Understanding Squidguard logs and unblocking something
Here's my situation: I am running pfsense 2.1 with transparent squid proxy and squidguard (using a shalla blacklist) and almost everything is working perfectly. I'm blocking the following categories: adv, aggressive, costtraps, dating, drugs, fortunetelling, gamble, models, porn, sex education, sex lingerie, spyware, tracker, and violence.
I'm having difficulty figuring out how to unblock my son's game (deadz reborn). Login fails every time unless I turn Squidguard off, which I obviously don't want to do.
So, I thought I would add an exception to the blacklist and learned how to do that. I added deadz.com and deadz.entitygaming.com but that does not seem to have helped. I suspect the actual game login is an entirely different domain or url than the games public web site. So then I thought I could find the correct URL, domain, or IP address that was blocked by looking at the squidguard logs. Ughhh… and WOW, it's all greek to me, plus I'm not sure I'm looking in the right place.
So, will I find the information I need in the Squidguard log? If yes, where do I look, and how do I understand it? If no, how can I figure out what needs to be whitelisted in order to allow the exception for this game?
Any help is greatly appreciated!
one way to do it you can go to squid and on the first page put 188.8.131.52 in pass through , so deadz.com will be totally bypassed from on proxy itself, instead of squidguard. rest of the categories will remain blocked as they are.
I will give that a try and report back.
Not quite sure where I should enter the IP address you gave me. Please take a look at this screenshot and get back to me: http://screencast.com/t/U6nOYU1Euvd
Seems like this is more likely where I should enter it: http://screencast.com/t/hjbE202BA
Unfortunately that did not work.
Other ideas anyone?
Anyone... Bueller... Bueller...
I'm surprised I haven't had many responses yet. Is this because so few people use squid proxy?
So, in an effort to be proactive I took a packet capture of the 10-15 seconds when my son is logging into the game that seems to have a problem with squid proxy. There are two public ip addresses involved in that transaction, but I don't really know what to do with that information.
I'm willing to gather additional data if there is someone out there who would be willing to help.
I realize my issue is not life or death, but I truly want to learn about squid transparent proxy and this is hindering my progress.
I think it's safe to say I'm being patient. Anyone, please??