Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SquidGuard - block .exe - at witts end (not working)

    Scheduled Pinned Locked Moved pfSense Packages
    4 Posts 3 Posters 4.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • cyber7C
      cyber7
      last edited by

      Hi Guys
      I have tried (without any luck) to block the download of executables.

      I have created a destination rule and added nothing but the expression, but I can still download the exe file.

      What I would like to do is block downloading of exe, bat, pif files.  I can't seem to lay my hands on a solution…

      Kind regards
      Aubrey Kloppers
      ps - please could someone tell me where I am going wrong?
      I have tried:
      1. exe|pif|bat
      2. .exe|.pif|.bat
      3. .*.(exe|pif|bat)
      4. .exe$|.bat$|.pif$
      but nothing works...

      When you pause to think, do you start again?

      2.2.4-RELEASE (amd64)
      built on Sat Jul 25 19:57:37 CDT 2015
      FreeBSD 10.1-RELEASE-p15
      and
      pfSense 2.3.2-RELEASE-p1 (amd64 full-install) on pfSense

      1 Reply Last reply Reply Quote 0
      • W
        wagonza
        last edited by

        .(exe|pif|bat)($|?) works for me, but then again so does .exe$|.bat$|.pif$

        So how do you have this configured? As an expressionlist? Did you make the new acl that you added, configured and set to 'deny'?

        hint quick way to verify squidGuard stuff, is as follows, from the cmd line:

        echo "http://www.website.com/file.exe ip_address - - GET" | squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf -d

        Replace ip_address with yours.

        Follow me on twitter http://twitter.com/wagonza
        http://www.thepackethub.co.za

        1 Reply Last reply Reply Quote 0
        • cyber7C
          cyber7
          last edited by

          Hi wagonza (and others reading this message)

          squidGuard works, without a problem!  It was STUPID ME!  I passed the website as a WHITE website, then blocked the exe!

          Is there not a way that one can change the rule ORDER?

          For example:
          RULE1: allow www.site.com
          RULE2: deny test.exe

          When squidGuard passes the www.site.com it does no further checks for extensions, as the site has already passed.  One should be able to order the rules aswell…

          kind regards
          Aubrey Kloppers
          Cape Town
          South Africa

          When you pause to think, do you start again?

          2.2.4-RELEASE (amd64)
          built on Sat Jul 25 19:57:37 CDT 2015
          FreeBSD 10.1-RELEASE-p15
          and
          pfSense 2.3.2-RELEASE-p1 (amd64 full-install) on pfSense

          1 Reply Last reply Reply Quote 0
          • D
            dvserg
            last edited by

            Exists rules priority:
            white - hight
            block - normal
            allow - low

            SquidGuardDoc EN  RU Tutorial
            Localization ru_PFSense

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.