Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SquidGuard and numeric address CDNs…

    Scheduled Pinned Locked Moved pfSense Packages
    1 Posts 1 Posters 743 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      Ecnerwal
      last edited by

      The actual problem - crappy web practices on the part of youku and tudou (Chinese YouTube-knockoff sites.)

      The effective problem - if I have SquidGuard on and have "Do not allow IP-Addresses in URL" checked Youku and Tudou videos don't load. There's no clear evidence in the logs that I can find to point me at exactly what's blocked (perhaps numeric blocks are not being recorded the squidguard log - but when I look at the firewall log (only other place I can think it would be logged) I get no records whether I put in the local machine IP address as source or destination.)

      I am not (as most people who have scribbled all over the net about similar sounding issues) trying to get access to the "Only in mainland China" content outside of China - I'm simply trying to appease my Chinese users without throwing the whole of my blocking schema into the trash.

      As far as I can tell (by looking in the squid access log), these Chinese video sites are using a CDN which they refer to strictly by numeric IP address - the addresses in question have no DNS information (no information at all other than that they are in China, actually.) If I whitelist a bunch of the ones I have found, the videos take longer (pretending that they are preparing to load) to fail, but they never work. If I turn off "Do not allow IP-Addresses in URL", they work. If I turn off "Do not allow IP-Addresses in URL", my network is effectively unblocked against the moderately informed age 10 and up user, so that's not an option.

      Any ideas, other than suggesting that my Chinese users complain to the people that wrote the websites in question?

      pfSense on i5 3470/DQ77MK/16GB/500GB

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.