Block websites based on keywords



  • My company wishes to block websites based on a list of keywords. I can't find any place to do this within our current configuration (GUI), other than black-listing specific URL's.
    Current version of pfSense is 1.2.3 and installed packages are lightsquid 1.7.1 pkg v.1.2 and squid 2.7.9_4.

    What do I need to be able to accomplish this task?



  • What out there already does something like this? Perhaps you need to add squidguard.



  • I installed the squid_guard package, found a suitable blacklist and denied access to a select group of keywords.

    After saving and applying within the squid_guard gui, the service says it started, but on the services page, it shows neither squid or squidquard is running. Attempts to start them fail.

    Do I need to upgrade the pfSense firmware to 2.0.1?



  • Probably best way would be to first update to version 2.0.1
    In the near future there will be version 2.1 available and then you are running a really old version of pfsense.

    The main issue is that most packages are only available for pfsense 2.x

    So in your case you need squid to filter traffic and then squidguard to block websites - which are filtered by squid - by URL.
    If you like to block websites based on the URL or the content of the website, you need squid to filter traffic and dansguardian to block websites.
    In both cases you need squid + squidguard or dansguardian.

    Both are available for pfsense 2.0.1 and will be available for the next pfsense relase pfsense 2.1



  • I'll proceed with uninstalling all of the packages, doing the upgrade to 2.0.1, then install the necessary packages.

    We're running a CARP pair and are currently running on the secondary, because I've done a nice job of 'killing' our primary with my attempts to get squid_quard installed.

    I have the CARP interface cable disconnected at this time. Would it be safe to assume I should leave it that way until I've upgraded the primary and have it configured and functional?



  • Probably this is the best. I am not familar with CARP but probably best would be to leave the secondary site running until the primary is working - then do a "manual" switch to the new /primary one and update the secondary.

    then you should probably configure the CARP for both again.


Locked