Project

General

Profile

Actions
Copy link

Bug #13879

closed

Squid blacklist definition causing issues.

Added by Peter Moreno over 2 years ago. Updated over 2 years ago.

Status:
Not a Bug
Priority:
Normal
Assignee:
-
Category:
Squid
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Affected Version:
2.7.x
Affected Plus Version:
Affected Architecture:
amd64

Description

Hello.

Working with pfsense 2.7-dev for some months and is going solid, excellent work team.
Now I face a issue that was causing me some headache, checking more depth the config from squid and looks like I found the issue.
I'm trying to block some domains related to adults sites like:

.party
.porn
.xxx
.vip
.me

I put this domains in my blacklist field in the squid GUI section ACL.

But my surprise is that one domain from a government dependency stop working, I check the logs and see that squid start blocking the site with a DENIED:

192.168.9.100 TCP_DENIED/000 0 CONNECT 187.218.29.164:443 - HIER_NONE/- -

The site is: dof.gob.mx, see attachment please.

Why?

I went to my squid.conf and found the line:

acl blacklist dstdom_regex -i "/var/squid/acl/blacklist.acl"

I have been working with squid for some years and normally I don't use the parameter "dstdom_regex -i" I use for the blacklist just "dst_domain".

I change my line to this one:

acl blacklist dstdomain "/var/squid/acl/blacklist.acl"

Run squid -k reconfigure

With this change I don't have issues.

Please, if u need further details let me know, thanks.

Files

bug1.png (14.9 KB) bug1.png Peter Moreno, 01/16/2023 07:01 PM
Actions
Copy link

Also available in: Atom PDF