• HAproxy + Acme package = 503 Error servers not available locally

    4
    0 Votes
    4 Posts
    4k Views
    P

    @interloper Do you have a guide on how you setup your google domain settings for your subdomains? I am trying to figure it out but having a hard time. Here is my open topic on this forum (https://forum.netgate.com/post/830593).

    Thanks

  • 0 Votes
    4 Posts
    884 Views
    N

    @johnpoz said in Squidguard Filter: Allow only certain IPs without disabling "Do not allow IP-Addresses in URL":

    x

    My exact problem is
    I want to block all web traffic without using domain names. But there's some chat apps in China use port 80 and ip address for communication. So, if I disallow "IP addresses in URL", that chat app fails to connect to servers.

  • WPAD doesn't work

    Moved
    11
    0 Votes
    11 Posts
    2k Views
    B

    @kom OK the problem comes from the DHCP. I didn't put the localdomain. Now it works. It was never mentioned in the guides I followed.

    Thanks for your help!!!

  • Sarg Could not find report index file

    9
    0 Votes
    9 Posts
    4k Views
    A

    @poenskop Para solucionar el error
    Could not find report index file. Check and save sarg settings and try to force sarg schedule.

    Lo que hice fue cambiar el directorio de salida del reporte de sarg en el archivo sarg.conf para que quedara de la siguiente manera:

    Output dir (-o) = /usr/local/www/html/

    después de esto en la consola crear un enlace simbólico hacia ese directorio

    ln -s /usr/local/www/html /usr/local/sarg-reports

    con esto se soluciono el problema ya pude ver el reporte y desapareció el mensaje

    Error: Could not find report index file. Check and save sarg settings and try to force sarg schedule.

  • How to use tcp_outgoing_address on different network?

    1
    0 Votes
    1 Posts
    190 Views
    No one has replied
  • HAProxy devel Multithreading

    2
    0 Votes
    2 Posts
    632 Views
    P

    @michaelschefczyk
    Recently (26-1-2019) haproxy itself removed the warning from their docs, the package on pfSense should get a little update to remove that warning as well..

    "It was mentioned when releasing 1.8 but early bugs have long been
    addressed"
    http://git.haproxy.org/?p=haproxy.git;a=commit;h=1f672a8162eda18c404c6784dd749b6e061e2e4d

    Afaik there are no issues anymore.. (Which in the early days used to included haproxy crashes and hangs spinning at 100% cpu usage of a core..)

  • ssl-min-ver directive in Haproxy shared frontends

    1
    0 Votes
    1 Posts
    607 Views
    No one has replied
  • Outgoing traffic: add URL parameter via squid reverse proxy?

    1
    0 Votes
    1 Posts
    209 Views
    No one has replied
  • Squid HTTPS Interception not working?

    6
    0 Votes
    6 Posts
    2k Views
    T

    @gertjan said in Squid HTTPS Interception not working?:

    For https port 3129 could be used I guess - example : https://www.microlinux.fr/squid-https-centos-7/ (Squid version 3.5).
    True, the official doc is hard to read.

    Well, in order to get this working, I have the SSL interception running on port 3129 and the main proxy on 3128.

    Pointing clients at 3129 for HTTPS results in no connectivity. However upon just telling clients to use 3128 for HTTP and HTTPS, I can see HTTPS Man in the middle working and the certificates are being issued by my CA as expected.

    This suggests that PfSense+Squid is doing some sort of redirection internally to 3129 for HTTPS, or the seperate port setting for HTTPS does nothing, and it just listens on 3128 full stop.

  • 0 Votes
    4 Posts
    1k Views
    P

    @jason0
    The HSTS cache can be a bit extra tricky to get rid of also.. Instructions for most browsers can be found though.

  • Windows 10 updates blocked by proxy (squid)?

    7
    0 Votes
    7 Posts
    2k Views
    J

    I think problem isn't with squid, rather with Windows 10 - system proxy settings doesn't enought, I don't know why. But with winhtt set proxy it works. Respect for your work, KOM and best regards.

  • Haproxy and HTTP basic auth via gui

    9
    0 Votes
    9 Posts
    6k Views
    P

    @itbrain
    Added the screenshots back..

  • Squid + Transparent + Bridge = Broken or Fixed?

    1
    0 Votes
    1 Posts
    200 Views
    No one has replied
  • Squid not caching web data

    3
    0 Votes
    3 Posts
    679 Views
    W

    Thanks KOM.

    Verified cache is working by going to https://www.google-analytics.com/analytics.js.

    Seeing TCP_MEM_HIT/200 when I go the javascript file hosted by Google.

  • HAproxy: ACL with weaker SSL-ciphers for one IP possible?

    1
    0 Votes
    1 Posts
    313 Views
    No one has replied
  • Issue with slow authentication on squid?

    3
    0 Votes
    3 Posts
    455 Views
    K

    thanks for the reply, i was checking the logs and your right something odd with the active directory but i ended up using the local authentication created all the users

  • Squid/Clamav: Wrong redirect URL

    7
    0 Votes
    7 Posts
    10k Views
    K

    @rggolbraich said in Squid/Clamav: Wrong redirect URL:

    I know its an old post but here is my solution to the same problem.

    Solution:
    when I installed pfSense with all packages I use, I gave it a domain name.
    After some while, i changed the domain name to my DC, somehow SquidClamAV keeps the old data so I get pointed to unavailable address.
    To fix this issue I edited 2 files: (Diagnostics - Edit File)
    /usr/local/etc/c-icap/squidclamav.conf
    /usr/local/etc/c-icap/squidclamav.conf.pfsense

    Why them both? because every time I edited the .conf file my settings get back to what it was. after changing them both pfSense kept the configuration and problem were fixed.

    Thanks for this. Two years later and still a bug.

  • Proxy Issue wpad?

    11
    0 Votes
    11 Posts
    2k Views
    KOMK

    Glad its working for you now.

  • 2.3 - Squid reinstallation fails

    Locked
    14
    0 Votes
    14 Posts
    6k Views
    ?

    @powerrc
    This worked for me.
    Thank you very much.

  • Quick Question about LDAP proxy

    1
    0 Votes
    1 Posts
    214 Views
    No one has replied
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.