pfSense bugtracker: Issueshttps://redmine.pfsense.org/https://redmine.pfsense.org/favicon.ico?16780521162023-01-12T09:46:50ZpfSense bugtracker
Redmine pfSense Packages - Feature #13863 (New): squidguard auto update blacklisthttps://redmine.pfsense.org/issues/138632023-01-12T09:46:50ZMustafa Avcı
<p>Instead of creating a custom cron job none, auto update with a dropdown for daily, weekly, biweekly or monthly updates would be nice</p> pfSense Packages - Bug #13421 (New): Stunnel certificate does not refreshhttps://redmine.pfsense.org/issues/134212022-08-16T21:11:42ZA Schnee
<p>I use stunnel with ACME certificates which expires every 90 days. When the certificate is 6í days old ACME auto refreshes the certificate. Unfortunately stunnel does not pick up this change. When opening the stunnel config page the certificate are shown but they are not refreshing even on restart of the stunnel service.</p>
<p>The only way i found to refresh is to connect via ssh, go to /usr/local/etc/stunnel and delete the corresponding pem files. After that on the gui open open one of the stunnel configs and save. THis will copy the new cert files from /conf/acme directory to the stunnel directory.</p>
<p>I have to repeat the above steps every time the cert expires. I would expect stunnel to use the certificate from it's original location (/conf/acme), thus it would update the new certificate on service restart.</p>
<p>Stunnel version: 5.50_11<br />PFSense version: 2.6.0-RELEASE (amd64)</p> pfSense Packages - Bug #13412 (New): SquidGuard, Rewrite rules, only one sub-rule will work if mo...https://redmine.pfsense.org/issues/134122022-08-13T01:21:21ZUserPfbUg User
<p>So, SquidGuard - Rewrites<br />If we create a new rewrite rule, add 1 rewrite condition and save it, Apply, it works fine, we can also check SquidGuard - Log - Filter config, we can see the rewrite rule we have created.</p>
<p>However, if we add more conditions in the same rewrite rule, and if we go to SquidGuard - Log - Filter config and check again, there will always be only 1 condition under the rule which we have defined.</p>
<p>So,</p>
<p>Instead of</p>
<p>rew app_p {<br /><a class="email" href="mailto:s@11.22.33.44">s@11.22.33.44</a>@example1.com@ir<br /><a class="email" href="mailto:s@11.22.33.55">s@11.22.33.55</a>@example2.com@ir<br />log block.log<br />}</p>
<p>We only get</p>
<p>rew app_p {<br /><a class="email" href="mailto:s@11.22.33.55">s@11.22.33.55</a>@example2.com@ir<br />log block.log<br />}</p>
<p>OR</p>
<p>rew app_p {<br /><a class="email" href="mailto:s@11.22.33.44">s@11.22.33.44</a>@example1.com@ir<br />log block.log<br />}</p>
<p>No matter hoe many conditions we add to the rule, there will only be one condition show here, which eventually effects how the condition works, because all other conditions defined in the rule are ignored, only the shown one will work.</p>
<p>Will someone be able to fix this bug?</p> pfSense Packages - Bug #13141 (New): wrong page squidguard block https://redmine.pfsense.org/issues/131412022-05-09T17:33:52ZRobson Ferreira
<p>when i using squid+squidguard, a few versions before I could use redirect mode external url move.<br />So there i was putting page to redirect and its works.<br />But now when i put page, if i check on squidguard file there are redirect 302, but before wasnt .<br />look the picture</p> pfSense Packages - Feature #12491 (New): squidguard: allow multiple regexhttps://redmine.pfsense.org/issues/124912021-10-28T15:30:01ZJesse Norelljesse@kci.net
<p>When adding a Target category, please allow multiple lines in the 'Regular Expression' list. The upstream squidguard supports that ("The expressionlist file format is lines with regular expressions as described in regex(5)"), but the pfsense squidGuard package strips the newlines out.</p> pfSense Packages - Feature #11784 (New): squidguard auto update blacklist optionhttps://redmine.pfsense.org/issues/117842021-04-06T01:53:14Zageekhere ageekhere
<p>Would be nice to have an auto update blacklist option with a drop down menu for none, daily, weekly, fortnightly or monthly updates instead of creating a custom cron job.</p> pfSense Packages - Bug #10994 (New): SquidGuard Blacklists Restore Default button does not workhttps://redmine.pfsense.org/issues/109942020-10-20T11:09:49ZConstantine Kormashev
<p>If SquidGuard/Blacklists Blacklist Update field is empty then clicking Restore Default restores nothing and generates an error message:<br /><pre>
Restore default blacklist DB.
Restore error: File /var/db/squidGuard.sample or /usr/local/etc/squidGuard/blacklist.files not found.
</pre><br />It does not matter enabled SquidGuard/Squid or not.<br />Tried on 2.4.5-p1 ARM and Intel</p> pfSense Packages - Feature #10865 (New): squidGuard lacks options to send traffic action logs to ...https://redmine.pfsense.org/issues/108652020-09-04T21:55:01ZKris Phillips
<p>squidGuard has options to send logs to squid's logs, but these don't seem to arrive at a syslog server and are only logged locally.</p>
<p>squidGuard has an option for "enable syslog" that can be added to the SquidGuard.conf file, but it's value is overwritten when any changes are made to the squidGuard config from the GUI.</p>
<p>It would be helpful if the logs sent to squid could be shuttled off via syslog messages or if squidGuard could send its logs directly.</p> pfSense Packages - Bug #9286 (New): squidGuard - Unable to change IP for sgerror.php URL in confi...https://redmine.pfsense.org/issues/92862019-01-22T12:13:21ZKris Douglas
<p>There is an issue with squidGuard where a user is not able to specify the address that squidGuard provides the client machine on the event that a page has been blocked. If said address differs from the LAN IP on port 80, you are not able to serve errors to users.</p>
<p>(For example in the situation where there is a network being filtered with users on it that differs to the LAN, and you do not wish to have a route through, the error pages do not work). Can be fixed by editing config file but these are reset on reboot.</p> pfSense Packages - Bug #9025 (New): SquidGard + Target categorieshttps://redmine.pfsense.org/issues/90252018-10-08T01:00:25ZIssa Jacamanjacaman.issa@gmail.com
<p>Hello,</p>
<p>An error occurs after applying the changes to SquidGard when:<br />Removing an unwanted target category from "Target Categories" tab that is already applied to a curtain group(s) ACL with "whitelist, deny or allow",<br />The error is:<br />(A5) ACL 'Group_ACL_Name' error: destination name 'Target_Category' not found.</p>
<p>To bypass this error, The unwanted target category should be first changed to "---" in the "Group(s) ACL", then applying the changes to SquidGard.</p> pfSense Packages - Bug #8827 (New): Squidguard: ACL redirect modes 'redirect' and 'err page' send...https://redmine.pfsense.org/issues/88272018-08-24T12:40:47ZSteve Wheeler
<p>Squid running in bump mode. Though that should not affect this.</p>
<p>When configuring Common or Group ACLs or applying the redirect to a specific target catagory setting the redirect modes ''redirect' and 'err page'results in a bad URL being passed to the client.</p>
<p>If an https URL is entered the resulting client error is:<br /><pre>
The following error was encountered while trying to retrieve the URL: https://https/*
Unable to determine IP address from host name https
</pre></p>
<p>Choosing redirect mode 'url move' which sends a 301 to the client allows the error page to be shown as expected.</p> pfSense Packages - Bug #8752 (New): For SquidGuard in "Common ACL" menu "Target Rules List" "acce...https://redmine.pfsense.org/issues/87522018-08-06T05:17:47ZAzamat Khakimyanov
<p>I tried on 2.4.4-DEV 20180801 and 20180805 with the same result</p>
<p>I created Target Category "BlockSomeSites", then in Common ACL menu I chose "Deny" action for my category <br />and "Allow" for 'Default access[all]' but after pressing "Save" "access" option for my category was again with default value '---'.<br />Anyway my "BlockSomeSites" works and sites from this list are not available.<br />Screenshots are attached.</p>
<p>On 2.4.3_p1 I didn't see this issue: after choosing "Deny" action for my Target category and pressing "Save", "access" option for my category was "Deny" as it has to be.</p> pfSense Packages - Bug #6521 (New): pfsense 2.3.1 squidguard -> Groups ACL -> Target Rules List m...https://redmine.pfsense.org/issues/65212016-06-22T05:28:26ZLars Heer
<p>The clickable "Target Rules List" field in menu "Groups ACL" disappears if more than 3 "Target categories" are defined.</p>
<p>You will not be able to set a valid Target Rule then.</p>
<p>!all will be set automatically... (which results in none... in the config file).</p>
<p>Currently I edited the config files by using vi...</p> pfSense Packages - Bug #6471 (New): pfsense 2.3.1 squidguard -> common ACL -> Target Rules List m...https://redmine.pfsense.org/issues/64712016-06-08T16:03:20ZLars Heer
<p>The clickable "Target Rules List" field in menu "common ACL" disappears if more than 7 "Target categories" are defined.</p> pfSense Packages - Bug #4088 (Feedback): Buggy squidgurd config file is createdhttps://redmine.pfsense.org/issues/40882014-12-09T05:44:19ZVolker Kuhlmannlist0570@top.geek.nz
<p>The config file that is generated for squidguard 1.4_4 pkg v.1.9.6 is buggy in two ways, leading to unexpected and dangerous behaviour.</p>
<p>1) Do not write out sources for disabled ACLs, or squidguard treats these<br />sources as "always pass"!</p>
<p>2) Squidguard doesn't know log statements in the action block for sources in the<br />acl block.</p>
<p>Patch attached.</p>