Netgate SG-1000 microFirewall

Author Topic: Complete noob question regarding Squid Proxy  (Read 862 times)

0 Members and 1 Guest are viewing this topic.

Offline jochen00

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Complete noob question regarding Squid Proxy
« on: July 20, 2016, 01:07:03 am »
Hi people,

I'm a complete noob when it comes down to pfsense, I only have basic network and IT understanding.
Yet I had to put a pfsense server behind our companies social network and install captive portal and freeradius so I could monitor the bandwidth usage cause we are limited in the scenario we work in.

Anyhow everything works as it should (atleast as far as I know), people can't access the internet without logging in with a login that I gave them.
Using Squid Proxy reports I can check which IP used X amount of bandwidth.

Yet I did some tests myself downloading torrents for about 3 GB, and none of that showed up on the Squid Proxy report.
Everything is behind the Pfsense, how is this possible?
I thought I was able to see everyones internet usage but apperently not everything shows up, anyway I can solve this?


Thanks in advance

Offline demco

  • Jr. Member
  • **
  • Posts: 41
  • Karma: +5/-0
    • View Profile
Re: Complete noob question regarding Squid Proxy
« Reply #1 on: July 20, 2016, 01:41:46 am »
Squid proxy only track http & https traffic, even https traffic are also limited.

You mentioned radius server has been setup, did you enable radius accounting?

Radius accounting should give you total amount of traffic used per session for each user. But it won't provide a break down of how much was for youtube, torrent etc. For this you will need application awareness, not sure pfSense has any existing package that can provide this.

Offline jochen00

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Re: Complete noob question regarding Squid Proxy
« Reply #2 on: July 20, 2016, 12:01:07 pm »
Yes, Accounting has been set up.
I assume the use of accounting is that everyone gets their own personal login?

The thing is where can I check the total bandwidth usage per 'account' then.
Opening squid proxy it gives me a 'total bandwidth usage' of an IP address, which I can look up and link to a user then, but as you said, not all bandwidth is checked there.

Thanks

Offline demco

  • Jr. Member
  • **
  • Posts: 41
  • Karma: +5/-0
    • View Profile
Re: Complete noob question regarding Squid P
« Reply #3 on: July 20, 2016, 06:02:09 pm »
For total bandwidth usage per account / user, put aside squid - it cannot provide this information.

Look for this in your freeradius setup, in the accounting section.

Haven't work with pfsense's freeradius package before, normally build freeradius from source on dedicated server. So unable to point you to specific page on the webUI for this information, maybe you can start a post for specific help on freeradius?

One thing to remember, make sure your captive portal is properly configured to send accounting data to freeradius. Freeradius will have nothing to work with if your CP is not providing useful data.

Offline 1001

  • Newbie
  • *
  • Posts: 9
  • Karma: +1/-0
    • View Profile
Re: Complete noob question regarding Squid Proxy
« Reply #4 on: July 22, 2016, 06:18:18 pm »
You can't account for torrent files, but you could throttle them to prevent people racking up bandwidth on these time wasting files.