I just had a read through the SquidGuard documentation and I think I may understand why it is not working.
When you enter a domain into the blacklist or into the regex, SquidGuard takes that and adds http:// to the front of it when it looks to see if it should block that domain. The same occurs with a url.
So the issue relates to what SquidGuard is defining as a domain name or a url and in terms of the RFC’s that is correct. The http:// is not part of the domain name, it is the protocol being used.
The page you cited only explains the treatment of urls and domains.
But ‘.//’ is part of the URL and thus should be examined for a regex match also. Just my opinion.
I’ll try to contact Shalla ( the maintainer of squidGuard ) tomorrow.
I tried with that [https$].* but it’s not enough, it blocks some http or https site … logically you have to find the right expression to block only http
a question, is it possible to declare in iptable to block port 80 except in relation to the url list that I will put in it? it comes back the same if we go through there?
I saw on the site but not with ipfire
////// ip firewall filter
add action = drop chain = forward disabled = no protocol = tcp src-address-list = “! Permited URL” src-port = 80
