OPNsense Forum
Archive => 17.1 Legacy Series => Topic started by: Kuzunkhaa on March 28, 2017, 06:15:34 pm
-
Hello,
I have a problem with the Remote Access Control List of Web Proxy with the "yoyo ads" list.
It is configured like the suggestions of the documentation wiki, but I can't see any domains blocked on my browser.
I have tried to change the link in to "https://pgl.yoyo.org/as/serverlist.php?hostformat=squid-dstdom-regex&showintro=0&mimetype=plaintext" but give me the same "error".
Obviously when adding a domain in to "Access Control List\Blacklist" it is filtered.
Anyone have the same problem or I have to change something on my configuration?
Thank for the help.
-
I have the same situation as you mentioned and tested the "Access Control List\Blacklist" with same result like you.
I found this issues starting at version 17.1.
-
Can you try the same with "http"? It looks like it writes the SSL handshake to the disk oO
-
Can you try the same with "http"?
Hi franco, it does the same with http links. Sorry I have forgotten to add this info in the previous post.
I found this issues starting at version 17.1.
Hi ctkelvin, personally I remember this inconvenience on the last versions of 16.7, but probably is because "yoyo list" doesn't covered some domains.
-
Hmm ok, the maybe yoyo doesn't like the fetch with the client? user agent block maybe?
In any case, I've added a ticket:
https://github.com/opnsense/core/issues/1510
-
No user-agents blocked in my proxy configuration.
Recently I have tried another list directly downloaded in .acl and if I try to connect to a domain, covered by that list, the browser respond me with the "proxy block page".
Anyway many thanks for investigating on this issue and if you need to ask some things about my proxy configuration I'm glad to help. :)
-
Ad is already looking at this, I am expecting a fix in 17.1.5. I will post updates and test patches here as they become available.
Cheers,
Franco
-
I really appreciate it.
Marco
-
Hi Marco,
Here is a patch: https://github.com/opnsense/core/commit/e52e251
You can install it by running the following command from a shell:
# opnsense-patch e52e251
Cheers,
Franco
-
Ad also noted the list you used is not compatible, you need to use this one...
https://pgl.yoyo.org/as/serverlist.php?hostformat=plain&showintro=0&mimetype=plaintext
-
Franco, the patch solve the problem. Thanks for the support.
the list you used is not compatible
Yes, I know. It was only for a test ;)
-
Alright, many thanks for confirming. :)