i dont understand why I'm blocking port 80

You typically block ports 80/443 so that your users are forced to use the proxy.  If your proxy is optional, then you don't need to bother blocking 80/443.

Thanks KOM,

You were right killing the antivirus (and stopping the services) did make everything work.

I now know where to look!

Thanks for all of your help!

The problem is squid version 3.4 is not compiled with ldap search custom sguid package should work

I was able to get it running by going through every tab and hitting save.  I saw this in another thread on here.

thanks for you help!

Well, you could do what I asked the other guy to do…

Hello, no I dont use captive portal. I Think this is related to the newer FreeBSD base operating system on 2.2, that it cannot listen on low ports. I get same error in HAproxy. I have disabled WebGUI redirect.

I will try to do a forwarding rule from port 80 to a higher port i firewall rules settings

Ok thank for Help :D

I will forward to other sys-log server.

bump

Hi,

I'm also having the same problem on the 2.2.1 update.
i have also tried this: https://forum.pfsense.org/index.php?topic=73640.0

although the service is now starting it's not blocking website as per categories.

Have you found a solution yet?

New SquidGuard apparently doesn't always stay running unless there is work for it to do.  Have you actually tried testing its functionality?

MS FTP "client" plus MS FTP "server" -> unusable junk. Get something usable, like http://www.ncftp.com/download/

Ok, but my very first problem is to know if squidguard could read ip addresses lists from mysql db as it can do for users list.

After uninstalling installing round and round I finally got it working. :)

I believe there's and issue if you ad your 1st webserver then add 2 mapping's right away it wont allow any other connections to work. I had to add 1 webserver at a time and 1 mapping at a time then go back and add the second mapping.

I found an error on my rule set.

Netflix/hulu were using ports that were grouped together that went out my cable modem interface.

thnx for the information.

worked fine  :)

Hi all

does no reply mean, there is no solution or did i post it in the wrong category or did i ask a wrong question or …?

Thx, inorx

I'm on pfSense 2.2.1 and I just installed squid3 and set up a simple transparent proxy.  No clamav, no squidguard.  I was trying to follow the OP's tuturial to add access to the cachemgr tab:

cd /usr/local/www ln -s /usr/local/libexec/squid/cachemgr.cgi cd /usr/local/etc/squid cp cachemgr.conf.default cachemgr.conf

The problem is the paths are all different. 
/usr/local/libexec/squid and /usr/local/etc/squid do not exist.

Any ideas?

Thank you.

edit:  I figured it out (I'm a BSD noob…sorry)

Here are the paths.

/usr/pbi/squid-i386/local/etc/squid

/usr/pbi/squid-i386/local/libexec/squid

I'm not sure if the paths changed due to newer pfSense version, or the fact I'm using squid3 vs. squid, but it did work for me!

Hi,
try to put those IP on the ByPass rule in General page of the Proxy setting.
:)

Have you checked the System log for Squid errors?  Anything in /var/squid/logs/cache.log?

What happens in squid in transparent mode

In transparent mode, your browser will show an error because the site that it is indirectly connecting to doesn't match the certificate.

What this actually means
Instead of listing on each computer details of squid
I create this file Put it in pfsense
And computers identify squid alone without any settings ?

Yes.  However, the web sever hosting the wpad.dat file has to be HTTP, not HTTPS.  You can use the pfSense web server if you have it set to use WebGUI via HTTP.  Otherwise, you will have to have another web server to host the file that is HTTP.

People, good morning, reinstalling with version 2.2.1, 64 still getting same issue.
After frustrated days I was reinstall with version 2.1.5, 64bits and squid is working like a charm. regards

Perfecto, gracias!!!

Thanks for all your replies. It's a shame you can't filter https with squid

You can filter HTTPS with Squid but you have to configure it (and perhaps your clients) to use it properly.

WPAD Proxy Auto-Configure with squid

Can anypost pics of there config I cant seem to get it working.

I've tired just about everything

Don't know why package maintainer don't set correct default values.

It seems there's a check when "proxy.domain.com" is in there you get a warning.
If you set "www.domain.com" there's no error :P

You can download the squid3 it has an option to cache updates such as windows updates and free anti-virus updates.  The older version needs a bit of tuning.  Here is the tut https://doc.pfsense.org/index.php/Squid_Package_Tuning

But while we bypass proxy for some particular IP's the same site is opening for bypassed IP's but remaining IP's are blocked as above Mod-Security.

Should be fixed in pkg v0.22, pullrequest send. https://github.com/pfsense/pfsense-packages/pull/834 will probably be committed and be on the package repository in a day or so.

I think you have misunderstood me. I did not just stop filter that hostname. It simply stopped filtering anything.

2.2-RELEASE (i386)
built on Thu Jan 22 14:04:25 CST 2015
FreeBSD 10.1-RELEASE-p4

Intel(R) Core(TM)2 Duo CPU E4500 @ 2.20GHz
2 CPUs: 1 package(s) x 2 core(s)

Install pkgs: squid3 (Transparent HTTP proxy enable, c-icap&clamd disable), corn, sarg

log:
Mar 16 00:00:13 squid[88317]: Squid Parent: (squid-1) process 92076 started
Mar 16 00:00:12 php: swapstate_check.php: Squid cache and/or swap.state exceeded size limits. Removing and rotating. File was 3891776 bytes, 0% of total disk space.
Mar 16 00:00:12 squid[86533]: Squid Parent: (squid-1) process 86945 exited with status 0
Mar 16 00:00:10 squid[88317]: Squid Parent: (squid-1) process 87786 exited with status 1
Mar 16 00:00:10 (squid-1): Failed to verify one of the swap directories, Check cache.log for details. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time.
Mar 16 00:00:10 squid[88317]: Squid Parent: (squid-1) process 87786 started
Mar 16 00:00:07 squid[88317]: Squid Parent: (squid-1) process 87478 exited with status 1
Mar 16 00:00:07 (squid-1): Failed to verify one of the swap directories, Check cache.log for details. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time.
Mar 16 00:00:06 squid[88317]: Squid Parent: (squid-1) process 87478 started
Mar 16 00:00:05 squid[86533]: Squid Parent: (squid-1) process 86945 started
Mar 16 00:00:05 squid[86533]: Squid Parent: will start 1 kids
Mar 16 00:00:05 php: swapstate_check.php: The command '/usr/pbi/squid-i386/sbin/squid -k kill -f /usr/pbi/squid-i386/local/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: Could not send signal 9 to process 13758: (3) No such process'
Mar 16 00:00:03 squid[88317]: Squid Parent: (squid-1) process 80899 exited with status 1
Mar 16 00:00:03 (squid-1): Failed to verify one of the swap directories, Check cache.log for details. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time.
Mar 16 00:00:03 squid[88317]: Squid Parent: (squid-1) process 80899 started
Mar 16 00:00:00 kernel: pid 13758 (squid), uid 62: exited on signal 6
Mar 16 00:00:00 php: swapstate_check.php: Creating squid cache subdirs in /var/squid/cache
Mar 16 00:00:00 php: sarg.php: Sarg: force refresh now with -d date +%d/%m/%Y-date +%d/%m/%Y args, compress(on) and none action after sarg finish.
Mar 16 00:00:00 php: swapstate_check.php: Creating Squid cache dir /var/squid/cache
Mar 16 00:00:00 php: sarg.php: Sarg: force refresh now with -d date +%d/%m/%Y-date +%d/%m/%Y args, compress(on) and none action after sarg finish.
Mar 15 23:00:00 php: sarg.php: Sarg: force refresh now with -d date +%d/%m/%Y-date +%d/%m/%Y args, compress(on) and none action after sarg finish.
Mar 15 22:00:00 php: sarg.php: Sarg: force refresh now with -d date +%d/%m/%Y-date +%d/%m/%Y args, compress(on) and none action after sarg finish.
Mar 15 21:00:00 php: sarg.php: Sarg: force refresh now with -d date +%d/%m/%Y-date +%d/%m/%Y args, compress(on) and none action after sarg finish.
Mar 15 20:00:00 php: sarg.php: Sarg: force refresh now with -d date +%d/%m/%Y-date +%d/%m/%Y args, compress(on) and none action after sarg finish.
Mar 15 19:29:41 kernel: arp: xxx.xx.xx.1 moved from 00:17:10:89:12:60 to 00:17:10:89:10:20 on em2
Mar 15 19:29:38 kernel: arp: xxx.xx.xx.1 moved from 00:17:10:89:10:20 to 00:17:10:89:12:60 on em2
Mar 15 19:29:34 kernel: arp: xxx.xx.xx.1 moved from 00:17:10:89:12:60 to 00:17:10:89:10:20 on em2
Mar 15 19:29:31 kernel: arp: xxx.xx.xx.1 moved from 00:17:10:89:12:60 to 00:17:10:89:10:20 on em2
Mar 15 19:00:00 php: sarg.php: Sarg: force refresh now with -d date +%d/%m/%Y-date +%d/%m/%Y args, compress(on) and none action after sarg finish.
Mar 15 18:00:00 php: sarg.php: Sarg: force refresh now with -d date +%d/%m/%Y-date +%d/%m/%Y args, compress(on) and none action after sarg finish.