SquidGuard + time



  • Hi, I use pfsense 2 rc3 and i very happy!
    Now I need block navigation on one site (fb) in work time, and allow navigation in lunch time..
    I have installed Squid and SquidGuard..
    in SquidGuard i have made this step:

    1. create a Target Categories called fb with a expression that filter my desidered site (it's work)
    2. in Time: create a period with this data "Weekly", "all", "12:00-13:00"
    3. in Groups ACL I have create a group, select time period and in Target rule list "deny" access to fb in off-time, while allow default access always
    4. in Common ACL: in Target Rule List I "allow" the default Access and "Ignore" the fb (–-)
      but don't work! the site is not blocked, never!

    have ideas to solve?
    thanks in advance

    Robert



  • If you need just to block facebook, create a host firewall alias and include app.facebook.com

    Then create a time schedulle on firewall and apply this reject rule on floating rule.

    If you are using transparent proxy, you will need this rule to prevent a simple https://facebook.com.

    On squidguard, there are some posts about this time acl. You need to change redirect response from 301(permanent) to 302(temporary).



  • @marcelloc:

    If you need just to block facebook, create a host firewall alias and include app.facebook.com
    (…)

    Did I miss somethings !?
    Is it possible in pfsense to add a DNS in Alias ?
    Does pfsense automatically resolve the corresponding IPs !?



  • Since  2.0 full support :)



  • @marcelloc:

    Since  2.0 full support :)

    hmmm - is this really since 2.0 or since 2.0.1 !?
    Is this working when there is an DNS <-> IP change ?
    Is it working when there are moe than one IP for a DNS entry ?

    wow :-)



  • since 2.0 and yes for all other questions  ;)



  • @marcelloc:

    since 2.0 and yes for all other questions   ;)

    Then someone should edit the description:

    Enter as many hosts as you would like. Hosts must be specified by their IP address.
    

    Thanks :)



  • Thanks of all..
    the Time ACL in Squidguard work!
    but there is an other problem: int the period in which the navigation is allowed, the browser use our cache, and not surf!!
    Only clearing the browser cache it's possible navigate in the free-period
    Any idea?

    thank in advance
    Hello!
    Robert



  • On squidguard, there are some posts about this time acl. You need to change redirect response from 301(permanent) to 302(temporary).

    This is what you need to change  :)



  • sorry.. but where change this ?  I don't find this options..  ???





  • Don't work !
    I try edit the /usr/local/pkg/squidguard_configurator.inc and also select "Redirect mode: "ext url = found (enter URL)" in gui but nothing, do not work, the browser (firefox) cache block page!
    I'm going crazy!



  • use ext url found but webpages are not blocking pls help


Log in to reply