Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Problem with 2.2.2 amd64 squid3 and squidGuard

    Scheduled Pinned Locked Moved Cache/Proxy
    12 Posts 4 Posters 2.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dnikky
      last edited by

      @91X:

      already to create Target Categories on squidguard?

      this is my acl common, I have not created

      1 Reply Last reply Reply Quote 0
      • D
        dnikky
        last edited by

        Can anyone help me, my system needs to operate !!!

        1 Reply Last reply Reply Quote 0
        • KOMK
          KOM
          last edited by

          Do you know for sure that squid is working?  Anything in /var/squidGuard/log/squidGuard.log or block.log?

          1 Reply Last reply Reply Quote 0
          • D
            dnikky
            last edited by

            squid is still working … but squidGuard not work ... Here are the latest thing in squidGuard.log

            1 Reply Last reply Reply Quote 0
            • KOMK
              KOM
              last edited by

              OK, squidGuard appears to be working.  But it isn't blocking anything?  What happens if you change the last entry, Default access [All] to Deny?  Also, you don't show the entire ruleset.  They are processed top-down, so if you have an Allow All at the top then any blocks farther down won't trigger.

              1 Reply Last reply Reply Quote 0
              • D
                dnikky
                last edited by

                @KOM:

                OK, squidGuard appears to be working.  But it isn't blocking anything?  What happens if you change the last entry, Default access [All] to Deny?  Also, you don't show the entire ruleset.  They are processed top-down, so if you have an Allow All at the top then any blocks farther down won't trigger.

                Thank you for your reply , when i change Default access [all] to Deny , squidGuard block all . I did it . One more question : "when I check the "Transparent HTTP proxy" to enable "HTTPS / SSL interception" computers in the local network can not access the proxy server for downloading CA. What should I do ? "

                1 Reply Last reply Reply Quote 0
                • KOMK
                  KOM
                  last edited by

                  What should I do ?

                  Don't use transparent proxy for this exact reason.  Use Web-Proxy Auto-Detection (WPAD) instead.

                  1 Reply Last reply Reply Quote 0
                  • C
                    chidgear
                    last edited by

                    The problem for the HTTPS/SSL transparent proxy and the certificates issue is documented in this forum (I can't recall where, but the search bar above is very usefull), so I'll give you a place where you can start:
                    HTTPS/SSL with transparent proxy creates a "man in the middle", so you need to create a CA and download the CA server certificate and install it on all the machines that are going to use the proxy.
                    In certain enviroments this is easy and useful, in others is too expensive in therms of time and effort so WPAD is recommended.
                    For the topic about blocking porn, be sure your lists are up to date and don't forget to create at least one target category so squidguard can do it's job without trouble.

                    Greetings and good luck!  :D

                    1 Reply Last reply Reply Quote 0
                    • D
                      dnikky
                      last edited by

                      @chidgear:

                      The problem for the HTTPS/SSL transparent proxy and the certificates issue is documented in this forum (I can't recall where, but the search bar above is very usefull), so I'll give you a place where you can start:
                      HTTPS/SSL with transparent proxy creates a "man in the middle", so you need to create a CA and download the CA server certificate and install it on all the machines that are going to use the proxy.
                      In certain enviroments this is easy and useful, in others is too expensive in therms of time and effort so WPAD is recommended.
                      For the topic about blocking porn, be sure your lists are up to date and don't forget to create at least one target category so squidguard can do it's job without trouble.

                      Greetings and good luck!  :D

                      Thank you for replying my thread.
                      I understand how it works but I do not understand how WPAD install because it slightly confused to me, in my company, wifi spend them without user authentication, so a bit difficult installation problems manually. you or someone can help me through the installation video guide WPAD is not? .
                      Thanks and Best Regards

                      1 Reply Last reply Reply Quote 0
                      • KOMK
                        KOM
                        last edited by

                        WPAD Autoconfigure for Squid

                        This is the 3rd time I've linked to this for you.  Read it.  It's not hard.

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.