Menu
Here i am explaining how to integrate SquidGuard and Lightsquid in a pfsense Squid Server. Earlier we have published an article about the how to. As we know SquidGuard is a URL redirector used to use blacklists with the Squid.
Squid can perform better with SquidGuard. LightSquid is one of reporting package available for pfsense. Lightsquid is a replacement for MYSAR and SARG. Install SquidGuard and LightsquidOpen pfSense webmanager ( type your ipaddress in the addressbar )Got o System PackagesFind packages “squidGuard” and “Lightsquid” install themConfigure SquidGuard Enable Squid GuardGo to Services Proxy FilterSelect check box “Enable” In General settings tab. This will enable SquidGuardEnable blacklistsNext option is to enable blacklist for squidGuard. SquidGUard have some default blacklists.
Jump to Configuring SquidGuard Filtering - Now thats is the proxy server configured, next we are going to configure SquidGuard, click on the Services menu. I used TcpView on Windows to see what ports are opend when i start a.
It will be applied automaticallySelect Check box to enable blacklists Add advanced blacklists to SquidGuardThere are many Advanced blacklist data bases like MESD, Shalla’s are available for download. For integrating such blacklists you can give the download-link in this field (Blacklist URL) And click on upload URL. Application will automatically download blacklist database and will be ready to use in ACL ( Access control list )Find the appropriate black list and use. Here i am using Shalla’s BlacklistShalla’s Blacklist URL:Click on save button from “General settings” tab Default ACLNow go to second tab (Default). This is the default access control list. All the requests from source IPs which is not added in Squid Guard ACL will work with this policy.
If you are planing for a simple proxy server with a single group you can set your ACL in default itself.But in many cases we will configure separate ACL depends up on defferent departments and designation. If so only permit Some intranetsites or some limittedsites.Click on “Destination ruleset “Go to each group and select the Allow / Deny depends your policySelect “Enable log” and “SAVE” Destination ListGo to Destinations tab and create some set of domain groups which you want to filterI have some Destination list like ChatSites, blockedsites (Blacklist ), Permittedsites (whitelist ),localdomains ( Intranet ). Access control listGo to ACL tab and create policy. In this window give a name for your policy.Eg: Managers/DevolepersSet “Source IP adresses and domains” probably Ip list or subnetNow select Destination rules ( Allow / Deny )Select “Enable log” and “SAVE”After all changes, Go to first tab (General settings) and click the apply button to apply saved changes to SquidGuard.There are many advanced features like Rewrite, safe search, Time based ACL, Separate Error Pages for each policy. These all features are easy to implement in just one or two click. Examples also described in each area of web admin.
![Sserver Sserver](/uploads/1/2/5/6/125662039/280024614.png)
Proxy Report Module LightSquidGo to Status Proxy ReportSelect the LanguageThen select Report scheme (I am using NovoSea)Set Refresh sheduler: Set it as 10 min, So that it will be updated within 10 min. It will reduce the load too.Now SAVE settingsMake sure that your loging is enabled in Squid service and the directory is “/var/squid/log”Go to Services Proxy Server and find “Enabled logging” and “Log store directory”Select “Lightsquid Report” tab from Status Proxy Report to see the access log on web2010-12-21. Hello againFollowed the above instructions (squid has changed some of the name tabs).from Proxy server: General settings – Proxy interface must set to LAN, right?I started the Squid service, enable logging, clicked on refresh now button, went to Lightsquid report, and I have this errorLigthSquid diagnostic.Error: report folder ‘/var/lightsquid/report’ not contain any valid data! Please run lightparser.pl (and check ‘report’ folder content)Please check config file!Variablevalue$tplpatph/usr/local/www/lightsquid/tpl$templatenamebase$langpatph/usr/local/share/lightsquid/lang$langnameeng$reportpath/var/lightsquid/reportAccess to ‘/var/lightsquid/report’ folderyesfolder content:Also if I enable squid pfsense cuts everything!!!
![How How](http://www.pihomeserver.fr/wp-content/uploads/2015/08/raspberry-pi-squid-squidguard-filtering.png)
No internet, I am lookng if I set something wrongThanks for any help.