How is your traffic forwarded to Barracuda Cloud Content Filtering ? Please post your squid.conf here

@aGeekHere: https://forum.pfsense.org/index.php?topic=112335.0 thanks a lot! this consumed me so much time without realizing it is nothing from end. Thanks again!

It will only block what you have told it to block. What you might find surprising is that when you go to a site like stackoverflow.com it most likely includes third-party libraries or content from Google, like analytics, and some of that might come from app.google.com. So you get redirected because the browser tried to load content from a site you told it to block. Enable logging in squidGuard and on the ACLs/Categories then check the squidGuard logs. You'll see exactly what triggered it. It's also possible that things not blocked are using HTTPS and you didn't configure it to catch HTTPS (e.g. didn't enable HTTPS interception / splice all properly)

Read the post above!

@doktornotor: @marcelloc: Didi you tried to do not select the loopback interface on squid transparent mode GUI config? That's not even available for obvious reasons. https://github.com/pfsense/FreeBSD-ports/blob/devel/www/pfSense-pkg-squid/files/usr/local/pkg/squid.xml#L263 Plus, the firewall rules have been redone with https://github.com/pfsense/FreeBSD-ports/pull/305 People just should not necropost. i tried and still didn't work , many thanks for your help

TQ DUDE…SOVLE MY PROB...HEHHEHE

No. There is no way to do that. It can only exit via the WAN with the firewall's default gateway.

Ok thanks for your reply! But for me it is not clear which part of configuration i have to add in the custom field. Is it enough to insert the following lines: acl networkx src 172.16.0.0/16 ssl_bump splice network 1 ssl_bump bump all Or is it necessary to insert something like "ssl_bump splice whitelist" somewhere between? (to get default behaviour) Thanks!

You'd be a whole lot better off testing the unofficial E2G package: https://forum.pfsense.org/index.php?topic=128116.0

Hello, many thanks for your reply. With snort service up and Squid down everything was fine. So I was sure the problem was with Squid and some setting. During the week end i found the problem and I report the solution for any newbie like me. The problem was in SquidGuard and the standard categories: you have four option per each category, -, allow, deny, whitelist. I configured all categories with deny or allow. For categories for which you are not interested if you put the - option and populate with deny only the ones you want to block, then everything works fine. I'm still missing the reason and as a newbie it is still not very clear to me the difference between the - option and the allow. In other professional appliances, you must put the option allow or by default it is intended as blocked. As general experience after installing pfsense, what I miss is a comprehensive manual where all options are described and related effects are listed. For the rest, this firewall is great and has nothing less than several professional appliances.

Já encontrei o problema. Como eu estava com certificado instalado vi que a opção correta é Splice Whitelist, Bump Otherwise. Estava setado com Splice ALL. Thanks –---------------------------------- I already found the problem. As I was with certificate installed so a correct option is a white list of splice, otherwise bump. It was set with Splice ALL. thank you

Same issue, the squidguard service just won't start.

Interested in what you were trying here, as I'm looking into something similar. What was your embedded hardware? I'm assuming without large amounts of ramdisk this was a non starter? Or were you using some other disk for the cache?

I found that adding apple.com icloud.com mzstatic.com to the whitelist at Services>Squid Proxy Server>ACLs seems to work for me (in addition to the FAQ from diladele from sichent above, if you are using the Diladele Web Safety.)

Hello, we have the same probleme –> If squid is not transparent it works fine, as soon as i try to use squid in transparent mode, it strips out http. …after i´m upgrade the pfSense to 2.3.3 and update the package Squid package to 0.4.36_2. Same system and pkg versions like olivierofava. @doktornotor Sorry, but behind the link there is nothing. Do NOT multipost. https://forum.pfsense.org/index.php?topic=127998.0 I remember that we have the problem in the past. I think it was this problem: https://redmine.pfsense.org/issues/5869 Feels like the same… Best Regards Jesse