Filtering bridge and url filtering with squid/squidguard possible?



  • Hello all,

    I am interested in pfsense. I want to install a box that acts as a firewalled bridge. That box obviously should have an ip address assigned to it, only for management purposes.

    Question 1: Can pfsense do this?

    If it can, ideally I'd like to setup basically a URL filter on it. Details:

    • I am not interested in HTTP/FTP caching, only interested in the FTP functionality
    • Ideally, I should be able to use the Shalla lists along with squidguard/squid
    • Not interested at all in transparent http. Access to the web will be manually configured on all LAN systems to use the address:port specification that corresponds to the box.
    • For the latter, obviously an ip:port should be allocated on the filtering bridge, strictly for the purposes of proxying

    Question 2: Can the pfsense filtering bridge, do URL filtering with squid/squidguard?



  • @reqman:

    Hello all,

    I am interested in pfsense. I want to install a box that acts as a firewalled bridge. That box obviously should have an ip address assigned to it, only for management purposes.

    Question 1: Can pfsense do this?

    If it can, ideally I'd like to setup basically a URL filter on it. Details:

    • I am not interested in HTTP/FTP caching, only interested in the FTP functionality
    • Ideally, I should be able to use the Shalla lists along with squidguard/squid
    • Not interested at all in transparent http. Access to the web will be manually configured on all LAN systems to use the address:port specification that corresponds to the box.
    • For the latter, obviously an ip:port should be allocated on the filtering bridge, strictly for the purposes of proxying

    Question 2: Can the pfsense filtering bridge, do URL filtering with squid/squidguard?

    1. The proxy squid/squidguard possible use for http/ftp-over-http. With bridge transparent proxyot work (for this moment). You must setup IP for LAN, if you want use proxy for you clients.
    2. Yes for http/ftp-over-http use non-transparent proxy.


Log in to reply