• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Edit squidguard configuration manualy + doubts

Scheduled Pinned Locked Moved pfSense Packages
5 Posts 2 Posters 2.6k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • Z
    zeratoun
    last edited by Mar 28, 2011, 6:41 PM

    Hi,

    There is a lot of configurations for squidguard in pfsense :
    there is in /usr/local/etc/
    There is in /conf/config.xml
    …

    Witch one can I edit ? I've tried config.xml but nothing has changed.

    I want to edit it manually because the "Groups ACL" GUI is forcing the "all" rule over each group rule witch makes impossible to do "cumulative rules" ie :

    192.168.0.0/24 = no social network, no ads
    192.168.0.55 = social network allowed

    In order to do that I must not specify the "all" rule : neither deny or allow

    I have also doubts about the "common ACL" : If I define a "Groups ACL" then the common one is not used ? What is it's priority over all ACLS ?

    1 Reply Last reply Reply Quote 0
    • D
      dvserg
      last edited by Mar 28, 2011, 7:48 PM

      It is best to use the customization through GUI.
      Gui contains are all necessary facilities for you. Also exists FAQ and training videos for SG configure

      Use next ACL's order:
      192.168.0.55 = social network allowed <single ip's="">192.168.0.0/24 = no social network, no ads <all other="" ip="" from="" subnet="">The common ACL don't apply for IP's if defined Group ACL for this IP's.</all></single>

      SquidGuardDoc EN  RU Tutorial
      Localization ru_PFSense

      1 Reply Last reply Reply Quote 0
      • Z
        zeratoun
        last edited by Mar 28, 2011, 8:06 PM

        Hi, Thank you for your help.

        What I want to achieve is to "cumulate" the rule of 192.168.0.55 with 192.168.0.0/24 in order to avoid to manage to common denial rules.

        For instance, Right now, the 192.168.0.55 is not ads filtered.

        This is due to the fact that the GUI adds me the "all" rule to each groups acl rule. I need a kind of "–-" option to the Default access [all]"

        Is it possible ?

        Best regards,

        1 Reply Last reply Reply Quote 0
        • D
          dvserg
          last edited by Mar 28, 2011, 8:21 PM

          @zeratoun:

          What I want to achieve is to "cumulate" the rule of 192.168.0.55 with 192.168.0.0/24 in order to avoid to manage to common denial rules.
          Is it possible ?

          No. Each ACL contains self Rulez Set. And you must arrange ACLs with narrow Src before ACL with wide Src.

          SquidGuardDoc EN  RU Tutorial
          Localization ru_PFSense

          1 Reply Last reply Reply Quote 0
          • Z
            zeratoun
            last edited by Mar 30, 2011, 5:17 PM

            It's a shame :( I'll do then with the hard way.

            Thank you very much.

            P.S. : it would be great to have a "copy rule" button …... my mouse will die of so much deny click ..... ;)

            1 Reply Last reply Reply Quote 0
            1 out of 5
            • First post
              1/5
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
              This community forum collects and processes your personal information.
              consent.not_received