Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Blocking Users With Firewall with squid

    Firewalling
    3
    3
    2.4k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • X
      xphat
      last edited by

      I have a scenario where i have a bunch of customers on a 10.0.0.0/8 network that access the internet through my main pfsense firewall with squid installed.. (an old version).. anyhow i made a few aliases with all my users that should be able to access the internet and changed the firewall rules so that everyone on the LAN is blocked by default only allowing the users that i wish to access the internet (via the aliases).

      However thanks to squid the users who should not be able to access the internet are still able to browse the internet (albiet they cant do anything else but browse) but i want to be able to block these users from doing anything at all.

      Is there anything that can be done about this (like checking the firewall rules before redirecting traffic) or something?

      1 Reply Last reply Reply Quote 0
      • S
        sullrich
        last edited by

        Try adding rules on the lan interface that blocks traffic to the 127.0.0.1 squid port.  Or you could just block the LAN client from 127.0.0.1 altogther.

        1 Reply Last reply Reply Quote 0
        • J
          jerry
          last edited by

          I having this same problem will try what you recommended.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.