Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squidguard HTTPS non-T

    Scheduled Pinned Locked Moved pfSense Packages
    4 Posts 3 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      klazoid
      last edited by

      From my knowledge I thought it was possible to use https filtering when you use a non-transparant proxy and put the proxy details in the browser of the user.

      This doesn't work for me. Websites blocked with http protocol are accessible with https.

      2.1-RELEASE
      Squid 2.7.9 pkg v.4.3.3
      Squidguard 1.4_4 pkg v.1.9.5

      Proxy interface LAN - Allow users on interface - Transparant proxy UNTICKED

      1 Reply Last reply Reply Quote 0
      • M
        mendilli
        last edited by

        you should also use a firewall rule to block direct acces to port 443 besides port 80

        1 Reply Last reply Reply Quote 0
        • K
          klazoid
          last edited by

          I did some basic testing:

          https gives an error: Errorcode: ERR_TUNNEL_CONNECTION_FAILED <– is this the normal behaviour?

          1 Reply Last reply Reply Quote 0
          • marcellocM
            marcelloc
            last edited by

            with proxy set on clients ssl sites are blocked/filtered on on domain lists as squid can't analyse url after ssl handshake is done.

            with squid3-dev you can intercept ssl and filter https the same way you do with http.

            Treinamentos de Elite: http://sys-squad.com

            Help a community developer! ;D

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.