rm -rf /usr/local/etc/c-icap rm -rf /usr/local/include/c_icap rm -rf /usr/local/share/c_icap rm -rf /usr/local/lib/c_icap rm -rf /usr/local/etc/c-icap rm -rf /var/log/squid rm -rf /var/squid/ rm -rf /usr/local/etc/squid

But btw, also tested a smaller subset, made no difference…

Sorry it took so long to get back to you on the upgrade yes it was I forget what ver I started with it upgraded like two or three times I cant remember right now but yes it was up grade. I have taking the system back to the beginning of when I first got it up and running and am just doing with out the squid for now I am looking for new system to build or buy to redo pfsense I will be using the new ver I downloaded and burned to disk. I hope that fixes the problem. I  will keep you all up to date with my progress on getting it to work with new system. Thanks for the help so far though I would still be wondering around in the dark if it wasn’t for you folks so thank you so very much.

i usually use the SquidAnalyzer for these types of reports, here in the forum have some tutorials for this purpose.

I'm confused, how can you put anything broken in an IP alias? It's literally a list of IP's you enter in the GUI. I did seem to see similar issues with aliases in some of my firewall rules, but 99.9% of them are still built around aliases and work. But in some of them I had to explicitly write IP's directly to get traffic to move.

Hello there, Having the same problem. Currently on 2.3.1 stable release, with squid 0.4.23_1 and squidGuard 1.14_4. I am using aliases as recommended above, but still have the problem. Sometimes squidGuard will simply stop filtering and allow everything, and cleaning the "Bypass Proxy for those source IP's" field and saving solves the problem. Couldn't really find a workout, have to constantly check if filtering is active and wipe the bypass proxy field if it doesn't. Maybe I should create a bug report? Thank you!

Looks like the problem was indeed the name. Well thanks, didn't think that could be it, but I suppose the name isn't just for clarity, it must be used in the conf ! I'll probably replace all of this with haproxy soon anyway, but at least for now it's working.

you wil definitely find answers to commercial antivirus products to run on FreeBSD/UNIX/Linux. Huh, I had no idea.  You learn something new every day. No it's not. If you're using a high end firewall with enough power, it will run. I would rather not have some PC-class desktop as my firewall just so I can scan for viruses and malware that I don't have.  Most of my clients are Android, Apple and Linux.  The Windows boxes have their local AV clients.  I tried ClamAV a few years ago and it was dreadfully slow.  I agree with you when it generally comes to layered security, but AV on the firewall is too much of a performance tradeoff for me.

As I like to explain, from my own viewpoint, WPAD is the very last step in term of configuration. you have to ensure that your proxy works when explicitly configured on your browser once this works, you deploy proxy.pac on some web server and ensure it works when manually configured browser side once and only once this works too, you can push WPAD using DNS, DHCP or whatever supported method. Following this approach, you may discover that WPAD step is the easiest one and most of the time, it works  ;)

@dilu1: In Sophos i use an option to block websites (facebook, twitter), this works for http and https. https is configured as "URL filtering only", this has some disadvantages like no content or virus scanning on https sites but that doesn’t matter to much for this case, I am only interested in blocking websites which works. I'm very prone to learn how this would work  8)

Clearing the cache manually might have done the same thing for you.

squidGuard has one master config file that holds everything, so your Linux config should be pretty easy to read and reproduce in pfSense.  Linux config is probably in /etc/squidguard/squidguard.conf.

I don't know for sure, but I do know that transparent mode is more trouble than its worth.

Auto detect is enabled, but if I block those ports do I block them on the subinterface? Because when I do nothing works I can't browse only ping… EDIT: I got it working! It's logging everything - I'm not sure yet why but I'll check tomorrow and write back! Thanks again

Hi, look here https://forum.pfsense.org/index.php?topic=108370.msg617570#msg617570

Hello, thanks for reply. Whitelist = I dont know where this option is Blacklist = I dont know where this option is blk_BL_adv: Deny = thrue default access all: allow = thrue Do not allow IP-addresses in URL: unticked = false –> Why not ticked? Proxy denied error: blank (you can insert a warning string here) = false –> we have a extern url Redirect mode: int error page = false –> we have a extern url redirect info: blank = false –> we have a extern url Use safeguard engine: unticked = false –> why? Rewrite: none = thrue Log: ticked = thrue [image: squid-conf-1.PNG] [image: squid-conf-1.PNG_thumb] [image: squid-conf-2.PNG] [image: squid-conf-2.PNG_thumb] [image: squid-conf-3.PNG] [image: squid-conf-3.PNG_thumb]