Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squidguard blacklist not working?

    Scheduled Pinned Locked Moved pfSense Packages
    10 Posts 7 Posters 15.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      SSzretter
      last edited by

      I installed squid and squidguard.  I enabled them and they are running.  I enabled the blacklist for squidguard and pasted in http://www.shallalist.de/Downloads/shallalist.tar.gz and downlaoded the blacklist.  Looked like it downloaded and updated the db properly.  I clicked apply and save for squidguard.

      However when I try to go to some bad sites (for example using URLs from within that downlaoded file) they still work and are not blocked.  What am I missing to fully activate and block these sites?

      1 Reply Last reply Reply Quote 0
      • D
        dvserg
        last edited by

        In addition to downloading blatsklist need to configure it to use.

        SquidGuardDoc EN  RU Tutorial
        Localization ru_PFSense

        1 Reply Last reply Reply Quote 0
        • S
          skear
          last edited by

          You may have already done this but in case you haven't…

          Click on the Common ACL tab in Squidguard, then click the green triangle  to expand the target rules list.  Check to make sure all the categories you want to block are set as deny instead of allow then save your settings.  Sometimes I have to stop/start Squidguard after doing this.

          Check out my pfSense guides

          1 Reply Last reply Reply Quote 0
          • S
            SSzretter
            last edited by

            It was already set for  "!all", but I just went in and set all of them to deny, so it has a long list of deny entries now.  Clicked save, clicked the apply on the first tab, no difference - seems like it is not blocking.

            1 Reply Last reply Reply Quote 0
            • S
              SSzretter
              last edited by

              Ok, maybe a hint - I had the proxy (squid) set to the WAN interface because I have pfsense set to bridged/transparent mode.  Squid is also set to transparent mode.    If I set it to LAN, I can no longer load web pages.  Which should it be - WAN or LAN for bridged?

              1 Reply Last reply Reply Quote 0
              • N
                Nachtfalke
                last edited by

                If you are using squid in transparent mode squidguard only filters http (80) traffic. If you are browsing a https (443) page this will be allowed.

                Which interface you should use in bridged mode I don't know.

                1 Reply Last reply Reply Quote 0
                • _
                  _igor_
                  last edited by

                  If i understand you right: as you said, enable squid on LAN and all is blocked. Here it works. Now enable all in squidguard (set it to pass) and you go. Even in bridged mode it should be set to LAN, i think.

                  1 Reply Last reply Reply Quote 0
                  • E
                    elf
                    last edited by

                    Hi everybody,

                    I would like to ask if  is possibly to block "https" sites in "squidGuard" ? I use this service very well but I am able to block only domain via "http". I need to block some "https" site (for example: https://www.facebook.com).

                    Is possible to do via "Expressions" ? If yes … can you help me with syntax anybody?

                    Thanks you very much.
                    Lukas

                    1 Reply Last reply Reply Quote 0
                    • B
                      briggs
                      last edited by

                      I also have the same problem with author. Even if i've done a clean install, then install squid and squidguard, configure, and download blacklist to shallalist.de with transparent or proxy mode, the filtering doesnt seems to work. Any suggestion is appreciated. thanks

                      1 Reply Last reply Reply Quote 0
                      • N
                        Nachtfalke
                        last edited by

                        I am not using the blacklist files BUT:

                        if you only want to block http (port 80) then it is enough to use squid in transparent mode.
                        if you like to block https (port 443) then you have to run squid in non-transparent mode. In this mode you have to enter the proxy server address in the clients browse.

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.