Blocking Users With Firewall with squid

xphat · Feb 14, 2006, 6:33 PM

I have a scenario where i have a bunch of customers on a 10.0.0.0/8 network that access the internet through my main pfsense firewall with squid installed.. (an old version).. anyhow i made a few aliases with all my users that should be able to access the internet and changed the firewall rules so that everyone on the LAN is blocked by default only allowing the users that i wish to access the internet (via the aliases).

However thanks to squid the users who should not be able to access the internet are still able to browse the internet (albiet they cant do anything else but browse) but i want to be able to block these users from doing anything at all.

Is there anything that can be done about this (like checking the firewall rules before redirecting traffic) or something?

sullrich · Feb 14, 2006, 8:00 PM

Try adding rules on the lan interface that blocks traffic to the 127.0.0.1 squid port. Or you could just block the LAN client from 127.0.0.1 altogther.

jerry · Oct 17, 2006, 1:34 AM

I having this same problem will try what you recommended.