pfSense Gold Subscription

Author Topic: SquiGuard allow just the facebook portal of the company?  (Read 172 times)

0 Members and 1 Guest are viewing this topic.

Offline periko

  • Hero Member
  • *****
  • Posts: 1162
  • Karma: +17/-1
  • pheriko
    • View Profile
    • Soporte de Pfsense y Linux
SquiGuard allow just the facebook portal of the company?
« on: November 30, 2017, 12:07:33 pm »
 Hi guys.

 Just wondering, if is possible to allow a user access a specific site inside facebook and block everything else?

 Allow to login but just manage the company site like:

https://www.facebook.com/CompanySite/

Can squid+SquiGuard can do this?

Thanks!!!
Necesitan Soporte de Pfsense en Mexico?/Need Pfsense Support in Mexico?
https://www.facebook.com/BajaOpenSolutions
Estamos en Tijuana, pero no es obstaculo para brindarte nuestro servicio.
We are in Tijuana, but is not an obstacle to give you support.

Offline KOM

  • Hero Member
  • *****
  • Posts: 5402
  • Karma: +671/-19
    • View Profile
Re: SquiGuard allow just the facebook portal of the company?
« Reply #1 on: November 30, 2017, 12:31:51 pm »
Yes.

Offline periko

  • Hero Member
  • *****
  • Posts: 1162
  • Karma: +17/-1
  • pheriko
    • View Profile
    • Soporte de Pfsense y Linux
Re: SquiGuard allow just the facebook portal of the company?
« Reply #2 on: November 30, 2017, 12:47:08 pm »
 Hi KOM.

 Can u please provide a details what I have to do?

 I will appreciated, thanks.
Necesitan Soporte de Pfsense en Mexico?/Need Pfsense Support in Mexico?
https://www.facebook.com/BajaOpenSolutions
Estamos en Tijuana, pero no es obstaculo para brindarte nuestro servicio.
We are in Tijuana, but is not an obstacle to give you support.

Offline KOM

  • Hero Member
  • *****
  • Posts: 5402
  • Karma: +671/-19
    • View Profile
Re: SquiGuard allow just the facebook portal of the company?
« Reply #3 on: November 30, 2017, 01:57:45 pm »
Services - Squidguard - Target Categories.  Create a category called Whitelist for example.  Add your URL to the URL list box.  Then edit either the Common ACL or Group ACL (depending if you want this to affect everyone or just specific users) Target Rules to allow the Whitelist category.

Offline periko

  • Hero Member
  • *****
  • Posts: 1162
  • Karma: +17/-1
  • pheriko
    • View Profile
    • Soporte de Pfsense y Linux
Re: SquiGuard allow just the facebook portal of the company?
« Reply #4 on: November 30, 2017, 03:09:26 pm »
I had add my Target with my URL:

www.facebook.com/MyCompany/

I had whitelist in my ACL Group.

But my ACL SocialNet is deny, them SG block my Target.

Code: [Select]
www.facebook.com:443 Request(RH/blk_BL_socialnet/-) equezada CONNECT REDIRECT
SG config:

Code: [Select]
pass FB whitelist !in-addr !blacklist !blk_BL_anonvpn !blk_BL_porn !blk_BL_socialnet blk_BL_searchengines all
Any tip to share?

Thanks.
Necesitan Soporte de Pfsense en Mexico?/Need Pfsense Support in Mexico?
https://www.facebook.com/BajaOpenSolutions
Estamos en Tijuana, pero no es obstaculo para brindarte nuestro servicio.
We are in Tijuana, but is not an obstacle to give you support.

Offline KOM

  • Hero Member
  • *****
  • Posts: 5402
  • Karma: +671/-19
    • View Profile
Re: SquiGuard allow just the facebook portal of the company?
« Reply #5 on: November 30, 2017, 03:47:07 pm »
I think you have to set your whitelist category to whitelist instead of allow under Target Rules to ignore other blocks.

Offline periko

  • Hero Member
  • *****
  • Posts: 1162
  • Karma: +17/-1
  • pheriko
    • View Profile
    • Soporte de Pfsense y Linux
Re: SquiGuard allow just the facebook portal of the company?
« Reply #6 on: November 30, 2017, 05:25:05 pm »
Not working, I had different combination, allow, whitelist, but SG is not accepting my url:

Code: [Select]
www.facebook.com/my-company/
Squid cache log say:

Code: [Select]
2017/11/30 15:12:50 kid1| ERROR: URL-rewrite produces invalid request: GET ERR HTTP/1.1
Looks like this is the reason SG jump to the block domains socialnet.

SG is not accepting my URL.

I will continue, if someone has something to add welcome, thanks KOM.
Necesitan Soporte de Pfsense en Mexico?/Need Pfsense Support in Mexico?
https://www.facebook.com/BajaOpenSolutions
Estamos en Tijuana, pero no es obstaculo para brindarte nuestro servicio.
We are in Tijuana, but is not an obstacle to give you support.

Offline KOM

  • Hero Member
  • *****
  • Posts: 5402
  • Karma: +671/-19
    • View Profile
Re: SquiGuard allow just the facebook portal of the company?
« Reply #7 on: December 01, 2017, 03:19:15 pm »
I don't know if it makes a difference, but the examples do not have the trailing slash.

Try www.facebook.com/my-company instead of www.facebook.com/my-company/.

Offline periko

  • Hero Member
  • *****
  • Posts: 1162
  • Karma: +17/-1
  • pheriko
    • View Profile
    • Soporte de Pfsense y Linux
Re: SquiGuard allow just the facebook portal of the company?
« Reply #8 on: December 01, 2017, 07:53:56 pm »
I had try both, looks like pfsense+squid+squidguard have something wrong with this part. ???
Necesitan Soporte de Pfsense en Mexico?/Need Pfsense Support in Mexico?
https://www.facebook.com/BajaOpenSolutions
Estamos en Tijuana, pero no es obstaculo para brindarte nuestro servicio.
We are in Tijuana, but is not an obstacle to give you support.