Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squid/Squidguard feature request

    Scheduled Pinned Locked Moved
    pfSense Packages
    1
    2
    943
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rwalker
      last edited by

      The transparent SSL filtering is great!  Would love to see an option to bypass for certain categories in Squidguard.  Currently I am using an alias list and it is painful.  You will always have certain URLs/IPs unique to you that need to be bypassed (to avoid cert errors), but having the bulk of it from whatever blacklist you are using would be much better.

      Thanks,
      Roy

      1 Reply Last reply Reply Quote 0
      • R
        rwalker
        last edited by

        No, I want to bypass Squid entirely for certain trusted sites, ie banking and Microsoft.  Also have to bypass SSL filtering for email and IM so the client will connect properly.  Otherwise you the user/app gets a cert error (since it's MIM SSL).

        After researching this a bit more I see it's not possible on the Squid/Squidguard side.  Squid is capturing the initial Connect of the SSL session and therefore can't bypass it.  It must be done at the firewall redirect level.

        Any chance a more robust alias option is in the works?  Something that could pull categories for bypass like Squidguard does to block?  Have no idea what loading 100k entries into a firewall rule does…

        Thoughts?

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.