Re: [pfSense] HTTP/HTTPS filtering with Pfsense+Squid+Squidguard for cell phones

Past, comers Signed, Benjamin E. Nichols http://www.squidblacklist.org On Oct 19, 2017, at 2:21 PM, Adam Cage wrote: > OK Chris, thanks a lot.I'm using Squid + Squidguard now in transparent > mode. > > HTTPS filter with Squidguard now works OK, but HTTP doesn't. I

Re: [pfSense] HTTP/HTTPS filtering with Pfsense+Squid+Squidguard for cell phones

OK Chris, thanks a lot.I'm using Squid + Squidguard now in transparent mode. HTTPS filter with Squidguard now works OK, but HTTP doesn't. I followed a basic tutorial using port 3128 for HTTP and 3129 for HTTPS, but I can't find solve the problem. Can you suggest me something to review ?

Re: [pfSense] HTTP/HTTPS filtering with Pfsense+Squid+Squidguard for cell phones

> On Oct 19, 2017, at 8:36 AM, Adam Cage wrote: > > Dear Volker and others, > > If I just inspect on host name only, do I have to create a CA and > Certificate to install in the proxy server of pfSense anyway ??? > > Thnks a lot, > > ADAM You do have to create a CA and

Re: [pfSense] HTTP/HTTPS filtering with Pfsense+Squid+Squidguard for cell phones

Dear Volker and others, If I just inspect on host name only, do I have to create a CA and Certificate to install in the proxy server of pfSense anyway ??? Thnks a lot, ADAM 2017-10-12 17:24 GMT-03:00 Volker Kuhlmann : > On Fri 13 Oct 2017 08:15:20 NZDT +1300, Adam Cage

Re: [pfSense] HTTP/HTTPS filtering with Pfsense+Squid+Squidguard for cell phones

Daer Volker, thanks for your great explanation. So I will use the host name only at least for this moment, in order to start some tests. Because we doesn't want to install any certificate in the WiFi clients, we want a 100% transparent connection. Regards, ADAM 2017-10-12 17:24 GMT-03:00

Re: [pfSense] HTTP/HTTPS filtering with Pfsense+Squid+Squidguard for cell phones

On Fri 13 Oct 2017 08:15:20 NZDT +1300, Adam Cage wrote: > This is useful to filter facebook, twitter, gmail and other HTTPS sites, > just taking into account the URL ??? What can't I block for example ??? Look at squidguard rules - they're in 3 sections: hosts only, URLs, and general regexp.

Re: [pfSense] HTTP/HTTPS filtering with Pfsense+Squid+Squidguard for cell phones

Sorry but in case of using SSL Peek/Splice you say I cannot get a standard “site blocked” page, just a broken SSL negotiations for blocked sites. I think I can block URL's and not content into the SSL connections. This is useful to filter facebook, twitter, gmail and other HTTPS sites, just

Re: [pfSense] HTTP/HTTPS filtering with Pfsense+Squid+Squidguard for cell phones

Enable https with splice all on squid in transparent mode On Thu, 12 Oct 2017 at 23:38 Adam Cage wrote: > Thanks to all, you help me a lot... > > Chris, when you said "accept that you aren’t going to be able to do more > than the most basic filtering on HTTPS traffic

Re: [pfSense] HTTP/HTTPS filtering with Pfsense+Squid+Squidguard for cell phones

Thanks to all, you help me a lot... Chris, when you said "accept that you aren’t going to be able to do more than the most basic filtering on HTTPS traffic - that is to say, by IP address or FQDN"...What do you mean exactly ? The IP or FQDN https filtering will be made by Squid or Squidguard in

Re: [pfSense] HTTP/HTTPS filtering with Pfsense+Squid+Squidguard for cell phones

> On Oct 11, 2017, at 1:05 PM, Adam Cage wrote: > > Dear Chris, I need the Squid proxy to filter traffic working with > Squidguard. The guest cell phones will be authenticated to my WiFi, and > after that they can go to HTTP/HTTPS web sites with zero configuration >

Re: [pfSense] HTTP/HTTPS filtering with Pfsense+Squid+Squidguard for cell phones

Of Adam Cage Sent: Wednesday, October 11, 2017 3:06 PM To: pfSense Support and Discussion Mailing List <list@lists.pfsense.org> Subject: Re: [pfSense] HTTP/HTTPS filtering with Pfsense+Squid+Squidguard for cell phones ... Squid also let me have web traffic statistics with it

Re: [pfSense] HTTP/HTTPS filtering with Pfsense+Squid+Squidguard for cell phones

Hi, Op 11-10-2017 om 23:15 schreef Chris Bagnall: On 11 Oct 2017, at 21:05, Adam Cage wrote: Dear Chris, I need the Squid proxy to filter traffic working with Squidguard. The guest cell phones will be authenticated to my WiFi, and after that they can go to HTTP/HTTPS web

Re: [pfSense] HTTP/HTTPS filtering with Pfsense+Squid+Squidguard for cell phones

On 11 Oct 2017, at 21:05, Adam Cage wrote: > Dear Chris, I need the Squid proxy to filter traffic working with > Squidguard. The guest cell phones will be authenticated to my WiFi, and > after that they can go to HTTP/HTTPS web sites with zero configuration > because I can't

Re: [pfSense] HTTP/HTTPS filtering with Pfsense+Squid+Squidguard for cell phones

Dear Chris, I need the Squid proxy to filter traffic working with Squidguard. The guest cell phones will be authenticated to my WiFi, and after that they can go to HTTP/HTTPS web sites with zero configuration because I can't tell my guests to setup a CA certificate, a proxy IP and port in their

Re: [pfSense] HTTP/HTTPS filtering with Pfsense+Squid+Squidguard for cell phones

> On Oct 11, 2017, at 12:54 PM, Adam Cage wrote: > > Dear people, I have pfSense 2.3 with Squid and Squidguard installed. > > I need a transparent proxy in order to let every cell phone that uses the > WiFi service, go to the web without any extra configuration...just go

[pfSense] HTTP/HTTPS filtering with Pfsense+Squid+Squidguard for cell phones

Dear people, I have pfSense 2.3 with Squid and Squidguard installed. I need a transparent proxy in order to let every cell phone that uses the WiFi service, go to the web without any extra configuration...just go to the web in a 100% transparent way. I've read that this is impossible because for