The pfSense Store

Author Topic: Proxy server - access control - blacklist problem  (Read 10238 times)

0 Members and 1 Guest are viewing this topic.

Offline josey

  • Full Member
  • ***
  • Posts: 199
  • Karma: +0/-0
    • View Profile
Re: Proxy server - access control - blacklist problem
« Reply #15 on: November 13, 2008, 06:02:27 am »
ok then,
please put print screen of your configuration, and put, uumm,,,

www.google.com to blacklist

thanks



Offline phantom_cod3r

  • Newbie
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
Re: Proxy server - access control - blacklist problem
« Reply #16 on: June 04, 2009, 12:04:56 pm »
Hello,

I'm having the same issue with Squid; where the black list is not working. I have set "www.google.com" into the black list, and ALL" web traffic gets blocked by Squid even browsing to the GUI itself of PFsense "Localhost" gets blocked, even though I have checked the bypass proxy for local addresses.

I also tested this on the latest platform on PFsense "pfSense 1.2.3-RC1" and the Squid is worst on this one, the tabs are no longer present, there are drop down menus; which are not working on Internet Explorer only on firefox, in addition to the black list not working.  ???

Attached you will find the info of my platform and tests performed. Any help would be appreciated. Thanks!


Offline chudy

  • Full Member
  • ***
  • Posts: 149
  • Karma: +0/-0
    • View Profile
    • lusca for pfsense
Re: Proxy server - access control - blacklist problem
« Reply #17 on: June 07, 2009, 07:19:46 am »
you can always use the Custom Options under General Settings of Proxy Server:
for sample sites: www.youporn.com www.pornhub.com
Code: [Select]
acl blocksite url_regex youporn pornhub; http_access deny blocksite this will only blocked if squid sees in URL youporn or pornhub now what if client will ping youporn.com and use the ip addess in exchange of domain name(youporn.com)...
then use dstdom_regex. But its slower than url_regex.
Code: [Select]
acl blocksite dstdom_regex youporn pornhub; http_access deny blocksite
now its up to you to decide. ;)

This problem is just in GUI but squid 2.6 will always work as it should be. For more info about acl and http_access deny visit the wiki page of www.squid-cache.org

In black list have you tried
Code: [Select]
google;youporn;pornhub it should be with ;
« Last Edit: June 07, 2009, 10:06:25 am by chudy »
currently using lusca-HEAD(patched) for CDN(youtube vidoes) caching, bandwidth throttling(throttle if file is bigger than 32KB) and aggressive caching.

lusca and SRG for pfsense and some patch
http://code.google.com/p/pfsense-cacheboy