OPNsense Forum

English Forums => Web Proxy Filtering and Caching => Topic started by: RickNY on September 30, 2018, 05:50:20 pm

Title: Remote Blacklist and Netflix
Post by: RickNY on September 30, 2018, 05:50:20 pm
Just got transparent proxy going here for the primary purpose of getting HTTPS Everywhere installed.. I followed the procedure detailed here:  https://medium.com/@privb0x23/minimal-cache-proxy-configuring-an-https-everywhere-squid-plugin-on-opnsense-80af717d40ab

I am not proxying HTTPS.. Only HTTP.. I wanted to also add some basic blacklisting for malware, phishing, and cryptojacking sites -- But when I enable remote blacklisting with the UT1 blacklist and those categories selected, Netflix stops working throughout the house.. Specifically, the following shows up in the Squid logs:
Code: [Select]
TCP_DENIED/403 6108 POST http://api-global.netflix.com/nq/nrdjs/pbo_logblob/%5E1.0.0/router - HIER_NONE/- text/html
Came across similar issues when searching for a solution related to pfSense where the fix is to uncheck "Do not allow IP-Addresses in URL" in pfSense.. Can anyone tell me how to set this configuration option for squid in OPNSense?

Thanks,
Rick

Title: Re: Remote Blacklist and Netflix
Post by: fabian on September 30, 2018, 09:28:17 pm
Such an option simply does not exist. Your request may match something in your blacklist that blocks access. Please grep the ACL.