@persia1364 Yes I believe that you can install Squidguard, configure the LDAP integration and then filter based on usernames but this is not simple and I have not tried it myself.

@cobca I do not know if you are running Squidguard, if so also make sure you have a loopback dummy ACL that lets the firewall and the proxy work. If you do not have this it will fail to reach wpad and will not work correctly as Squidguard will block the redirects.

Screenshot 2022-12-10 at 9.35.14 AM.png
(Image: My dummy acl)

I have mine set up to allow the loopback and the firewalls ip address to talk to one another and also let the wpad work.

Screenshot 2022-12-10 at 9.37.56 AM.png
(Image: Group acl with loopback and firewall Ip)

Screenshot 2022-12-10 at 9.38.33 AM.png
(Image: location of group acl that attaches to the dummy acl rules)

@mnoya2
Try this:
https://github.com/ahuacate/pfsense-haproxy/blob/master/README.md
https://docs.deeztek.com/books/pfsense/page/pfsense-haproxy-softether-vpn
https://cbonte.github.io/haproxy-dconv/2.2/configuration.html

@jonathanlee Palo Alto does the same thing with certificates and intercepts on their firewalls. Just set it up ethically and it will work.

virus.PNG
(HTTPS cloud based virus stopped with use of MITM)

@jonathanlee

I wish you could pick what certificate to ignore with this.

@jonathanlee
The antivirus is working however it no longer uses the red screen also.

What could cause this?

Screenshot 2022-12-03 at 9.18.10 AM.png

New version of found virus screen

Screenshot 2022-12-03 at 9.17.57 AM.png

Virus table empty will no longer log files, cleared also to resolve same result no updates are placed into the log file for what virus is found

Screenshot 2022-12-03 at 9.17.53 AM.png

Image shows that viruses are caught in https still Eciar test found however it is not logging anything and the red splash screen is gone

@gertjan

Error

squidclamav_check_preview_handler: Wed Nov 30 15:56:36 2022, 92197/1098002432, ERROR clientip is null, you must set 'icap_send_client_ip on' into squid.conf

Screenshot 2022-11-30 at 4.02.08 PM.png

It goes on and on...

I have also just added

adaptation_send_client_ip {$icap_send_client_ip}

to line 234 of

Screenshot 2022-11-30 at 3.32.23 PM.png

ref https://forum.netgate.com/topic/129331/adaptation_send_client_ip-vs-icap_send_client_ip?_=1669853066007

It seems to already be enabled also, any ideas?

Screenshot 2022-11-30 at 4.06.21 PM.png

Keep in mind it all worked until a week or so ago, not it will not even see the test virus anymore

@tyoungls

adaptation_send_client_ip {$icap_send_client_ip}

are you sure it is not line 234?

Screenshot 2022-11-30 at 3.32.23 PM.png

@bmeeks Thanks for the reply! Understood!

@cesd I answer because noone did till now.
To create shared frontend, just create your 1st, then on 2nd, it will show you the warning msg and the second website will not work error 50x.
a tthis point go to the first frontend, edit it and
select, shared frontend, on dropdown menù, choose the 2nd frontend.
thats'it