SquidGuard only blocking facebook on some computers

  • Ok  tell me what I did wrong this is my network I have a pfsense firewall with only one lan going into it from a switch with 3 computers hooked to it with ethernet lines and one wifi router that everyone uses for smart phones and tablets.

    On pfsense I have squidguard with Shallalist blocking socialnet and porn sites on the wifi router and 3 computers porn is blocked successfully but facebook it is only blocked on the devices hooked up to wifi but not the other 3 computers hooked up to the switch.

    Why would porn be blocked on all computers and facebook only on some with all the settings set the same for porn and facebook ? I have gone over all the settings for squidguard and dont see anything to bypass and computers and shallalist is up to date.
    In the firewall I went over aliases and rules and I dont have anything that would let the 3 computers bypass facebook I am stumped.

  • External proxy?  VPN?

  • No external proxy 2 computers hooked up right out of the box my Laptop has a VPN because I travel but I am not logged on I click on porn its blocked same computers let facebook connect with www.facebook.com.
    I wish someone would come up with a package just for blocking facebook

  • I have squidGuard blocking Facebook just fine.  However, I don't use transparent mode and all the MitM nonsense.

    To get to the bottom of your problem, you will need to post details of your clients (the ones that get through) and your SquidGuard config with respect to ACLs.

  • KOM I do not use MITM and what details do you need

  • David Gall Got it ! I set up Alias and rules to block facebook in the rules and it was working fine for months but they added a more ip addresses with the help of this page http://www.tcpiputils.com/browse/as/32934 I added the prefix rules I didnt have in my rules in IPv4 and IPv6 and everything is blocked again.

  • Moderator

    dgall, if you continue to block using IPs, it's much more practical to use pfBlockerNG to download the list of IPs from "Hurricane Electric" and the package will download updates on a frequent basis.

    See the following thread (#6) -