Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Search
    1. Home
    2. pfSense Packages
    3. Cache/Proxy
    • Newest to Oldest
    • Oldest to Newest
    • Most Posts
    • Most Votes

    Cache/Proxy

    • S

      Proxy reports (light squid)
      • shehan31

      2
      0
      Votes
      2
      Posts
      591
      Views

      Probably chrome probing for DNS/etc. http://serverfault.com/questions/235307/unusual-head-requests-to-nonsense-urls-from-chrome
    • N

      HAProxy 1.5 and HSTS
      • nikolaii

      6
      0
      Votes
      6
      Posts
      2639
      Views

      N

      Yes I totally agree with you. I'll try to reproduce the issue again and get back to you. Nicolas
    • G

      MultiWAN failover with squid3 on pfsense 2.1
      • geminux

      4
      0
      Votes
      4
      Posts
      2296
      Views

      A

      Doese failover work?
    • A

      Squid3 missing ident support
      • anomaly0617

      1
      0
      Votes
      1
      Posts
      664
      Views

      No one has replied

    • D

      Squid3-dev will not start on fresh PFsense VM
      • dskerror

      10
      0
      Votes
      10
      Posts
      6175
      Views

      I

      Hi there, any news concerning that issue? Same problem over here…just spend nearly the whole day trying to fix it. Could one of you guys solve it? Cheers
    • S

      Squid 3 and caching
      • Slasky

      2
      0
      Votes
      2
      Posts
      766
      Views

      You could do a tail -f /var/squid/logs/access.log and see if you get hits or misses when manually running Windows Update, or you could update a client and watch the bandwidth monitor to see if there is WAN activity that matches the LAN activity.  No WAN activity + large LAN activity means it's using the cache.  Just be warned though.  I have played with Dynamic Content caching in the past and it was not reliable for me.    Every request for a segment of the download would cause the entire file to be downloaded, so a 100MB update ended up making Squid download many gigabytes.  My WAN was saturated for an hour while LAN was flat.  I disabled Dynamic Content after that.
    • B

      Squid3-dev https,ssl interception do not work in proxy mode
      • boujid

      4
      0
      Votes
      4
      Posts
      1793
      Views

      U

      did you solved the problem?
    • B

      Pfsense 2.2 squidguard not start help Please
      • b_onat

      5
      0
      Votes
      5
      Posts
      1373
      Views

      I realized on my installation that the new squid package does NOT start squidguard immediately, but on the first access to a website! This is supposedly how the new SquidGuard works.  I'm not sure how it's a problem unless you must see the little green/white triangle.  As long as it works, that is what's important.
    • A

      Squid + kerberos
      • alxbob

      1
      0
      Votes
      1
      Posts
      1319
      Views

      No one has replied

    • P

      Pfsense 2.2 upgrade + squid 2.7.9 and squidguard 1.4_7
      • pama

      2
      0
      Votes
      2
      Posts
      1339
      Views

      M

      Hi! I have this problem too.
    • Lightsquid on 2.2 should be OK now
      • jimp

      25
      0
      Votes
      25
      Posts
      4491
      Views

      There should be no need for that with the current package. The gd library is there and the package should be invoking ldconfig to nudge the system to find it without such hacks. Check to see if it's there at all: find / -name "*GD*.so"
    • N

      HAproxy in a failover setup - Secondary firewall dashboard widget can't connect
      • nikolaii

      3
      0
      Votes
      3
      Posts
      1104
      Views

      N

      All righty, thank you for the explanation :) Nicolas
    • S

      Squid stripping domain from URL with port forwarding
      • smar

      11
      0
      Votes
      11
      Posts
      5545
      Views

      G

      I had this same issue with squid 2.7.9.  This worked for me: Set squid proxy to listen on port 3129 (or any port you choose, the GUI wouldn't allow me to leave it blank) Add custom option: http_port 3128 transparent Port forward on LAN: Traffic TCP Src * Srcport * Dest * Destport HTTP(80) TargetIP pfsensebox IP Targetport 3128 My guess is that on the GUI without the transparent box checked, squid was not operating transparently on port 3128 until specifically defined to do so. Unfortunately my ultimate goal was to use this rule to apply limiters to the traffic but apparently there is a bug with limiters and squid in transparent mode that I can't seem to get around!
    • ?

      Squid Reverse Proxy
      • Guest

      1
      0
      Votes
      1
      Posts
      974
      Views

      No one has replied

    • P

      Squid Monitoring and Lightsquid "fix" on pfSense 2.2
      • pfBlense

      11
      0
      Votes
      11
      Posts
      9244
      Views

      https://doc.pfsense.org/index.php/Lightsquid_Troubleshooting
    • F

      Weird problem in squid guard - Partial access to the Internet
      • firefox

      14
      0
      Votes
      14
      Posts
      4576
      Views

      F

      Try running Firefox on the XP box and see if that is any different. I'll try Clarification the computer is old old the operating system is old Update from yesterday But it was already too late and I turned off my computer The computer in question was one hour ahead I set the computer time and date accurate And now Only two sites inaccessible And show the same message as before
    • P

      Haproxy-devel 1.5.9 pkg v0.20 won't start after upgrade 2.1.5 to 2.2 i386
      • pffan

      3
      0
      Votes
      3
      Posts
      723
      Views

      P

      f.y.i. in (somewhat) recent versions of the package its possible to create multiple 'binds' using the normal webgui options. So its possible to have 1 frontend listen on both :443(with ssl-offloading) and :80. So you don't need the bind in 'advanced pass through' anymore.
    • J

      Squid is not working
      • Jamerson

      3
      0
      Votes
      3
      Posts
      902
      Views

      Have you looked in your SquidGuard filter log?
    • T

      Squidguard-squid3 systempatch for use with squid3-dev
      • Tikimotel

      59
      0
      Votes
      59
      Posts
      38565
      Views

      F

      Hi, :) So with ssl filtering, windows update does not want to do this. There in there a manipulation to do to solve this problem. Sorry for my bad english  ;D
    • A

      Can Squid be limited to IP instead of subnet?
      • altiris

      5
      0
      Votes
      5
      Posts
      972
      Views

      A

      @Derelict: Don't use transparent mode and only hosts set to use it as a proxy will use it. Alright I will try doing that, thank you.
    • W

      Squidguard redirect error page
      • webstor

      4
      0
      Votes
      4
      Posts
      1376
      Views

      So what was the solution???
    • S

      Squid moaning about /tmp/rules.test.packages syntax error under pfSense 2.2
      • Steve Evans

      23
      0
      Votes
      23
      Posts
      12645
      Views

      S

      Locking this thread as the original issue is resolved; it was caused by me not associating any interfaces and leaving transparent mode enabled. Transparent mode isn't working on i386 and marcelloc has confirmed this is due to a build configuration issue which will be resolved shortly. Steve
    • E

      Man in the middle work around for squid?
      • edanpedragosa

      9
      0
      Votes
      9
      Posts
      4257
      Views

      J

      You are running into the application cert pinning I think, I've seen this on a few IOS/android apps but makes sense here as well, and I've confirmed that is what they are doing as well in the following link: http://googleonlinesecurity.blogspot.com/2013/05/changes-to-our-ssl-certificates.html At this time, Google Drive's PC application does not support SNI and performs some degree of certificate pinning for transfers.  (This is going to cause you a lot of issues with SSL MITM setups). One fairly easy way to work around this is with a DNS based filter and with pfSense you can easily control what DNS server a client is using. Thanks, Adam
    • 1

      Squid3-dev and SquidGuard-squid3 - reset configuration when restart/shutdown
      • 1010011010

      10
      0
      Votes
      10
      Posts
      5752
      Views

      1

      thanks for your response, I will look and review what you say, I'm hoping to solve this problem, otherwise im gonna give a shot with lusca.
    • B

      Monitor Squid Status
      • Bai Shen

      36
      0
      Votes
      36
      Posts
      97371
      Views

      G

      thanks … tutorials that you provide goes well even now I'm dizzy reading the information provided  ;D but I still have one question, how to give a password when accessing cachemgr ? thanks a lot

    Products

    • Platform Overview
    • TNSR
    • pfSense
    • Appliances

    Applications

    • AWS Transit VPC
    • High-Performance Cloud Mirror Port
    • High-Performance vRouter
    • High Performance Cloud Firewall

    Support

    • Subscription Plans
    • Contact Support
    • Product Lifecycle
    • Documentation

    Services

    • Training
    • Professional Services

    News

    • Media Coverage
    • Press
    • Events

    Resources

    • Blog
    • FAQ
    • Find a Partner
    • Resource Library

    Company

    • About Us
    • Careers
    • Partners
    • Contact Us
    • Legal
    Our Mission

    As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

    Subscribe to our Newsletter

    Product information, software announcements, and special offers. See our newsletter archive for past announcements.

    © Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy

    Move Topic