Installation and configuration of SquidGuard
Go back to the package manager and install SquidGuard. Successful installation will add the SquidGuard Proxy Filter menu item under Services. Figure 6 details the required configuration items.
For SquidGuard to filter out the unnecessary websites, a blacklist will have to be configured and updated periodically. This is possible from Services – SquidGuard Proxy Filter – Blacklist options. One of the most widely used blacklist URL is http://www.shallalist.de/Downloads/shallalist.tar.gz. Please read the terms and conditions of using the Shallalist website beforehand.
Before continuing further, please go through the steps detailed at the end of this article to overcome the known issues associated with Squid and SquidGuard.
Continue to update the blacklist from the Services – SquidGuard Proxy Filter – Blacklist menu by clicking on the Download button. Once this download is completed, as a primary configuration, go to the Services – SquidGuard Proxy Filter – Common ACL menu, select the Expand Target Rules Lists by clicking the ‘+’ button, deny access for unwanted target categories such as gambling, porn, etc. Then click on Save. See Figure 7 for this configuration example.
Once configured, implement this configuration by clicking the ‘Apply’ button from the Services – SquidGuard Proxy Filter – General menu.
Verify that the filtering is working properly by opening one of the blocked sites in the Web browser. The browser should give a Request denied error along with the reason and client IP address. This unauthorised access attempt is also logged and can be viewed from SquidGuard Proxy Filter – Logs. issue of SquidGuard not able to auto restart after system reboot are available at: https://forum.pfsense.org/index. php?topic=94312.0
For the ready reference of users, the steps from this discussion are detailed below. 1. Login to your pfSense computer using
SSH and monitor cache log: 2. In the proxy filter SquidGuard/target categories, define a dummy custom target category. Name: Dummy. Description: Dummy custom target category (Fix: Squid and SquidGuard are not set to auto start after reboot). The remaining parameters are blank. 3. In the proxy filter SquidGuard/Common Access Control List, in Target Rules, find your dummy target category and set access to Deny to create the missing blacklist directory. 4. Go to General Settings and select Apply to activate the
configuration update. 5. Your monitoring tail of cache.log will immediately start to scroll, indicating successful implementation of the workaround. It is advisable to do a configuration backup (diagnostics/ backup/restore). 7. Do a system restart and validate that Squid and
SquidGuard services now successfully auto-start. 6.