PFSense/Squid/Squidguard temporary over-ride password???

  • OK so here is what I am trying to figure out, and see if it is even possible:
    I have a PFSense box ver 2.2.4 64 bit running as a firewall and content filter. I am using squid 2.7(The package says 4.3.10) and SquidGuard 1.9.15. Everything is working fine, sites are blocked and internet is fast. Now what I need is a way to allow adult users, who have been assigned a password, the opportunity to temporarily bypass the filter on a blocked page for a certain amount of time. I have done this with squid and dansguardian, the site is blocked, a page(normally php or cgi script) is displayed saying that the site was blocked, but allows a username and password to be entered, and the page is allowed for one hour. However Dansguardian and PFSense do not seem to play well together, as I continually get signal 11 errors in the system log from dansguardian, and as soon as I add more than one subnet to the mix, internet speed is down to a crawl. So after playing with many different ways and settings, I am thinking that squidguard may be my best/only way. But I do not have all day every day to sit and white list sites that our teaching staff need access to. To allow them the chance to over ride a site, to make sure it is appropriate, or useful would be much easier.

    Any help/thoughts/suggestions??

    Thanks in advance

  • Any help/thoughts/suggestions??

    Not possible with just Squid/squidGuard.  If these people have the right to bypass restrictions when they feel like it, why are you restricting them in the first place?

    But I do not have all day every day to sit and white list sites that our teaching staff need access to.

    Sometimes this is the only way.  I can't believe it's that many sites, nor should they change that much that it would require you to spend a lot of time maintaining a whitelist.  If you use squidGuard with blacklists, you can check the URL against the blacklist to see which category it falls under (if any) and then allow just those users to access that category of sites.

Log in to reply