SquidGuard ACL Order



  • Hi for all.
    Is about the SquidGuard. If i understand, in ACL in SquidGuard, the acls have action when in order. So, the problem is. The first acl have some sites like orkut and youtube. The third have just bloqued categories. In first ACL, default access is allow, but in that, the second and third list is ignored. But, if i change to deny in first ACL, no pages are browserable, just get browsing in pages inside registered. Attach is the print screen.





  • Each ACL contains self full ruleset. Each ACL defined only for his 'Sources'. Client processed first-mach ACL from list, or with Default ACL, if not found suitable ACL. Not one of the clients can not be processed by several ACL, only one suitable.
    ACL order need for define VIP-ACL for Source from common list
    fo example
    0 - source 10.0.0.200 - director
    1 - source 10.0.0.0/30 - IT department
    3 - source 10.0.0.0/24 - all my subnet
    DEFAULT…....................................



  • i think i made a bad expression. In the truth, i want change the Destination order to my custom list come before others destinations in the acl.



  • @freebee:

    i think i made a bad expression. In the truth, i want change the Destination order to my custom list come before others destinations in the acl.

    It's possible. Use 'white'(whitelist) for hi-level proirity for rule.
    Rules order ->-[deny]->-[allow]->-[last default=allo/deny]
    If you want exclude some sites from blacklist need define self Destination rule and select 'white' for him in ACL.



  • how i can do that trought squidguard gui in pfsense?



  • @freebee:

    how i can do that trought squidguard gui in pfsense?

    In ACL select 'white' for you destination rule.



  • i got it… thanks a lot.


Log in to reply