Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Logging URLs

    General pfSense Questions
    1
    2
    1916
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Y
      yoogie last edited by

      Hi,

      I don't have a problem but I am missing functionality in pfSense. Maybe there is a solution for this but I was not able to figure out how to achieve this.

      I am trying to set up pfSense as an internet proxy with unlimited access. Captive portal is configured in order to have a user authentication system. After the authentication, I need to know every URL a user has visited (for legal reason).

      I have tried the transparent squid solution, but apparently this doesn't work for https. Forcing the user to use squid as a proxy server is also no opportunity because we often have users with limited user accounts and no possibility to change the proxy settings.

      So I have thought about using snort, but I am not sure how to configure it. Another opportunity would be to use urlsniff, but unfortunately I am not keen enough to create a package for it.

      Is it possible to integrate something that makes it possible to log every visited url or is it even possible to achieve this with the existing stuff? (how?)

      Any help is very appreciated.

      Thanks in advance,
      Manuel

      1 Reply Last reply Reply Quote 0
      • Y
        yoogie last edited by

        To give myself an answer.

        The only solution is to configure squid as acceleration proxy and set up a ssl-cert manually. Then squid is able to interrupt ssl connections and handle them by itself. This should ensure logging https connections without having to set anything up withing the client os.

        But, unfortunately it seems that the squid package was compiled without the appropriate options.

        Cheers,
        Manuel

        1 Reply Last reply Reply Quote 0
        • First post
          Last post