Proxy Web Filtering

[did]

I am using 17.7.5 version of OPNsense.
I activated the web proxy and configured the web filtering with the UT Toulouse blacklist : OK it works but :

1) Users' web access to banned sites are not logged
2) It is currently not possible to customize the error message returned to the user (the current message is not very explicit)

Does anyone have informations ?
Is this a problem in my configuration ?
Is there any evolution of OPNsense in this direction ?

Thank you for your replies,
Regards,
Didier

[FCM]

hello Didier,
Under Administration you have your access logs but you have to activate it via Admin/general proxy settings/Enable store logging
For the message, it's Squid related, so you have to edit you squid web site, it's not doable in Opnsense...

[fabian]

the files are somewhere in /usr/local/etc/squid if you are looking for them - they are not rewritten via the GUI so they are the squid default templates.

[Wayne Train]

Another question: Is it possible to proxy https traffic without tls-interception ?

[did]

Hello FCM and fabian

Thank you for your answers.

1) concerning the proxy logs : they are actually activated but this is not very practical because :

• Every evening at 0:00, the logs are archived in an access.log.i.z file ; so my question is : how do you practice to consult a log of a previous day ? (indeed, it is not possible via GUI)


• It is not easy to find the web access of the users to the forbidden sites because these accesses are mixed with those which are authorized. Only the key word "DENIED" makes it possible to find them ; so my question is : is there an easier way to find access to banned sites ?

2) To customize the error message, the file is /usr/local/etc/squid/xx/ERR_ACCESS_DENIED
--> OK it works

[FCM]

hello,
for the logs I did a a cron job that save the file each day and erase them after X days