i have apply the modification, i will see today  if there are any changes (i have meet the problem not with the portail 365 but the outlook 201x) an other question when we use splice whitelist bump otherwise, (squidguard will not work ??), so we should enter the domains that we will allow in acls whitelist ?? just that ?? the target categories of squidguard also no ?? Thanks

Create Aliases Called add WindowsUpdate and the following list for the networking group 157.54.0.0/15 157.56.0.0/14 157.60.0.0/16 65.52.0.0/14 70.37.0.0/17 70.37.128.0/18 207.46.0.0/16 131.107.0.0/16 66.119.144.0/20 23.96.0.0/13 204.79.195.0/24 204.79.196.0/23 208.76.44.0/22 208.68.136.0/21 216.220.208.0/20 209.240.192.0/19 204.14.180.0/22 206.191.224.0/19 192.92.90.0/24 208.84.0.0/21 104.40.0.0/13 192.197.157.0/24 204.231.192.0/24 104.208.0.0/13 129.75.0.0/16 204.79.179.0/24 64.4.0.0/18 167.220.0.0/17 167.220.128.0/18 167.220.192.0/19 192.92.214.0/24 207.68.128.0/18 13.64.0.0/11 13.96.0.0/13 13.104.0.0/14 146.147.0.0/16 52.145.0.0/16 52.146.0.0/15 52.148.0.0/14 52.152.0.0/13 52.160.0.0/11 52.224.0.0/11 52.96.0.0/12 52.112.0.0/14 52.120.0.0/14 52.125.0.0/16 52.126.0.0/15 52.130.0.0/15 52.132.0.0/14 52.136.0.0/13 138.196.0.0/16 150.171.0.0/16 40.74.0.0/15 40.76.0.0/14 40.80.0.0/12 40.96.0.0/12 40.112.0.0/13 40.120.0.0/14 40.124.0.0/16 40.125.0.0/17 40.64.0.0/13 40.126.128.0/17 40.127.0.0/16 40.126.0.0/18 204.13.120.0/21 204.152.18.0/23 Then you go to Services –-> Squid Proxy Server ----> Bypass Proxy for These Destination IPs Enter the created aliase called WindowsUpdate And this way it fixes all the updates for Windows with Transparent Proxy

@ozbob: After updating to pfsense 2.3.3 lost squid ntlm integration I installed with a samba script Shit like installing Samba on the firewall is NOT supported. ::) ::) ::)

What kind of states are there? On wan or lan side? Having a acl or not should have no effect to the number of states.. Are you using transparent-Client-Ip on the backend? To get rid of states you could possibly make some stateless floating rules, then pfsense wont track states anymore. Make sure to allow both ways and all types of flags..

False positives need to be reported to signatures maintainer, not here

When I try to request a certificate, I get an error. The manual call of the URL supplies a service unavailable. http://aaa.bbb.com/.well-known/acme-challenge/key [123.123.123.123]: 503 I think the ACME-Backend works not as expected. How can I configure the firewall/HAProxy to listen on port 8080 for serving the files ACME wants to see?

You may look at the package Service Watchdog also for restarting stopped services.

If you are using this broken thing, then kindly fix the permissions are noted in the readme.

Thanks for testing. https://github.com/pfsense/FreeBSD-ports/pull/333

Scripts https://sourceforge.net/projects/sgupdate/?source=typ_redirect https://steelmon.wordpress.com/2010/12/09/setting-up-a-blacklist-proxy-with-automatic-updates-using-squid-and-squidguard/ Check the directories in some of these scripts to ensure they match your pfSense directories.

I like your sarcasm. However, I was hoping I could get some help from an experienced board member here. BSD people are usually friendly and helpful (unless you mention Linux or Microsoft to them). I know a few.

Hi there, I guess my solution is not working anymore, because basically the content of the file changed completely. I will look if can post a new solution here. cu.

Hi! In frontend under advanced config add this to Advanced pass thru: redirect scheme https if { hdr(Host) -i host.domain.com } !{ ssl_fc } That should do it…