**.**windowsupdate.com P.S. Google the difference between URL and domain.

Good question! Ive been looking at HAProxy and reading some instructions I would like to find the same example for  Squid Reverse proxy!

;D Thanks will do so!

@reza3sw: Hello HTTP/1.1 400 Bad Request Server: squid Mime-Version: 1.0 Date: Fri, 08 Sep 2017 21:19:17 GMT Content-Type: text/html;charset=utf-8 Content-Length: 3948 X-Squid-Error: ERR_INVALID_REQ 0 Vary: Accept-Language Content-Language: en X-Cache: MISS from pfsense X-Cache-Lookup: NONE from pfsense:3128 Via: 1.1 pfsense (squid) Connection: close Why does this error message occur in Windows and mobile apps? When I enable ssl filttering in squid? And some apps do not connect to the Internet on Windows and on Android. But it is connected to the Internet browser. Hello to all friends My problem with the IP Telegram and (as well as the programs that have this problem) was solved in Bypass squid In this way, IPs that come in bypass pass through the web proxy

Do NOT multipost. https://forum.pfsense.org/index.php?topic=136383.0

@venom3: do you have a custom whiltelist setup? are the services running? As venom 3 said, yo need at least one custom category defined in "Target categories" with at least one domain, url or regular expression. May I suggest a "White_list" category, where you put the addresses you want to be accessed without any trouble (like google or similar)? Good luck!

Do you have enabled the Squid Log?

Hi!, seems that maybe yo have missconfigured something in the ACL. A pair of questions: ¿Are you using Explicit or transparent proxy? ¿Are you using a blacklist file (like shallalist.de) in squidguard? in case of yes, please indicate which. ¿Did you create a custom category? (the blacklist needs at least one custom category in "Target Categories") If you could attach a screenshot of your "Common ACL" Target categories section, it would be very helpful. Greetings!

Simply upgrade your pfSense and don't use outdated buggy versions.

Hi, installed SquidGuard again, it seems that it had preserved all my settings including the dummytarget … and its also not starting at the moment. Then i was searching the complete WebGUI inside the SquidGurad for the E2Guardian Options and what maybe could setup in there, but unfortunaly found nothing. Then i googled for E2Guardian. Ok, it seems to be a completely other thing ... instead of using SquidGuard  ;D ... which i can't install over the package manager. HiHi. I completely misunderstood ... never hadn't heard before about E2Guardian, sorry ... lol. So you mean it would better to let SquidGuard simply SquidGuard, not use it and have a look to E2Guardian, if its available as a package?! Then I'm deinstalling SquidGuard again and have a look, time to time, if E2Guardian is available in the future. Thx for the hint.

now lmiter is working protcol https I have found a temporary solution to this problem but it is not clean by using nat requests from port 443 to port 3129 and using rule limter nat proxcy 127.0.0.1 3129 but i want developers to fix this problem to make clean work im using pfsense 2.4 include vmawer esxi 6 [image: jjj.jpg] [image: jjj.jpg_thumb]

Chrome is using system proxy settings. If misconfigured, it won't of course use any proxy at all. Also, if bypassing proxy is such a huge issue, you should either use transparent proxy, or block direct access via firewall.

@doktornotor: @vielfede: Sorry Dok, Maybe I missed something… although i read every squid manual in this forum... but... I do not understand, how can I filter sites without SG? Could you exlpain briefly please? Well, it's briefly explained in the Squid GUI when you click the i next to SSL/MITM Mode. Sorry again… I'm quite confused... but I understand SG is needed in Splice All… Splice All: This configuration is suitable if you want to use the SquidGuard package for web filtering. All destinations will be spliced. SquidGuard can do its job of denying or allowing destinations according its rules, as it does with HTTP. You do not need to install the CA certificate configured below on clients. Content filtering (such as Antivirus) will not be available for SSL sites.

@doktornotor: Well I don't get the question really… that's the whole purpose of the feature. If you don't want it, do NOT make the proxy transparent (or whitelist stuff that's not supposed to get proxied). Again thanks for the guidance But to control some sites, I need to enable this option, and on the other hand, I have the problem

Unsupported hack: https://forum.pfsense.org/index.php?topic=121387.msg670943#msg670943

Well it simply never worked in pfSense, no idea whether it ever worked in FreeBSD but the 7+ years old hints about rdr don't produce any working result for anyone who tried.