Squidguard updating Carolyn Murray
Here i am explaining how to integrate SquidGuard and Lightsquid in a pfsense Squid Server. Earlier we have published an article about the how to setup a proxy with pfSense Firewall distribution. as we know SquidGuard is a URL redirector used to use blacklists with the Squid. Squid can perform better with SquidGuard. LightSquid is one of reporting package available for pfsense. lightsquid is a replacement for MYSAR and SARG.
Install SquidGuard and Lightsquid
Open pfSense webmanager ( type your ipaddress in the addressbar )
Got o System > Packages
Find packages “squidGuard” and “Lightsquid” install them
Enable Squid Guard
Go to Services > Proxy Filter
Select check box “Enable” In General settings tab. this will enable SquidGuard
Next option is to enable blacklist for squidGuard. SquidGUard have some default blacklists. It will be applied automatically
Select Check box to enable blacklists
Add advanced blacklists to SquidGuard
There are many Advanced blacklist data bases like MESD, Shalla’s are available for download. for integrating such blacklists you can give the download-link in this field (Blacklist URL) And click on upload URL. Application will automatically download blacklist database and will be ready to use in ACL ( Access control list )
Find the appropriate black list and use. Here i am using Shalla’s Blacklist
Shalla’s Blacklist URL : http://www.shallalist.de/Downloads/shallalist.tar.gz
Click on save button from “General settings” tab
Now go to second tab (Default). This is the default access control list. all the requests from source IPs which is not added in Squid Guard ACL will work with this policy. If you are planing for a simple proxy server with a single group you can set your ACL in default itself.
But in many cases we will configure separate ACL depends up on defferent departments and designation. If so only permit Some intranet_sites or some limitted_sites.
Click on “Destination ruleset “
Go to each group and select the Allow / Deny depends your policy
Select “Enable log” and “SAVE”
Go to Destinations tab and create some set of domain groups which you want to filter
I have some Destination list like Chat_Sites , blocked_sites (Blacklist ), Permitted_sites (whitelist ) ,local_domains ( Intranet ).
Access control list
Go to ACL tab and create policy. In this window give a name for your policy.
Set “Source IP adresses and domains” probably Ip list or subnet
Now select Destination rules ( Allow / Deny )
Select “Enable log” and “SAVE”
After all changes, Go to first tab (General settings) and click the apply button to apply saved changes to SquidGuard.
There are many advanced features like Rewrite, safe search, Time based ACL, Separate Error Pages for each policy. These all features are easy to implement in just one or two click. Examples also described in each area of web admin.
Proxy Report Module
Go to Status > Proxy Report
Select the Language
Then select Report scheme (I am using NovoSea)
Set Refresh sheduler : Set it as 10 min, So that it will be updated within 10 min. It will reduce the load too.
Now SAVE settings
Make sure that your loging is enabled in Squid service and the directory is “/var/squid/log”
Go to Services > Proxy Server and find “Enabled logging” and “Log store directory”
Select “Lightsquid Report” tab from Status > Proxy Report to see the access log on web