Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How can i make website or link skip squidguard

    Scheduled Pinned Locked Moved Cache/Proxy
    6 Posts 2 Posters 3.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      firefox
      last edited by

      how can i Exclud a website or url from squidguard

      I worked under a certain manual
      And some sites were blocked

      And it is correctly

      But there is one site that I do want to access it
      How do I take it from the list of blocked
      But leaves the rest of the sites

      I tried to add a site to white list
      after i read here http://hubpages.com/hub/URL-Filtering-How-To-Configure-SquidGuard-in-pfSense
      Part of "Excluding URLs from the Blacklist"
      But I'm probably missing something

      how do i do that ?

      Additional

      There is a computer on the local network
      I do not want to pass through squidguard
      It's my sister's work computer
      It has a vpn
      And it stopped working
      She gets a message
      The connection is not secure and maybe someone listening

      ![home.plex - Proxy filter SquidGuard Target categories Edit - 2015-03-16_18.33.18.png](/public/imported_attachments/1/home.plex - Proxy filter SquidGuard Target categories Edit - 2015-03-16_18.33.18.png)
      ![home.plex - Proxy filter SquidGuard Target categories Edit - 2015-03-16_18.33.18.png_thumb](/public/imported_attachments/1/home.plex - Proxy filter SquidGuard Target categories Edit - 2015-03-16_18.33.18.png_thumb)
      ![home.plex - Proxy filter SquidGuard Common Access Control List (ACL) - 2015-03-16_18.33.43.png](/public/imported_attachments/1/home.plex - Proxy filter SquidGuard Common Access Control List (ACL) - 2015-03-16_18.33.43.png)
      ![home.plex - Proxy filter SquidGuard Common Access Control List (ACL) - 2015-03-16_18.33.43.png_thumb](/public/imported_attachments/1/home.plex - Proxy filter SquidGuard Common Access Control List (ACL) - 2015-03-16_18.33.43.png_thumb)

      1 Reply Last reply Reply Quote 0
      • KOMK
        KOM
        last edited by

        I prefer to use the Group ACL to manage exceptions.  Create a new Group ACL.  Add your IP address (or whomever's) to it and set its access restrictions to whatever you want, or none at all.  The Group ACL will override the Common ACL.

        Anyone using your proxy in transparent mode for HTTPS will get browser warnings.  The only way to avoid that is to install a pfSense certificate in your browser's certificate store (which is a pain) or use Squid in standard mode (not transparent) & WPAD to enable auto-discovery of your Squid proxy.  WPAD is the better method.

        1 Reply Last reply Reply Quote 0
        • F
          firefox
          last edited by

          Settings I did before
          Started to work
          Without me touching anything
          Probably forgot to click Save or Apply button

          I prefer to use the Group ACL to manage exceptions.

          What are the differences between them ?

          Anyone using your proxy in transparent mode for HTTPS will get browser warnings.  The only way to avoid that is to install a pfSense certificate in your browser's certificate store (which is a pain) or use Squid in standard mode (not transparent) & WPAD to enable auto-discovery of your Squid proxy.  WPAD is the better method.

          You have already tried to help me https://forum.pfsense.org/index.php?topic=89539.0
          But without success
          I do not know why
          But only my sister's computer have problems

          she has a home computer with windows xp – The problem appears randomly
          And work laptop with windows 7 -- also The problem appears randomly - and vpn Is blocked
          i Excluded her work computer with common acl rule and it work all problem are gone
          I can do it Also with home computer
          But I want to know why this is happening

          Do squidguard Influences On the certificates ?
          Before I installed squidguard I only had squid in transparent mode And everything worked without any problems
          And it is only in two of these computers

          1 Reply Last reply Reply Quote 0
          • KOMK
            KOM
            last edited by

            What are the differences between them ?

            Flexibility.  With whitelists and blacklists, it's all or nothing.  ACLs allow you to customize access.

            But only my sister's computer have problems

            Are her systems up to date for patches and browser versions?  Windows XP???  I do not recommend running Squid in transparent mode.  Use standard mode with WPAD to direct your clients to the proxy.  Then you can filter HTTPS without worrying about installing certificates.

            1 Reply Last reply Reply Quote 0
            • F
              firefox
              last edited by

              I do not recommend running Squid in transparent mode.

              What happens in squid in transparent mode
              that Does not happen in non transparent mode ?
              What are the differences

              I have three sites
              I created for them aliases (adobe,ubuntu update,and one more) And are listed here

              Bypass proxy for these source IPs
Bypass proxy for these destination IPs

              They did not work until I did it
              This is why I marked transparent mode (So that I can list them empty rows)

              Use standard mode with WPAD to direct your clients to the proxy

              English This is not my native language
              I want to know if I understood correctly What I read

              What this actually means
              Instead of listing on each computer details of squid
              I create this file Put it in pfsense
              And computers identify squid alone without any settings ?

              Are her systems up to date for patches and browser versions?

              the computer with xp Was missing six updates Beyond that is up to date
              the laptop with win7 is up to date
              She uses both with chrome

              1 Reply Last reply Reply Quote 0
              • KOMK
                KOM
                last edited by

                What happens in squid in transparent mode

                In transparent mode, your browser will show an error because the site that it is indirectly connecting to doesn't match the certificate.

                What this actually means
                Instead of listing on each computer details of squid
                I create this file Put it in pfsense
                And computers identify squid alone without any settings ?

                Yes.  However, the web sever hosting the wpad.dat file has to be HTTP, not HTTPS.  You can use the pfSense web server if you have it set to use WebGUI via HTTP.  Otherwise, you will have to have another web server to host the file that is HTTP.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.