Hi. I had the same problem and found solution. So go to “Diagnostics->Command Prompt“. Type the command below on “Execute Shell command” and click ‘Execute‘. pw useradd clamav -G wheel Type again the command below on “Execute Shell command” and click ‘Execute‘. pw usermod clamav -G wheel Now try to install squid again.  ;)

Thank you for testing it. Can anyone else also try it please. Accessing https://workshop.olacabs.com  with SSL bump in transparent mode. Thank you Ashima

Yes i follow the instruction but still not working..yes im using squidguard

1.  Yes, with the help of squidguard. 2.  Yes, but make sure you run IIS in HTTP mode, not HTTPS.  WPAD directions for pfSense. 3.  Not that I am aware of. 4.  Never had this happen to me, but in squid's config options you need to check Disable VIA Header and set the X-Forwarded Header Mode to delete.  Without these changes, you are literally announcing to the world that you are proxied.

You seem to be using Firefox to test HTTPS filtering; please not FF does not use the system certificate storage as you indicated in your screenshot - you need to add trusted root certificate to FF own storage. See https://docs.diladele.com/administrator_guide_4_8/https_filtering/install_certificates/win_ff.html

same my issue for version 2.3.2 cannot get data 403 forbidden

hi try this DiagnosticsCommand PromptExecute Shell Command –> pkg update -f after install squid

You need clients certs for running squid in transparent mode.  When running in explicit mode, you only need to configure WPAD to allow most clients to auto-discover the proxy by themselves.

Sarg no longer exists so Lightsquid is your only built-in option.  You could also export your access.log and process it through any number of other log parsers.

@KOM: Are you sure this is what's happening?  Squid, when running on transparent mode, will intercept all TCP 80/443 traffic and that's it.  Inter-LAN traffic doesn't even hit the firewall unless it's travelling between different interfaces.  I've been running squid & lightsquid for literally years now, and I've never seen anything like what you describe.  What are you looking at that makes you assume squid is even involved here? My squid is not on transparent mode, I've run a group policy management to distribute proxies into the domain devices. Well if that has any effect on the monitor then it seems that we have a major problem. If not, well I guess C0RR0SIVE might be right, I need to re-check my network schema.

Thanks!

No specific advice other than to upgrade your pfSense to current, which has newer version of squid plus bugfixes and security patches.

Thanks for all your answers. I have a better understanding now and see your suggestions as the best solution.

Thanks for your reply, Ashime. As soon as I made the pfSense webgui available over http instead of https, the issue was gone… To me that's a pfSense error, but anyway, things work alright now.