Squid will not block all porn / gambling / etc



  • I have just installed pfsense and learning.  I installed squid and squidguard to block unsavory sites.  If I search for "porn" and try to connect to a site, I am blocked (this is good)  If I search for "raw sex", I can access any of these smutty sites.  How can I configure squid to block any reference to porn, gambling, etc?  With gambling set to 'deny', I can go to poker stars and a number of other gambling sites.

    I cannot figure out how to actually block all instances

    Thanks



  • I cannot figure out how to actually block all instances

    If you could, you would be rich.  Squidguard can only block on what it has for bad sites in its database.  This is always the issue with blacklists.  New sites pop up like gophers.  You probably need a content blocker like DansGuardian or the upcoming E2Guardian.  They analyze the content, not just the URL.



  • try using this filter and see how you go.
    http://urlblacklist.com/?sec=download



  • @KOM:

    I cannot figure out how to actually block all instances

    If you could, you would be rich.  Squidguard can only block on what it has for bad sites in its database.  This is always the issue with blacklists.  New sites pop up like gophers.  You probably need a content blocker like DansGuardian or the upcoming E2Guardian.  They analyze the content, not just the URL.

    Thanks for the assist!  However, I do not see DansGuardian or E2Guardian in available packages.  Do I need to manually install?  Or am I missing a setting to see all available packages?

    (forgot to mention I am running the newest PfSense 2.3.1 p5)



  • Holy ancient thread, Batman!

    Those packages do not exist under 2.3.  E2Guardian never materialized.  Squidguard + blacklists are your only option for now.



  • @KOM:

    …or the upcoming E2Guardian...

    edit, post answered…



  • @KOM:

    Holy ancient thread, Batman!

    Those packages do not exist under 2.3.  E2Guardian never materialized.  Squidguard + blacklists are your only option for now.

    KOM,

    Thanks for the info!


  • Banned

    latest Squid is capable of using ICAP server - the one that could look into actual contents being pumped. See http://docs.diladele.com/tutorials/filtering_https_traffic_squid_pfsense/index.html