PfSense advanced configuration with SquidGuard and Lightsquid

Here i am explaining how to integrate SquidGuard and Lightsquid  in a pfsense Squid Server.  Earlier we have published an article about the how to setup a proxy with pfSense Firewall distribution. as we know SquidGuard is a URL redirector used to use blacklists with the Squid. Squid can perform better with SquidGuard. LightSquid is one of reporting package available for pfsense. lightsquid is a replacement for MYSAR and SARG.

Install SquidGuard and Lightsquid

Open pfSense webmanager ( type your ipaddress in the addressbar )
Got o System >  Packages
Find packages “squidGuard” and “Lightsquid” install them

Configure SquidGuard

Enable Squid Guard

Go to Services > Proxy Filter

Select check box “Enable” In General settings tab. this will enable SquidGuard

Enable blacklists

Next option is to enable blacklist for squidGuard. SquidGUard have some default blacklists. It will be applied automatically
Select Check box to enable blacklists

Add advanced blacklists to SquidGuard

There are many Advanced blacklist data bases like MESD, Shalla’s are available for download. for integrating such blacklists you can give the download-link in this field (Blacklist URL) And click on upload URL. Application will automatically download blacklist database and will be ready to use in ACL ( Access control list  )
Find the appropriate black list and use. Here i am using Shalla’s Blacklist
Shalla’s Blacklist URL : http://www.shallalist.de/Downloads/shallalist.tar.gz

Click on save button from “General settings” tab

Default ACL

Now go to second tab (Default). This is the default  access control list. all the requests from source IPs which is not added in Squid Guard ACL will work with this policy. If you are planing for a simple proxy server with a single group you can set your ACL in default itself.
But in many cases we will configure separate ACL depends up on defferent departments and designation. If so only permit Some intranet_sites or some limitted_sites.
Click on  “Destination ruleset “

Go to each group and select the Allow / Deny depends your policy
Select “Enable log” and “SAVE”

Destination List

Go to Destinations tab and create some set of domain groups which you want to filter

I have some Destination list like Chat_Sites , blocked_sites (Blacklist ), Permitted_sites (whitelist ) ,local_domains ( Intranet ).

Access control list

Go to ACL tab and create policy.  In this window give a name for your policy.
Eg: Managers/Devolepers
Set “Source IP adresses and domains” probably Ip list or subnet
Now select Destination rules ( Allow / Deny )
Select “Enable log” and “SAVE”

After all changes, Go to first tab (General settings) and click the apply button to apply saved changes to SquidGuard.
There are many advanced features like Rewrite, safe search, Time based  ACL, Separate Error Pages for each policy. These all features are easy to implement in just one  or two click. Examples also described in each area of web admin.

Proxy Report Module

LightSquid

Go to Status > Proxy Report
Select the Language
Then select  Report scheme (I am using NovoSea)
Set Refresh sheduler  : Set it as 10 min, So that it will be updated within 10 min. It will reduce the load too.
Now SAVE settings
Make sure that your loging is enabled in Squid service and the directory is “/var/squid/log”
Go to Services > Proxy Server and find “Enabled logging” and “Log store directory”
Select “Lightsquid Report” tab from   Status > Proxy Report to see the access log on web