Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Squidguard doesn't work, please help…

    pfSense Packages
    4
    14
    6917
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      cipandales last edited by

      Hi !

      I follow all the step by step procedures (founded here, like http://diskatel.narod.ru/sgquick.htm) to configure Squidguard but, unfortunately, it does not work. I mean, it does not filtering nothing.
      I uploaded blaklist (shallalist) and set default rules to deny all. Also, i made a destination rule for facebook.com but doesn't work..
      Can you help me, please ?

      Thanks a lot !

      1 Reply Last reply Reply Quote 0
      • D
        dvserg last edited by

        Show you SG settings.

        SquidGuardDoc EN  RU Tutorial
        Localization ru_PFSense

        1 Reply Last reply Reply Quote 0
        • C
          cipandales last edited by

          Attached



          ![SquidGuard default 1.png](/public/imported_attachments/1/SquidGuard default 1.png)
          ![SquidGuard default 1.png_thumb](/public/imported_attachments/1/SquidGuard default 1.png_thumb)
          ![SquidGuard default 2.png](/public/imported_attachments/1/SquidGuard default 2.png)
          ![SquidGuard default 2.png_thumb](/public/imported_attachments/1/SquidGuard default 2.png_thumb)
          ![SquidGuard destinations.png](/public/imported_attachments/1/SquidGuard destinations.png)
          ![SquidGuard destinations.png_thumb](/public/imported_attachments/1/SquidGuard destinations.png_thumb)

          1 Reply Last reply Reply Quote 0
          • C
            cipandales last edited by

            Below squidguard config:

            webConfigurator
            pfsense.local

            *
                  System
                      o Advanced
                      o Firmware
                      o General Setup
                      o Packages
                      o Setup wizard
                      o Static routes
                *
                  Interfaces
                      o (assign)
                      o WAN
                      o LAN
                *
                  Firewall
                      o Aliases
                      o NAT
                      o Rules
                      o Schedules
                      o Traffic Shaper
                      o Virtual IPs
                *
                  Services
                      o Captive portal
                      o DNS forwarder
                      o DHCP relay
                      o DHCP server
                      o Dynamic DNS
                      o Load Balancer
                      o OLSR
                      o PPPoE Server
                      o RIP
                      o SNMP
                      o UPnP
                      o OpenNTPD
                      o Wake on LAN
                      o Proxy server
                      o Proxy filter
                *
                  VPN
                      o IPsec
                      o OpenVPN
                      o PPTP
                *
                  Status
                      o CARP (failover)
                      o DHCP leases
                      o Filter Reload Status
                      o Interfaces
                      o IPsec
                      o Load Balancer
                      o Package logs
                      o Queues
                      o RRD Graphs
                      o Services
                      o System
                      o System logs
                      o Traffic graph
                      o UPnP
                *
                  Diagnostics
                      o ARP Tables
                      o Backup/Restore
                      o Command Prompt
                      o Edit File
                      o Factory defaults
                      o Halt system
                      o Ping
                      o Reboot system
                      o Routes
                      o States
                      o Traceroute
                      o Packet Capture

            Proxy filter SquidGuard: Log

            General settings      Default      ACL      Destinations      Times      Rewrites      Log

            Log type
            /usr/local/etc/squidGuard/squidGuard.conf

            ============================================================

            SquidGuard configuration file

            This file generated automaticly with SquidGuard configurator

            (C)2006 Serg Dvoriancev

            email: dv_serg@mail.ru

            ============================================================

            logdir /var/squidGuard/log
            dbhome /var/db/squidGuard

            dest blk_BL_adv {
            domainlist blk_BL_adv/domains
            urllist blk_BL_adv/urls
            log block.log
            }

            dest blk_BL_aggressive {
            domainlist blk_BL_aggressive/domains
            urllist blk_BL_aggressive/urls
            log block.log
            }

            dest blk_BL_alcohol {
            domainlist blk_BL_alcohol/domains
            urllist blk_BL_alcohol/urls
            log block.log
            }

            dest blk_BL_automobile_bikes {
            domainlist blk_BL_automobile_bikes/domains
            urllist blk_BL_automobile_bikes/urls
            log block.log
            }

            dest blk_BL_automobile_boats {
            domainlist blk_BL_automobile_boats/domains
            urllist blk_BL_automobile_boats/urls
            log block.log
            }

            dest blk_BL_automobile_cars {
            domainlist blk_BL_automobile_cars/domains
            urllist blk_BL_automobile_cars/urls
            log block.log
            }

            dest blk_BL_automobile_planes {
            domainlist blk_BL_automobile_planes/domains
            urllist blk_BL_automobile_planes/urls
            log block.log
            }

            dest blk_BL_chat {
            domainlist blk_BL_chat/domains
            urllist blk_BL_chat/urls
            log block.log
            }

            dest blk_BL_costtraps {
            domainlist blk_BL_costtraps/domains
            urllist blk_BL_costtraps/urls
            log block.log
            }

            dest blk_BL_dating {
            domainlist blk_BL_dating/domains
            urllist blk_BL_dating/urls
            log block.log
            }

            dest blk_BL_downloads {
            domainlist blk_BL_downloads/domains
            urllist blk_BL_downloads/urls
            log block.log
            }

            dest blk_BL_drugs {
            domainlist blk_BL_drugs/domains
            urllist blk_BL_drugs/urls
            log block.log
            }

            dest blk_BL_dynamic {
            domainlist blk_BL_dynamic/domains
            urllist blk_BL_dynamic/urls
            log block.log
            }

            dest blk_BL_education_schools {
            domainlist blk_BL_education_schools/domains
            urllist blk_BL_education_schools/urls
            log block.log
            }

            dest blk_BL_finance_banking {
            domainlist blk_BL_finance_banking/domains
            urllist blk_BL_finance_banking/urls
            log block.log
            }

            dest blk_BL_finance_insurance {
            domainlist blk_BL_finance_insurance/domains
            urllist blk_BL_finance_insurance/urls
            log block.log
            }

            dest blk_BL_finance_moneylending {
            domainlist blk_BL_finance_moneylending/domains
            urllist blk_BL_finance_moneylending/urls
            log block.log
            }

            dest blk_BL_finance_other {
            domainlist blk_BL_finance_other/domains
            urllist blk_BL_finance_other/urls
            log block.log
            }

            dest blk_BL_finance_realestate {
            domainlist blk_BL_finance_realestate/domains
            urllist blk_BL_finance_realestate/urls
            log block.log
            }

            dest blk_BL_finance_trading {
            domainlist blk_BL_finance_trading/domains
            urllist blk_BL_finance_trading/urls
            log block.log
            }

            dest blk_BL_fortunetelling {
            domainlist blk_BL_fortunetelling/domains
            urllist blk_BL_fortunetelling/urls
            log block.log
            }

            dest blk_BL_forum {
            domainlist blk_BL_forum/domains
            urllist blk_BL_forum/urls
            log block.log
            }

            dest blk_BL_gamble {
            domainlist blk_BL_gamble/domains
            urllist blk_BL_gamble/urls
            log block.log
            }

            dest blk_BL_government {
            domainlist blk_BL_government/domains
            urllist blk_BL_government/urls
            log block.log
            }

            dest blk_BL_hacking {
            domainlist blk_BL_hacking/domains
            urllist blk_BL_hacking/urls
            log block.log
            }

            dest blk_BL_hobby_cooking {
            domainlist blk_BL_hobby_cooking/domains
            urllist blk_BL_hobby_cooking/urls
            log block.log
            }

            dest blk_BL_hobby_games-misc {
            domainlist blk_BL_hobby_games-misc/domains
            urllist blk_BL_hobby_games-misc/urls
            log block.log
            }

            dest blk_BL_hobby_games-online {
            domainlist blk_BL_hobby_games-online/domains
            urllist blk_BL_hobby_games-online/urls
            log block.log
            }

            dest blk_BL_hobby_gardening {
            domainlist blk_BL_hobby_gardening/domains
            urllist blk_BL_hobby_gardening/urls
            log block.log
            }

            dest blk_BL_hobby_pets {
            domainlist blk_BL_hobby_pets/domains
            urllist blk_BL_hobby_pets/urls
            log block.log
            }

            dest blk_BL_homestyle {
            domainlist blk_BL_homestyle/domains
            urllist blk_BL_homestyle/urls
            log block.log
            }

            dest blk_BL_hospitals {
            domainlist blk_BL_hospitals/domains
            urllist blk_BL_hospitals/urls
            log block.log
            }

            dest blk_BL_imagehosting {
            domainlist blk_BL_imagehosting/domains
            urllist blk_BL_imagehosting/urls
            log block.log
            }

            dest blk_BL_isp {
            domainlist blk_BL_isp/domains
            urllist blk_BL_isp/urls
            log block.log
            }

            dest blk_BL_jobsearch {
            domainlist blk_BL_jobsearch/domains
            urllist blk_BL_jobsearch/urls
            log block.log
            }

            dest blk_BL_library {
            domainlist blk_BL_library/domains
            urllist blk_BL_library/urls
            log block.log
            }

            dest blk_BL_military {
            domainlist blk_BL_military/domains
            urllist blk_BL_military/urls
            log block.log
            }

            dest blk_BL_models {
            domainlist blk_BL_models/domains
            urllist blk_BL_models/urls
            log block.log
            }

            dest blk_BL_movies {
            domainlist blk_BL_movies/domains
            urllist blk_BL_movies/urls
            log block.log
            }

            dest blk_BL_music {
            domainlist blk_BL_music/domains
            urllist blk_BL_music/urls
            log block.log
            }

            dest blk_BL_news {
            domainlist blk_BL_news/domains
            urllist blk_BL_news/urls
            log block.log
            }

            dest blk_BL_podcasts {
            domainlist blk_BL_podcasts/domains
            urllist blk_BL_podcasts/urls
            log block.log
            }

            dest blk_BL_politics {
            domainlist blk_BL_politics/domains
            urllist blk_BL_politics/urls
            log block.log
            }

            dest blk_BL_porn {
            domainlist blk_BL_porn/domains
            urllist blk_BL_porn/urls
            log block.log
            }

            dest blk_BL_radiotv {
            domainlist blk_BL_radiotv/domains
            urllist blk_BL_radiotv/urls
            log block.log
            }

            dest blk_BL_recreation_humor {
            domainlist blk_BL_recreation_humor/domains
            urllist blk_BL_recreation_humor/urls
            log block.log
            }

            dest blk_BL_recreation_martialarts {
            domainlist blk_BL_recreation_martialarts/domains
            urllist blk_BL_recreation_martialarts/urls
            log block.log
            }

            dest blk_BL_recreation_restaurants {
            domainlist blk_BL_recreation_restaurants/domains
            urllist blk_BL_recreation_restaurants/urls
            log block.log
            }

            dest blk_BL_recreation_sports {
            domainlist blk_BL_recreation_sports/domains
            urllist blk_BL_recreation_sports/urls
            log block.log
            }

            dest blk_BL_recreation_travel {
            domainlist blk_BL_recreation_travel/domains
            urllist blk_BL_recreation_travel/urls
            log block.log
            }

            dest blk_BL_recreation_wellness {
            domainlist blk_BL_recreation_wellness/domains
            urllist blk_BL_recreation_wellness/urls
            log block.log
            }

            dest blk_BL_redirector {
            domainlist blk_BL_redirector/domains
            urllist blk_BL_redirector/urls
            log block.log
            }

            dest blk_BL_religion {
            domainlist blk_BL_religion/domains
            urllist blk_BL_religion/urls
            log block.log
            }

            dest blk_BL_remotecontrol {
            domainlist blk_BL_remotecontrol/domains
            urllist blk_BL_remotecontrol/urls
            log block.log
            }

            dest blk_BL_ringtones {
            domainlist blk_BL_ringtones/domains
            urllist blk_BL_ringtones/urls
            log block.log
            }

            dest blk_BL_science_astronomy {
            domainlist blk_BL_science_astronomy/domains
            urllist blk_BL_science_astronomy/urls
            log block.log
            }

            dest blk_BL_science_chemistry {
            domainlist blk_BL_science_chemistry/domains
            urllist blk_BL_science_chemistry/urls
            log block.log
            }

            dest blk_BL_searchengines {
            domainlist blk_BL_searchengines/domains
            urllist blk_BL_searchengines/urls
            log block.log
            }

            dest blk_BL_sex_education {
            domainlist blk_BL_sex_education/domains
            urllist blk_BL_sex_education/urls
            log block.log
            }

            dest blk_BL_sex_lingerie {
            domainlist blk_BL_sex_lingerie/domains
            urllist blk_BL_sex_lingerie/urls
            log block.log
            }

            dest blk_BL_shopping {
            domainlist blk_BL_shopping/domains
            urllist blk_BL_shopping/urls
            log block.log
            }

            dest blk_BL_socialnet {
            domainlist blk_BL_socialnet/domains
            urllist blk_BL_socialnet/urls
            log block.log
            }

            dest blk_BL_spyware {
            domainlist blk_BL_spyware/domains
            urllist blk_BL_spyware/urls
            log block.log
            }

            dest blk_BL_tracker {
            domainlist blk_BL_tracker/domains
            urllist blk_BL_tracker/urls
            log block.log
            }

            dest blk_BL_updatesites {
            domainlist blk_BL_updatesites/domains
            urllist blk_BL_updatesites/urls
            log block.log
            }

            dest blk_BL_violence {
            domainlist blk_BL_violence/domains
            urllist blk_BL_violence/urls
            log block.log
            }

            dest blk_BL_warez {
            domainlist blk_BL_warez/domains
            urllist blk_BL_warez/urls
            log block.log
            }

            dest blk_BL_weapons {
            domainlist blk_BL_weapons/domains
            urllist blk_BL_weapons/urls
            log block.log
            }

            dest blk_BL_webmail {
            domainlist blk_BL_webmail/domains
            urllist blk_BL_webmail/urls
            log block.log
            }

            dest blk_BL_webphone {
            domainlist blk_BL_webphone/domains
            urllist blk_BL_webphone/urls
            log block.log
            }

            dest blk_BL_webradio {
            domainlist blk_BL_webradio/domains
            urllist blk_BL_webradio/urls
            log block.log
            }

            dest blk_BL_webtv {
            domainlist blk_BL_webtv/domains
            urllist blk_BL_webtv/urls
            log block.log
            }

            dest Facebook {
            domainlist Facebook/domains
            redirect http://127.0.0.1:80/sgerror.php?url=403%20Error&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
            log block.log
            }

            rew safesearch {
            s@(google../search?.q=.)@\1&safe=active@i
            s@(google..
            /images.q=.)@\1&safe=active@i
            s@(google../groups.q=.)@\1&safe=active@i
            s@(google..
            /news.q=.)@\1&safe=active@i
            s@(yandex../yandsearch?.text=.)@\1&fyandex=1@i
            s@(search.yahoo..
            /search.p=.)@\1&vm=r@i
            s@(search.live../.q=.)@\1&adlt=strict@i
            s@(search.msn..
            /.q=.)@\1&adlt=strict@i
            log block.log
            }

            acl {

            default {
            pass !in-addr none
            redirect http://127.0.0.1:80/sgerror.php?url=403%20Error&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
            log block.log
            }
            }

            pfSense is © 2004 - 2009 by BSD Perimeter LLC. All Rights Reserved. [view license]
            [Commercial Support Available]

            1 Reply Last reply Reply Quote 0
            • D
              dvserg last edited by

              You are disable all access and dont allow Facebook.
              Now you HTTP are blocking

              SquidGuardDoc EN  RU Tutorial
              Localization ru_PFSense

              1 Reply Last reply Reply Quote 0
              • cyber7
                cyber7 last edited by

                You can try and look at the traffic as it spools by using:
                tail -f /var/squid/log/access.log
                (using your console or ssh)

                if should show you all the squid traffic as it spools by and thus be able to see if you get any 200/403 messages. (200=allowed and 403=denied)

                Kind regards
                Aubrey

                When you pause to think, do you start again?

                2.2.4-RELEASE (amd64)
                built on Sat Jul 25 19:57:37 CDT 2015
                FreeBSD 10.1-RELEASE-p15
                and
                pfSense 2.3.2-RELEASE-p1 (amd64 full-install) on pfSense

                1 Reply Last reply Reply Quote 0
                • C
                  cipandales last edited by

                  dvserg

                  My http trafic it is not blocked. I can browse anywere. I think squidguard is not working….

                  cyber7

                  This folder /var/squid/log/ does not exist. You mean /var/squid/logs ? In this folder i found just cache.log.

                  1 Reply Last reply Reply Quote 0
                  • D
                    dvserg last edited by

                    @cipandales:

                    dvserg

                    My http trafic it is not blocked. I can browse anywere. I think squidguard is not working….

                    cyber7

                    This folder /var/squid/log/ does not exist. You mean /var/squid/logs ? In this folder i found just cache.log.

                    Probably you configure transparent proxy.
                    You are sure what you browser have HTTPaccess via squid ? Enter proxy options (ip/port) directly to the IE.

                    SquidGuardDoc EN  RU Tutorial
                    Localization ru_PFSense

                    1 Reply Last reply Reply Quote 0
                    • C
                      cipandales last edited by

                      I don't use transparent proxy, as you see in attachament.
                      And i don't use acl, either.

                      But it doesn't work…

                      Thank you for your patience.


                      1 Reply Last reply Reply Quote 0
                      • C
                        ColdFusion last edited by

                        You need squid for squid guard to work…it looks like nothing is set in squid.

                        1 Reply Last reply Reply Quote 0
                        • C
                          cipandales last edited by

                          Please be more specific.
                          What do you mean with setting up squid ? I have installed squid before squidguard and yes, i didn't make any changes to squid.

                          Is there anything to setup in squid ?

                          Thank you !

                          1 Reply Last reply Reply Quote 0
                          • C
                            cipandales last edited by

                            I used tutorial from http://doc.pfsense.org/index.php/Setup_Squid_as_a_Transparent_Proxy and follow the instructions.
                            I tried with transparent proxies checked and not checked, reboot etc.
                            Still doesn't work.

                            Can you help, please ?

                            1 Reply Last reply Reply Quote 0
                            • C
                              cipandales last edited by

                              Squidguard can works if squid does not use transparent proxies ?

                              Thanks

                              1 Reply Last reply Reply Quote 0
                              • D
                                dvserg last edited by

                                You must configure squid package. Select interface/enable logging/enterproxy port

                                SquidGuardDoc EN  RU Tutorial
                                Localization ru_PFSense

                                1 Reply Last reply Reply Quote 0
                                • First post
                                  Last post