You need a program to look into the traffic - one possible solution is ICAP server - see https://docs.diladele.com/tutorials/filtering_https_traffic_squid_pfsense/index.html

LDAP/RADIUS should work with 0.4.26.

NT Domain auth is gone with 0.4.29.

ive updated packages to latest, reconfigured everything and jeeeh, now i get another error which i am not able to fix too:

1482081072.306      1 192.168.178.254 TAG_NONE/400 3795 NONE error:request-too-large - HIER_NONE/- text/html 1482081072.322    28 192.168.178.254 TCP_MISS/400 3858 GET http://blabla.myfritz.net:8080/ - HIER_DIRECT/192.168.178.253 text/html

in browser i get squid error page:

ERROR The requested URL could not be retrieved The following error was encountered while trying to retrieve the URL: error:request-too-large The request or reply is too large. ...

config:

http_port 192.168.178.253:8080 accel defaultsite=blabla.myfritz.net vhost cache_peer 10.10.55.10 parent 8080 0 proxy-only no-query no-digest originserver login=PASS name=rvp_pi_peer acl rvm_pi_uri url_regex -i ^http://blabla.myfritz.net:8080/.* cache_peer_access rvp_pi_peer allow rvm_pi_uri cache_peer_access rvp_pi_peer deny allsrc never_direct allow rvm_pi_uri http_access allow rvm_pi_uri

its very frustrating  :o

Up :)

Avoid the clone button.

https://redmine.pfsense.org/issues/6756
https://redmine.pfsense.org/issues/6511

Hi.

I had the same problem and found solution.

So go to “Diagnostics->Command Prompt“.

Type the command below on “Execute Shell command” and click ‘Execute‘.

pw useradd clamav -G wheel

Type again the command below on “Execute Shell command” and click ‘Execute‘.

pw usermod clamav -G wheel

Now try to install squid again.  ;)

Thank you for testing it. Can anyone else also try it please. Accessing https://workshop.olacabs.com  with SSL bump in transparent mode.

Thank you
Ashima

Yes i follow the instruction but still not working..yes im using squidguard

1.  Yes, with the help of squidguard.

2.  Yes, but make sure you run IIS in HTTP mode, not HTTPS.  WPAD directions for pfSense.

3.  Not that I am aware of.

4.  Never had this happen to me, but in squid's config options you need to check Disable VIA Header and set the X-Forwarded Header Mode to delete.  Without these changes, you are literally announcing to the world that you are proxied.

You seem to be using Firefox to test HTTPS filtering; please not FF does not use the system certificate storage as you indicated in your screenshot - you need to add trusted root certificate to FF own storage. See https://docs.diladele.com/administrator_guide_4_8/https_filtering/install_certificates/win_ff.html

same my issue for version 2.3.2

cannot get data 403 forbidden

hi try this

DiagnosticsCommand PromptExecute Shell Command –> pkg update -f

after install squid

You need clients certs for running squid in transparent mode.  When running in explicit mode, you only need to configure WPAD to allow most clients to auto-discover the proxy by themselves.

Sarg no longer exists so Lightsquid is your only built-in option.  You could also export your access.log and process it through any number of other log parsers.