Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squidguard not working albeit properly configured

    Scheduled Pinned Locked Moved Cache/Proxy
    4 Posts 2 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pftdm007
      last edited by

      Finally got squid3 to install without messing up the entire platform (thanks to the people who worked hard to make the package install!) and also installed squidguard.

      Then I configured the applications, in a nutshell like this:

      Squid
      General tab
      Squid is enabled
      Proxy interfaces: LAN and LAN2 (I have 2 lan interfaces)
      Port 3128
      Allow users on interface: YES
      Transparent Proxy Interface(s): YES
      Enable Access Logging: YES
      URI Whitespace Characters Handling: strip

      Remote cache
      Nothing modified here - No custom settings

      Local cache
      Nothing modified here - No custom settings

      Antivirus
      Enabled
      Enable manual config: disabled
      Google safe browsing: YES
      ClamAV update: every 1 hr

      ACL's
      Nothing modified here - No custom settings

      Traffic Mgmt
      Nothing modified here - No custom settings

      Authentication
      Nothing modified here - No custom settings

      Users
      Nothing modified here - No custom settings

      Squidguard
      General Settings
      Enabled
      Enable GUI log: YES
      Enable log: YES
      Enable log rotation: YES
      Clean advert. YES
      Blacklisrt: YES
      Blacklist URL: http://www.shallalist.de/Downloads/shallalist.tar.gz

      Common ACL
      I selected misc target categories and my custom target categories are of course selected to DENY
      Do not allow IP-Addresses in URL: YES
      Redirect mode:  ext URL
      Redirect info:  www.google.com
      Rewrite: None
      Log: Checked

      Groups ACL
      Nothing modified here - No custom settings

      Target categories
      Here I have 2 categories: one for banned keywords and another with banned extensions

      banned keywords:
      Order: –-----
      Domain list: empty
      URL List: empty
      Regular expression: lots of words in the format of "mail|casino|game"
      Reditect mode: int error page
      Redirect: "Blocked by SG"
      Log: Checked

      Times
      Nothing modified here - No custom settings

      Rewrites
      Nothing modified here - No custom settings

      Blacklist:
      http://www.shallalist.de/Downloads/shallalist.tar.gz

      The problem is that the filter doesnt work at all.  No exceptions, nothing works. The pfsense log is empty from squid errors, the squid log is being populated with entries which seems to indicate that the squid cache actually works, but the squidguard log is totally empty, even if I try to access pages with banned keywords.

      Not sure why its not working.  At least, how can I confirm without a doubt that the squid proxy server really works?

      1 Reply Last reply Reply Quote 0
      • P
        pftdm007
        last edited by

        I actually tried to download a large file, let the download finish and tried to download the same file again, noticed a very marginal difference in speed (575kb/s the first round, about 615kb/s the second round)..  So I think squid actually doesnt work or doesnt work well..

        The logs are actually being populated real time, except for downloaded files.  Maybe this is normal in squid?

        1 Reply Last reply Reply Quote 0
        • C
          C0RR0SIVE
          last edited by

          Have you checked the integrations field on squid located under the general tab to make sure squidguard is there?  What version of Squid and Squidguard are you using?

          What version of PFSense as well?  I didn't think transparent worked properly in 2.2.x versions?

          I also suggest turning off the AV… it's horrible from what I can tell, and unless you have a very robust system, it can harm your connection bandwidth when multiple people are doing several things.

          1 Reply Last reply Reply Quote 0
          • P
            pftdm007
            last edited by

            Sorry once again I failed to provide the version numbers…

            pfsense 2.2.6-RELEASE (amd64)
            SG 1.9.18
            squid3 0.4.7

            The integrations field contains the following:

            url_rewrite_program /usr/pbi/squidguard-amd64/bin/squidGuard -c /usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard.conf;url_rewrite_bypass off;url_rewrite_children 16 startup=8 idle=4 concurrency=0
            

            I am not knowledgeable enough with squid to know what this does, so if you spot anything shady, please let me know!  At least, there is some references to squidguard..

            I hope transparent proxy with squid works with 2.2.X otherwise whats the point of having the option to do so?  Plus it worked (somehow and not stable) in older versions of pfsense.

            Regarding the antivirus, pfsense runs on a dual core CPU at 3.2GHz with 12GB RAM… So far it doesnt seem to be hindering bandwidth but I'll try to disable it to see if its faster.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.