On Thu, Jul 17, 2014 at 12:13 PM, Dean Landry <[email protected]> wrote:
> Thanks Moshe, > > I've run squidGuard via ssh as suggested and get the correct URL. So it's > something other than SquidGuard. I noticed that any new URLs I try seem to > be correctly redirected. Could it be that Squid itself is caching the > response from when my configuration was previously broken? > > Thanks, > Dean > > > On Thu, Jul 17, 2014 at 12:00 PM, Moshe Katz <[email protected]> wrote: > >> The first thing you can check is whether the error is being introduced in >> SquidGuard itself or later in the stack. >> >> Run "/usr/pbi/squidguard-squid3-amd64/bin/squidGuard -c >> /usr/pbi/squidguard-squid3-amd64/etc/squidGuard/squidGuard.conf" in a shell >> (console or SSH) and pass those URLs to it to see the raw output that >> SquidGuard is sending back. If they are correct there, then you can narrow >> down the problem to Squid or something else in pfSense. If you get the >> wrong URLs in the she'll output, them it's something with your SquidGuard >> configuration. >> >> I don't see anything offhand with either configuration that looks wrong, >> so this will tell you where to focus. >> >> Moshe >> >> (On a mobile device - sorry for top-posting.) >> On Jul 17, 2014 8:54 AM, "Dean Landry" <[email protected]> wrote: >> >>> Hello, >>> >>> We have configured pfSense with Squid3 and SquidGuard in order to do >>> content filtering. We have blocked several categories and also have a set >>> of manually blocked URLs. If I attempt to go to a manually blocked URL, I >>> am correctly redirected to the sgerror page: >>> >>> >>> https://10.10.10.1/sgerror.php?url=403%20&a=10.0.0.100&n=&i=&s=default&t=Manual_Blacklist&u=http://eztv.it/ >>> >>> However when I go to a page blocked by a category, it doesn't give the >>> correct redirect link (resulting in a 404 error): >>> >>> >>> https://10.10.10.1/sgerror.php&a=10.0.0.100&n=&i=&s=default&t=blk_blacklists_adult&u=http://sex.com/ >>> >>> It is stripping the "?url=403%20" which breaks the link. >>> >>> Looking at the filter config, it seems odd that the redirect URLs are >>> "http" on port 443. The resulting page is https without the port indicated. >>> >>> Here is my Filter config: >>> >> [SNIP] > And here is my Proxy Config: >>> >> [SNIP] > cache_dir ufs /var/squid/cache 1024 16 256 >>> >>> I've tried uninstalling and reinstalling the squidGuard package, but I >>> don't think that reset any options to fix anything. Can someone recommend >>> where to start troubleshooting this? >>> >>> Thanks, >>> Dean >>> >> Dean, Given that Squid is first and foremost a caching system, I would guess that it does cache the SquidGuard results. I don't know for sure though, but there's an easy way to check - look at the "/var/squidGuard/log/block.log" file and see how many times the requests show up. If they don't show up as many times as you did them, or if you do new requests and you get redirected but they don't show up in the log, then Squid is obviously caching the results. Moshe -- Moshe Katz -- [email protected] -- +1(301)867-3732
_______________________________________________ List mailing list [email protected] https://lists.pfsense.org/mailman/listinfo/list
