PfSense advanced configuration with SquidGuard and Lightsquid

Here i am explaining how to integrate SquidGuard and Lightsquid  in a pfsense Squid Server.  Earlier we have published an article about the how to setup a proxy with pfSense Firewall distribution. as we know SquidGuard is a URL redirector used to use blacklists with the Squid. Squid can perform better with SquidGuard. LightSquid is one of reporting package available for pfsense. lightsquid is a replacement for MYSAR and SARG.

Install SquidGuard and Lightsquid

Open pfSense webmanager ( type your ipaddress in the addressbar )
Got o System >  Packages
Find packages “squidGuard” and “Lightsquid” install them

Configure SquidGuard

Enable Squid Guard

Go to Services > Proxy Filter

Select check box “Enable” In General settings tab. this will enable SquidGuard

image

Enable blacklists

Next option is to enable blacklist for squidGuard. SquidGUard have some default blacklists. It will be applied automatically
Select Check box to enable blacklists

Add advanced blacklists to SquidGuard

There are many Advanced blacklist data bases like MESD, Shalla’s are available for download. for integrating such blacklists you can give the download-link in this field (Blacklist URL) And click on upload URL. Application will automatically download blacklist database and will be ready to use in ACL ( Access control list  )
Find the appropriate black list and use. Here i am using Shalla’s Blacklist
Shalla’s Blacklist URL : http://www.shallalist.de/Downloads/shallalist.tar.gz

image

Click on save button from “General settings” tab

Default ACL

Now go to second tab (Default). This is the default  access control list. all the requests from source IPs which is not added in Squid Guard ACL will work with this policy. If you are planing for a simple proxy server with a single group you can set your ACL in default itself.
But in many cases we will configure separate ACL depends up on defferent departments and designation. If so only permit Some intranet_sites or some limitted_sites.
Click on  “Destination ruleset “

image

Go to each group and select the Allow / Deny depends your policy
Select “Enable log” and “SAVE”

Destination List

Go to Destinations tab and create some set of domain groups which you want to filter

image

I have some Destination list like Chat_Sites , blocked_sites (Blacklist ), Permitted_sites (whitelist ) ,local_domains ( Intranet ).

Access control list

Go to ACL tab and create policy.  In this window give a name for your policy.
Eg: Managers/Devolepers
Set “Source IP adresses and domains” probably Ip list or subnet
Now select Destination rules ( Allow / Deny )
Select “Enable log” and “SAVE”

After all changes, Go to first tab (General settings) and click the apply button to apply saved changes to SquidGuard.
There are many advanced features like Rewrite, safe search, Time based  ACL, Separate Error Pages for each policy. These all features are easy to implement in just one  or two click. Examples also described in each area of web admin.

Proxy Report Module

LightSquid

Go to Status > Proxy Report
Select the Language
Then select  Report scheme (I am using NovoSea)
Set Refresh sheduler  : Set it as 10 min, So that it will be updated within 10 min. It will reduce the load too.
Now SAVE settings
Make sure that your loging is enabled in Squid service and the directory is “/var/squid/log”
Go to Services > Proxy Server and find “Enabled logging” and “Log store directory”
Select “Lightsquid Report” tab from   Status > Proxy Report to see the access log on web

image

About Albin Sebastian

I am a Technology Blogger, System Administrator by profession and webmaster by passion. Technology blogger, Active in Online and offline tech communities.

Check Also

tcpdump DNS output

vmware data protection (VDP) ip/dns could not be resolved

“ANY” (*) DNS Query is used by VMware Data Protection (VDP) After a VMware migration …

Comments

  1. Hello again
    Followed the above  instructions (squid has changed some of the name tabs).
    from Proxy server: General settings –> Proxy interface must set to LAN, right?
    I started the Squid service, enable logging, clicked on refresh now button, went to Lightsquid report, and I have this error 
    LigthSquid diagnostic.
    Error :
    report folder ‘/var/lightsquid/report’ not contain any valid data! Please run lightparser.pl (and check ‘report’ folder content)
    Please check config file !

    Variable
    value

    $tplpatph
    /usr/local/www/lightsquid/tpl

    $templatename
    base

    $langpatph
    /usr/local/share/lightsquid/lang

    $langname
    eng

    $reportpath
    /var/lightsquid/report

    Access to ‘/var/lightsquid/report’ folder
    yes

    folder content: 

    Also if I enable squid  pfsense cuts everything !!! no internet, I am lookng if I set something wrong
    Thanks for any help

  2. Did you put some value on “Refresh sheduler” field? You need to choose one of the available options in this field (10 min, 20 min, etc). You can’t put “none”.
    Check this.
    Tks