Problem with web filtering



  • Hey Guys!

    Today i installed pfsense with squid and squidguard.
    I also installed a blacklist (shallalist).

    Now i want to filter out some more pages. It works with engadget.com but not with proxy sites like hide.me.

    Without filtering webproxies squidguard seems really useless to me.. :/

    Do you guys have any idea how to filter webproxies out?

    Best whises m1k



  • Go here: http://www.shallalist.de/search.html

    Type in your domain (hide.me).  Click Go.
    See if Shalla has that domain categorized.  Block that entire category.

    Shalla has that domain listed under three different categories (anonvpn, redirector, spyware)



  • Hey!

    Thanks for the tip.

    I have blocked that categories now. Problem still exists.

    Has this something to do with https?

    Best wishes
    M1K



  • I have blocked that categories now. Problem still exists.

    Has this something to do with https?

    No idea.  You've given so little information that all anybody can do is guess.



  • yes it is because of https, now long story short

    you want either to enable SSL man in the middle Filtering

    or set up a wpad.



  • Hey!

    I can't configure the devices connected to my network. So wpad seems to be no option.

    So i have to go back to a pfsense Version based on FreeBSD 9 because Diladele doesnt support FreeBSD 10 yet.
    I would choose this tutorial: https://forum.pfsense.org/index.php?topic=72528.0

    Or am i totally wrong?



  • I can't configure the devices connected to my network. So wpad seems to be no option.

    ??  WPAD = Web Proxy Auto-Detection.  The goal is that you don't have to configure anything – clients find the proxy themselves.



  • WPAD would probably be the way to go. I've just spend some time configuring it on my network. You might have to manually configure mobile devices. Android doesn't appear to be too user friendly just yet with wpad.  You might be able to specify a personal acl that points to a list of sites you want blocked. I don't know how exactly to implement this with pfsense.  Generally squid has a .conf file where you can specify this but I am not seeing one here.


Log in to reply