply Quote 0
              • D
                dvserg
                last edited by

                @Xthink:

                Didn't try it yet but do you think this

                (12.161.212.22)-(12.161.212.66)

                will work for ranges?

                (12.161.212..*) will block other ip's that should not be.

                Range not work. Probably
                (12.161.212.2.)|(12.161.212.3.)|(12.161.212.3.)|(12.161.212.5.)|(12.161.212.6.)

                Must block 12.161.212.2x (not 2xx)  12.161.212.3x …

                SquidGuardDoc EN  RU Tutorial
                Localization ru_PFSense

                1 Reply Last reply Reply Quote 0
                • X
                  Xthink
                  last edited by

                  Thanks dvserg.
                  One last thing regarding squid/squidGuard, shall I only place my blocklist on squidGuard or will the blocklist directly placed on squid be read and applied too?

                  1 Reply Last reply Reply Quote 0
                  • D
                    dvserg
                    last edited by

                    My posts before for SquidGuard - Destinations.
                    You can select deny for this destination in SG rules (Default and ACL)
                    Squid have self black/white lists.

                    SquidGuardDoc EN  RU Tutorial
                    Localization ru_PFSense

                    1 Reply Last reply Reply Quote 0
                    • X
                      Xthink
                      last edited by

                      Can I manually edit squid.conf or squidguard.conf?
                      Will an update on the gui erase the manual setting?

                      1 Reply Last reply Reply Quote 0
                      • D
                        dvserg
                        last edited by

                        @Xthink:

                        Can I manually edit squid.conf or squidguard.conf?
                        Will an update on the gui erase the manual setting?

                        • Possible
                        • Yes. If you Save Gui changes or reboot you pfSense.

                        SquidGuardDoc EN  RU Tutorial
                        Localization ru_PFSense

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.