You can check http://www.netfilter.com.br for a web filter for pfsense
> Yea, I had the same problem. > It _was_ supposably fixed once.. > > This is an older letter from Michael Capp (was he the one taking care > of the squid package?) > --> > This issue has been resolved in what will be the next release. There > were actually two bugs causing this. The first is that pf_networks > was sometimes defined twice due to duplicate lines of code. The > second is that in attempting to duplicate this, squid did not seem to > like multiple acl's defined on an http_access allow line; therefore, > in the new code I split this out on a per line basis and also add > "http_access deny !pf_networks" to better handle the properly allowed > network. In the testing I've been able to do, this seemed to resolve > it. So now, your squid.conf will read similar to this if you have > networks defined: > > #GUI admin to allow local connections > http_access allow pf_ips > http_access allow pf_admin_port > http_access deny !pf_networks > > On 4/26/06, Gary Buckmaster <[EMAIL PROTECTED]> wrote: >> Is this the bug where it accidentally defines an ACL called "all" as the >> same network/netmask as the LAN? If so, I swear I thought that was >> fixed. >> >> Charles Sprickman wrote: >> > On Mon, 24 Apr 2006, Gary Buckmaster wrote: >> > >> >> Charles, >> >> >> >> The Squid package was started by someone who stubbed in a lot of >> >> functionality and then promptly fell off the face of the earth. As a >> >> result, a lot of what's in the user interface including the tie-in to >> >> squidGuard isn't there. That's not to say that you couldn't install >> >> squidGuard on your pfSense box and manually configure it, but the >> >> WebGUI is incomplete at this time. >> > >> > It looks like it might be a good idea to mark this one broken. I'm >> > not much of a squid expert, but it looks like if you use it in it's >> > default config with the acl rules that the php page builds it blocks >> > all access... >> > >> > I'll have to revisit it after I digest squid.conf some more. >> > Hopefully I can come up with a working config and inject that into the >> > existing package. >> > >> > Charles >> > >> >> -Gary >> >> >> >> Charles Sprickman wrote: >> >>> Hi all, >> >>> >> >>> I'm running RELENG_1_SNAPSHOT_04-12-2006 and am very happy with it. >> >>> Traffic shaping (one of my main concerns since I do lots of VoIP) is >> >>> working great for me. >> >>> >> >>> I installed the squid package (2.5.12.1) just to play with it and >> >>> perhaps do some network-wide URL blocking for ads. When I go to >> >>> "Services->Squid" there's a checkbox that is labelled "URL Filtering >> >>> Enabled". There's also an explanation next to it: >> >>> >> >>> "This enables the advanced functionality in conjunction with >> >>> squidGuard to provide an array of URL filtering options. This >> >>> squidGuard functionality can be additionally configured from >> >>> Services -> Advanced Proxy Filtering" >> >>> >> >>> I don't see any "Advanced Proxy Filtering" link under the services >> >>> menu. Am I missing something, or is this feature just not here yet? >> >>> >> >>> That also brings up a very general question... There's a few things >> >>> that I'd like to twiddle besides the squid config, including an >> >>> "illegal" dhcp setup where I hand my laptop the same IP via wired or >> >>> wireless. What are the plans, if any, to allow a user to override >> >>> the pfsense-generated configs? >> >>> >> >>> Thanks, >> >>> >> >>> Charles >> >>> >> >>> ___ >> >>> Charles Sprickman >> >>> NetEng/SysAdmin >> >>> Bway.net - New York's Best Internet - www.bway.net >> >>> [EMAIL PROTECTED] - 212.655.9344 >> >>> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> > > > -- > Szasz-Revai Endre > Str. Marasesti No. 7 > 551058 Medias, Jud. Sibiu > Tel: +(40) 745 308638 > Email: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
