Cache&#x2F;Proxy

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you may not be able to execute some actions.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

Cache/Proxy

T

Netflix issues with Squid transparent proxy
• tapout72

7

0
Votes

7
Posts

147
Views

btw I would strongly recommend against running in transparent mode. Too many issues and hassles with https sites. IMO it's much better to run explicit and use WPAD to let devices autodiscover the proxy on their own. https://doc.pfsense.org/index.php/WPAD_Autoconfigure_for_Squid I looked around for your problem and found these: https://www.linuxquestions.org/questions/linux-server-73/tag_none-409-connect-squid-3-5-20-a-4175620518/ http://squid-web-proxy-cache.1019090.n4.nabble.com/Intermittent-409-Error-to-google-com-td4683329.html
Unofficial E2guardian package for pfSense
• marcelloc

1107

1
Votes

1107
Posts

137480
Views

F

@susamlicubuk there you go: USERS: SAMBA smb.conf file (replace DOMAIN and DOMAIN.CORP by your actual DOMAIN name) GROUPS: (in the "masked" LDAP line, you add your Active Directory Server hostname)
P

Squid + Captive Portal Auth
• pfsensation

8

0
Votes

8
Posts

1860
Views

L

@gertjan for example for our company is important to have control over the activity of internal user about they access on the web, in recent days i was using squid transparent http and https pass under nat, i'm thinking to come back to thats config, another rason are make lees changes on the final client setting proxy etc... Make me some recomendations please. thanks
S

Docker behind pfsense: haproxy, traefik, or ... ?
• sgw

3

0
Votes

3
Posts

478
Views

P

I ended up getting stuck in the same situation. Ended up just getting rid of HAProxy and letting Traefik handle all proxying requirements. If I tried to use both, HAProxy would not recognise anything in Traefik and report with a 503. IMO Traefik is easier to config and use.
Why E2guardian package is not Officially avaliable in Pfsense?
• vallum

4

0
Votes

4
Posts

239
Views

@fabricioguzzy said in Why E2guardian package is not Officially avaliable in Pfsense?: Hello Vallum, I´ve been testing the e2guardian package since December/18 and it's working fine. It's way better then squidguard, no doubts or comparisons. The package still has some small/cosmetic issues, most of them related to the LDAP search group/users and REstarting service mechanisms, but it's fully functional. I also made some security scans over the firewall after install it and it got nothing, so it looks safe at all. it worth to go ahead and try it. If you are still confused, consider create a Non-Production environment to test it until you get used to the GUI and processes. Not sure why pfsense team didn't consider the package so far. Maybe because is it still under-construction, but I do agree with you. That is a "must have" package for sure. hope that helps you. Fabricio. Thanks Fabricio . I will test this.
G

[SOLVED]Help needed: bypass squid and squidGuard for iTunes, AppleStore, Android
• GL

14

0
Votes

14
Posts

2313
Views

T

@gl said in [SOLVED]Help needed: bypass squid and squidGuard for iTunes, AppleStore, Android: acl ssl_exclude_domains ssl::server_name "/usr/local/etc/squid/exclude_domains.conf" ssl_bump peek step1 all ssl_bump splice ssl_exclude_domains ssl_bump stare step2 all ssl_bump bump all GL, I know this is an old thread but I tried your solution to try and bypass netflix. However, I get a Privacy error NET::ERR_CERT_AUTHORITY_INVALID on every site I try to access after applying the Custom Options (Before Auth). Any ideas on where I went wrong?
A

Squid transparent proxy, internet radio not working
• admins

3

0
Votes

3
Posts

123
Views

Does it work with squid disabled? Have you tried go to Services - Squid Proxy Server - General - Transparent Proxy Settings - Bypass Proxy for These Destination IPs and added their hostname there?
F

Squid Reverse Proxy HTTP to HTTPS
• fernandodx 0

1

0
Votes

1
Posts

114
Views

No one has replied
F

SpliceALL Squid not working
• fernandoipsec

4

0
Votes

4
Posts

156
Views

T

Hey, I found this video on the topic that was very helpful. https://youtu.be/xm_wEezrWf4
How to configure squid in transparent mode and avoid HTST errors in browser?
• ssbarnea

1

0
Votes

1
Posts

81
Views

No one has replied
P

squid to block traffic
• pcprice

1

0
Votes

1
Posts

68
Views

No one has replied
M

Squidgard no bloquea trafico HTTP(80)
• mikeMTY

13

0
Votes

13
Posts

191
Views

M

thanks for your help, I had to reset the equipment to factory values, reconfigure and function correctly, maybe, as KOM says, squidgard was broken
D

Squid installation error and no GUI menu
• demianpaz

4

0
Votes

4
Posts

182
Views

D

After upgrading to 2.4.4_2 the menu worked just fine. Thanks.
K

Problems opening lightsquid for reporting
• kiekar

5

0
Votes

5
Posts

163
Views

K

Simple fix.
A

Squidlog
• alexandre.dezembro

2

0
Votes

2
Posts

62
Views

What?
D

Just installed Squid proxy
• Dayve

12

0
Votes

12
Posts

319
Views

L

Bypass is not destination in your case. It is source as it is internal IP and outgoing traffic, if you change that i guess it will work for you.
B

Squid Reverse Proxy Error during WebSocket handshake: Unexpected response code: 400
• badincite

1

0
Votes

1
Posts

55
Views

No one has replied
L

Windows 10 updates blocked by proxy (squid)?
• lindsay

2

0
Votes

2
Posts

103
Views

@lindsay said in Windows 10 updates blocked by proxy (squid)?: I wonder if i have to import .cert to the local copmputer to make it work properly? Yes, if you're running squid in transparent mode. You're better off disabling transparent mode, then configuring WPAD and let your Windows clients find the proxy on their own. Then https will work without certs.
clamd crashing affecting proxy
• adamw

1

0
Votes

1
Posts

49
Views

No one has replied
D

Routing OpenVPN clients(Virtual Interface) through Squid Proxy
• datzhim

1

0
Votes

1
Posts

52
Views

No one has replied
T

Squid vs HTTPS Everywhere to protect HTTP (port 80) connections
• talaverde

2

0
Votes

2
Posts

122
Views

Squid is almost useless these days other than as a base for squidguard or ClamAV.
D

Squid proxy block all websites except white listed domains
• dhiyogroup

12

0
Votes

12
Posts

440
Views

Yes. How do you expect to enforce your web-browing rules if anyone can just go around the proxy by not using it?? If you block all tcp80,443 traffic on LAN, then NOBODY will be able to use the web except via proxy.
Pimd a lightweight standalone PIM-SM/SSM v2 multicast routing daemon.
• Qinn

1

2
Votes

1
Posts

69
Views

No one has replied
Configuring multiple applications on same port
• chudak

1

0
Votes

1
Posts

60
Views

No one has replied
K

What came first - the firewall or the HAProxy?
• KiloFoxtrotMike

3

0
Votes

3
Posts

133
Views

K

Hi @surinameclubcard thanks for taking the time to answer! I will definitely try that second example then. FWIW, I am currently using the first example i.e. NAT then HAProxy, and can confirm that does work.
S

HAProxy configuration problem (GUI causing it?)
• surinameclubcard

2

0
Votes

2
Posts

104
Views

S

Replying to myself: I just did a clean install of pfSense 2.4.4p1 and tried above with the haproxy-devel package: Create a frontend, name it "test", save, Open "test", add an ACL, notice there is no "Traffic is ssl (no value needed):" option, Just to continue, name the ACL "https", expression="Host starts with:", value="https", save, Open "test" once again, edit the ACL, notice now there is the "Traffic is ssl (no value needed):" option, Change the expression to "Traffic is ssl (no value needed):", remove the value, save, same error. Or the ACL was completely removed. Either something is broken or I am completely not understanding this user interface?
HA proxy Backend Frontend up down Notification via email
• ejaj

9

0
Votes

9
Posts

215
Views

Hello experts - Is there any version dependency of haproxy?
K

Haproxy Email Notification
• keval.shah

1

1
Votes

1
Posts

67
Views

No one has replied
P

Lightsquid report
• pama

3

0
Votes

3
Posts

262
Views

F

@pama Hi, I'm also looking for the place to add these lines on the sgerror.php file. If you get the answer please let me know. Thanks!
M

C-ICAP Error on One Site
• mbrossar

2

0
Votes

2
Posts

128
Views

M

Anyone challenged with clamav and icap errors? I've increased the parameters recommended here. It seems to resolve the issue I'm currently seeing, but I now have each parameter at 3x their original default. I just hit another icap error and am getting ready to go to 4x, but I can't help but think clamav isn't worth running.
C

HAProxy: Rewriting help needed (hiding folder)
• CommWest

1

0
Votes

1
Posts

74
Views

No one has replied
P

Squid ClamAV antivirus not working properly
squid clamav antivirus • • pimmes111

8

0
Votes

8
Posts

349
Views

I

That indicate's clamav is detecting the test file but isn't logging it properly. I checked my setup and receive the same, Found instream with no default block page and it is not logged in either the C-ICAP Virus Table or the dashboard widget. Perhap's someone else will check on this that has more knowledge.
Z

Squid MITM: How to retrieve decrypted data?
squid tls ssl mitm man-in-the-midd • • zll

5

0
Votes

5
Posts

149
Views

Z

Thanks for the info. Astounding is what this is. :-)
P

SquidGuard log to remote syslog server
• pitt1717

1

0
Votes

1
Posts

79
Views

No one has replied
M

PROXY x PROXY TRANSPARENTE
• Massao

7

0
Votes

7
Posts

221
Views

@massao said in PROXY x PROXY TRANSPARENTE: I have yes DHCP but in mikrotik, and Active Directory in windows 2012 R2. The structure looks like this: 2 Internet link arriving in Mikrotik, and mikrotik connected pfsense and AD ok . Use your AD to host wpad file via IIS. Use DHCP to serve wpad files. all machine should be configured with "automatic detect settings" this can be done via AD too. Refer below link : https://findproxyforurl.com/deploying-wpad/
http 80 always allowed
• adamw

1

0
Votes

1
Posts

91
Views

No one has replied
G

Squid: how to "catch" 8080 port web traffic
• genseb

7

0
Votes

7
Posts

267
Views

@genseb I have not used transparent proxy. may be it should create automatic NAT when you add port there in Safe_ACL. Pfsense is a Good firewall, but lot of issues in proxy.
S

Squid and OPTx ifs
• smnolde

2

0
Votes

2
Posts

83
Views

S

Ok, I clicked enough around and found I needed to enable this interface. Now the enabled OPTx interfaces appear in the squid proxy interface list.
P

Squid ClamAV antivirus not working properly
• pimmes111

2

0
Votes

2
Posts

90
Views

No one has replied
W

When Squid 4.2?
• Wolf187

3

0
Votes

3
Posts

218
Views

W

I didn't know that that exists. Thanks

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

1 / 59

Netflix issues with Squid transparent proxy • tapout72

Unofficial E2guardian package for pfSense • marcelloc

Squid + Captive Portal Auth • pfsensation

Docker behind pfsense: haproxy, traefik, or ... ? • sgw

Why E2guardian package is not Officially avaliable in Pfsense? • vallum

[SOLVED]Help needed: bypass squid and squidGuard for iTunes, AppleStore, Android • GL

Squid transparent proxy, internet radio not working • admins

Squid Reverse Proxy HTTP to HTTPS • fernandodx 0

SpliceALL Squid not working • fernandoipsec

How to configure squid in transparent mode and avoid HTST errors in browser? • ssbarnea

squid to block traffic • pcprice

Squidgard no bloquea trafico HTTP(80) • mikeMTY

Squid installation error and no GUI menu • demianpaz

Problems opening lightsquid for reporting • kiekar

Squidlog • alexandre.dezembro

Just installed Squid proxy • Dayve

Squid Reverse Proxy Error during WebSocket handshake: Unexpected response code: 400 • badincite

Windows 10 updates blocked by proxy (squid)? • lindsay

clamd crashing affecting proxy • adamw

Routing OpenVPN clients(Virtual Interface) through Squid Proxy • datzhim

Squid vs HTTPS Everywhere to protect HTTP (port 80) connections • talaverde

Squid proxy block all websites except white listed domains • dhiyogroup

Pimd a lightweight standalone PIM-SM/SSM v2 multicast routing daemon. • Qinn

Configuring multiple applications on same port • chudak

What came first - the firewall or the HAProxy? • KiloFoxtrotMike

HAProxy configuration problem (GUI causing it?) • surinameclubcard

HA proxy Backend Frontend up down Notification via email • ejaj

Haproxy Email Notification • keval.shah

Lightsquid report • pama

C-ICAP Error on One Site • mbrossar

HAProxy: Rewriting help needed (hiding folder) • CommWest

Squid ClamAV antivirus not working properly squid clamav antivirus • • pimmes111

Squid MITM: How to retrieve decrypted data? squid tls ssl mitm man-in-the-midd • • zll

SquidGuard log to remote syslog server • pitt1717

PROXY x PROXY TRANSPARENTE • Massao

http 80 always allowed • adamw

Squid: how to "catch" 8080 port web traffic • genseb

Squid and OPTx ifs • smnolde

Squid ClamAV antivirus not working properly • pimmes111

When Squid 4.2? • Wolf187

Products

Applications

Support

Services

News

Resources

Company

Our Mission

Subscribe to our Newsletter

Netflix issues with Squid transparent proxy
• tapout72

Unofficial E2guardian package for pfSense
• marcelloc

Squid + Captive Portal Auth
• pfsensation

Docker behind pfsense: haproxy, traefik, or ... ?
• sgw

Why E2guardian package is not Officially avaliable in Pfsense?
• vallum

[SOLVED]Help needed: bypass squid and squidGuard for iTunes, AppleStore, Android
• GL

Squid transparent proxy, internet radio not working
• admins

Squid Reverse Proxy HTTP to HTTPS
• fernandodx 0

SpliceALL Squid not working
• fernandoipsec

How to configure squid in transparent mode and avoid HTST errors in browser?
• ssbarnea

squid to block traffic
• pcprice

Squidgard no bloquea trafico HTTP(80)
• mikeMTY

Squid installation error and no GUI menu
• demianpaz

Problems opening lightsquid for reporting
• kiekar

Squidlog
• alexandre.dezembro

Just installed Squid proxy
• Dayve

Squid Reverse Proxy Error during WebSocket handshake: Unexpected response code: 400
• badincite

Windows 10 updates blocked by proxy (squid)?
• lindsay

clamd crashing affecting proxy
• adamw

Routing OpenVPN clients(Virtual Interface) through Squid Proxy
• datzhim

Squid vs HTTPS Everywhere to protect HTTP (port 80) connections
• talaverde

Squid proxy block all websites except white listed domains
• dhiyogroup

Pimd a lightweight standalone PIM-SM/SSM v2 multicast routing daemon.
• Qinn

Configuring multiple applications on same port
• chudak

What came first - the firewall or the HAProxy?
• KiloFoxtrotMike

HAProxy configuration problem (GUI causing it?)
• surinameclubcard

HA proxy Backend Frontend up down Notification via email
• ejaj

Haproxy Email Notification
• keval.shah

Lightsquid report
• pama

C-ICAP Error on One Site
• mbrossar

HAProxy: Rewriting help needed (hiding folder)
• CommWest

Squid ClamAV antivirus not working properly
squid clamav antivirus • • pimmes111

Squid MITM: How to retrieve decrypted data?
squid tls ssl mitm man-in-the-midd • • zll

SquidGuard log to remote syslog server
• pitt1717

PROXY x PROXY TRANSPARENTE
• Massao

http 80 always allowed
• adamw

Squid: how to "catch" 8080 port web traffic
• genseb

Squid and OPTx ifs
• smnolde

Squid ClamAV antivirus not working properly
• pimmes111

When Squid 4.2?
• Wolf187