HAVP update to 0.91_3 pkg v1.05_1 doesn't solve this problem, manual changes to havp.inc file must be done.

@omrom: Hi, I think there's just a misanderstanding on my words.  :D As told in my PM, we can also discuss this in French if it helps (PM) and then revert back here once solved to provide feedback to community.

THANK YOU doktornotor. I REMOVE IT BUT ITS NOT WORKING. IM SEND  WITH ATTACHMENT USING GMAIL.ITS RECEIVED TO OUTLOOK AND TRY TO FORWARD TO SAME EMAIL ADDRESS.SAME ERROR. :-[ :-[ :-[ :-[

Hi KOM,  :) Many thanks to your reply and ill take note of that. Cheers, GiL

Restarting the process with squid -k reconfigure may do it by I have never tried. There is no max users.  It's based on the available resources and load. The CPU use scales with the network load.  The pfSense appliances come with Gigabit interfaces, so you are limited to that unless you're doing some virtual config with VMX3 NICs.  Supermule has a high bandwidth connection and may be able to give more information.

Dont go there. They have 3G/4G on the phone and doesnt have to use your wifi. Thereby having no control of the students. It doesnt have any effect. Instead of shutting everything down, open it up and log the traffic. Much better using captive portal. @hupernika0: For the school, I want to blacklist everything and have a short whitelist so that students can't go surfing anywhere that hasn't been pre-approved. For the guest wifi, the Pastor wants to just try out a guest wifi and see how it will work out, but he is justifiably afraid of it coming back and and biting him. So he'd like to start with the short whitelist.

Snort can block torrents, and perhaps pfBlockerNG from the great BB might be of use to you too.

@KOM: I think the client blockers like ABP are better.  AV on the firewall makes it slow, and that's an area I would leave to the pros like Kaspersky or Eset. I also think ABP is better because some sites don't work if you block the ad's and it's easier to temporarily disable ABP in your browser. The reason for me to use ClamAV was that i want to protect devices where you can't install AV-Software or where i think AV-Software is to much - TVs, consoles, Android… Everything today is connected to the web... @darrenkdean: What is your maximum object size? My settings with 2GB RAM assigned to pfSense are: Maximum object size: 4 Memory cache size: 512 Maximum object size in RAM: 128 Memory replacement policy: Heap GDSF But i think it does not affect ClamAV? I'm not interested in disk caching but use the RAM cache. Still not sure if i can increase "Memory cache size" or "Maximum object size in RAM" cause i have problems interpreting this RRD Graph stuff (attachment). I don't have the overall slowdowns anymore. Only sometimes if i download maybe a rar file. I cues thats affected by "maxsize" in squidclamav.conf. If the file is bigger than it is not scanned… The question is what is a good size here? Big files are scanned by the clients so from what small files comes risk that can affect TVs, consoles, Android, phones - if there any? And the question still is i there is risk from files like pictures, videos, icons? Does somebody use some of this settings: # Do not scan images #abort ^.*\.(ico|gif|png|jpg)$ #abortcontent ^image\/.*$ # Do not scan text files #abort ^.*\.(css|xml|xsl|js|html|jsp)$ #abortcontent ^text\/.*$ #abortcontent ^application\/x-javascript$ # Do not scan streamed videos #abortcontent ^video\/x-flv$ #abortcontent ^video\/mp4$ # Do not scan flash files #abort ^.*\.swf$ #abortcontent ^application\/x-shockwave-flash$ # Do not scan sequence of framed Microsoft Media Server (MMS) data packets #abortcontent ^.*application\/x-mms-framed.*$ # White list some sites #whitelist .*\.clamav.net I also realized i had a problem with the configuration page of one of my wlan access point until i put him to the whitelist. Is local stuff from my ip range scanned/proxyd? [image: status_rrd_graph_img.png] [image: status_rrd_graph_img.png_thumb]

Ok with http://warning.mydomain.net/index.html?&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u the 404 is gone and i can see the source code in Firebug.

thanks for the info i tried this : https://forum.pfsense.org/index.php?topic=84466.msg512965;topicseen#msg512965 and it seems to of worked not to sure what it changes but it works

Well of coursee the service was configured at once and always working, did not make any changes. HAVP was and is configured on Port 3125 as a parent for Squid that is running in transparent mode

Transparent mode does not need ipv6 enable or disable. The most common mistake i see is check loopback on listening interface and on transparent list too.

Go to Services - Proxy server - Local Cache - External Cache-Managers.  Put the LAN IP address of your pfSense box in here after the default entry.  Click Save at the bottom.  Mine looks like this: 10.10.4.1; 127.0.0.1

No idea.

What I do is create an alias for the proxy and an alias for the web ports (80, 443).  Then I create an Allow All pass rule at the top for the Proxy alias.  Under that, I put a block rule for All with dest ports being the Web Ports alias.  Save & done.

This bugs me for some quite some time, too. Enabling transparent works for a couple of calls to websites - then it dies… Scarry is the right description... 3.1.20 pkg 2.1.2 on pfsense 2.1.5 I have to say that the previous package (whichever that was!?) was running just fine!

Was the first thing I tried, However it did not work. OK fix it, it was a few different ip's that i need to add thanks marcelloc

ohhh never mind i got it sorry for the ignorance  :-[