Lightsquid or Sarg Proxy Reports for squid3 (0.2.8)
-
I’m getting my Pfsense 2.2.2-RELEASE running one piece at a time. I retired my old m0n0wall last week after a decade of service (still running on a CF card). I also have a pass-through Untangle UTM box for basic web/virus protection. My ultimate goal is to replace the m0n0wall/Untangle system with a single pfSense box running a web filter for my young family (Dansguardian or E2guardian).
So my first week with pfSense was getting firewall rules, DHCP, and other functions working. Then I added packages. In order, I have the following packages working successfully. I spent a day or two on each one to make sure it was stable before starting the next:
• snort 3.2.4
• pfBlockerNG 1.08
• squid3 0.2.8I first attempted to use squid 2.7.9 pkg v.4.3.6 with Lightsquid but it was broken with HAVP. So I removed those packages and switched to squid3, which has integrated antivirus. Unfortunately, Lightsquid and Sarg are incompatible to squid3?
Can I have my cake and eat it to? I want squid + antivirus + proxy reports. Squid is broken with HAVP. Squid3 is broken with proxy reports. So it seems the combination isn’t workable at this point?
I’m very excited about development over summer, especially that E2guardian has a bounty (I’m contributing $25 to marcelloc). I'm hoping for the penultimate squid + antivirus + guardian + proxy reports home run solution.
-
After squid3 started throwing ICAP "no error" on web hits, I decided that it required too much debugging to work properly.
I uninstalled squid3 altogether and will wait (patiently) for patches and/or e2 web filtering. That will be worthwhile doing some debugging to get operational.
-
Squid3 x64 in non-transparent mode works fine by itself. AV on the firewall is going to slow everything down. If you already have client/server AV on your systems then you're not really going to get much better with ClamAV, IMO. I tried it once a year ago and the performance hit wasn't worth it. Lightsquid works out of the box but Sarg needs a symlink to work.
-
Squid Stable 2.7.9 pkg v.4.3.6 platform: 2.2 2.2.999 was nuking my CPU load average so I deleted it along with squidGuard. There just doesn't seem to be a stable combination.
I gave up on AV. Clam isn't that incredibly effective and it slows things down. My priority is content filtering over AV. Shady websites are probably more suspicious for downloading viruses than family-friendly websites, so blocking undesirable websites is a good start to controlling viruses (although I've seen my share on children's game websites). SquidGuard seemed to be a good content filtering starter, but there's just too many problems to consider it usable.
-
Stay away from squid2. Squid3 works well in explicit mode.
-
Thanks for the advice. I removed squid2 altogether and pretty much just running snort and pfBlockerNG. Great combination!
I'll get back to proxy stuff in a few weeks.
- Is squidGuard stable with squid3?
- Is there are report generator that (Lightsquid) that works with squid3?
-
- Is squidGuard stable with squid3?
Yes, but after installing it you have to restart squid or reboot the entire thing.
- Is there are report generator that (Lightsquid) that works with squid3?
Lightsquid and Sarg both work well, but Sarg needs the symlink fix or the GUI won't show the reports.