Webfiltering without using squid

cheonne · Mar 19, 2014, 3:08 AM

hey guys

aside from using squid+squidguard/dansguardian as web filter, is there any other way of not using squid to block porn sites, do regular expressions in blocking, exempt certain PC from blocking the sites?
of course opendns will do but it is limited to its features (free account). unlike squidguard/dansguardian, there features are great but sad to say it needs squid in order to run smoothly.

jimp · Mar 24, 2014, 7:43 PM

You need a proxy for that. pf can only see IP addresses and you can't tell enough from that to know what web site is being requested.

You need a proxy in between so the proxy can receive the HTTP request, read the headers, and make decisions about what to allow from there.

There may be some other methods in the future, such as a DNS proxy that could blacklist certain domains, but you'd still have to get a list of "bad" domains from somewhere even if that were possible.

It's best to use a proxy for that, since a proxy is the best solution suited to that task.

mendilli · Mar 24, 2014, 9:02 PM

as far as I know there was a dns filter package for older versions of pfsense, it is using category system just like squidguard

by the way it would be nice to have it on recent versions

cheonne · Mar 25, 2014, 5:39 AM

yes i read that while searching for an alternative - dns blacklist.
sad to say its not updated upto its current version of pfsense.
well yeah i use squid3 in order to run smoothly squidguard.
but i am hoping for an alternative, a web filter without having a proxy anymore - aside from opendns.