Pfsense squidguard block all except whitelist

I am looking to block all the HTTP access in the local lan network with some exception. (Whitelist) .Please advice

I don’t do squid https://youtu.be/DNGaJPM1yjQ

Unofficial package e2guardian is what I’m using, the install seems to be the hardest part. Wish it was an official package because it would be a lot easier.

Search for the terms “e2guardian” “blanket block” or “walled garden”. There is a decent install procedure out on the web too, but can’t remember exactly where right now.

2 Likes

Thanks Tom, Make sense

Thanks Greg , i will check

Hi there,

This is my setup and it works great.

I want to filter web content at the DNS level.
So I run pfSense (10.127.1.254) as the main firewall/router and on a separate device I have NxFilter (10.127.1.240) to filter the DNS content which works great.

BUT

If i change the DNS address on device level to the IP of any other DNS Server it auto-bypass the NxFilter which I understand it will do, thus have I implemented firewall rules to block access to any other dns server, firewall rules as follow.

Allow
Protocol Source Port Destination Port Gateway Description
IPv4 TCP/UDP * * 127.0.0.1 53 (DNS) * NAT Redirect DNS
IPv4 TCP/UDP * * 10.127.1.240 53 (DNS) * Allow Net DNS to NXFilter

Block
Protocol Source Port Destination Port Gateway Description
IPv4 TCP/UDP * * * 53 (DNS) * Block All other DNS Servers

Then I made the primary DNS Server on pfSense to be 10.127.1.240(which is my nxFilter) and the secondary DNS Server 1.1.1.1 and on NxFilter I have made my upstream DNS Server 10.127.1.254 which points back to pfSense.

(if you use the above)
Then you can filter the whitelist with nxFilter.

Thanks , I will try the Nx filter