• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Blocking Users With Firewall with squid

Scheduled Pinned Locked Moved Firewalling
3 Posts 3 Posters 2.5k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • X
    xphat
    last edited by Feb 14, 2006, 6:33 PM

    I have a scenario where i have a bunch of customers on a 10.0.0.0/8 network that access the internet through my main pfsense firewall with squid installed.. (an old version).. anyhow i made a few aliases with all my users that should be able to access the internet and changed the firewall rules so that everyone on the LAN is blocked by default only allowing the users that i wish to access the internet (via the aliases).

    However thanks to squid the users who should not be able to access the internet are still able to browse the internet (albiet they cant do anything else but browse) but i want to be able to block these users from doing anything at all.

    Is there anything that can be done about this (like checking the firewall rules before redirecting traffic) or something?

    1 Reply Last reply Reply Quote 0
    • S
      sullrich
      last edited by Feb 14, 2006, 8:00 PM

      Try adding rules on the lan interface that blocks traffic to the 127.0.0.1 squid port.  Or you could just block the LAN client from 127.0.0.1 altogther.

      1 Reply Last reply Reply Quote 0
      • J
        jerry
        last edited by Oct 17, 2006, 1:34 AM

        I having this same problem will try what you recommended.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
          This community forum collects and processes your personal information.
          consent.not_received