• Squid Usage

    2
    0 Votes
    2 Posts
    899 Views
    R
    Little bit more. I'd like squid to do this. http port 80 redirect to https 443 and serve up https pages.  On the backend I want to use simple http and squid do all the encrypting.
  • HTTPS Filtering, once and for all!

    13
    0 Votes
    13 Posts
    8k Views
    C
    Well… HTTP proxy can run in both explicit and transparent mode and this has nothing to do with SSL-Bump. These are 2 different aspects and the only relationship is when you want/need to deal with HTTPS in transparent mode or if you want/need to analyse HTTPS content. However, what needs to be understood is that from browser view point, proxy is either defined (whatever the way you define it) or not. If proxy is defined, then this is an explicit proxy. If not, this is transparent proxy. Which means that if proxy side, one can have both in parallel, client side (browser) you have only 3 choices with no overlap: explicit proxy no proxy -> with transparent proxy intercepting no proxy... without proxy  ;D If SSL-bump is configured (whatever proxy mode, explicit or transparent), trusting certificate generated to intercept HTTPS flow is mandatory to prevent warning messages. This often means to deploy, client side, CA public key to be trusted. Keep in mind we are only discussing technical aspects here, not all the legal aspects with HTTPS flow being broken and intercepted. While designing your proxy, you have to determine whether your goal is to filter access (e.g. prevent facebook access) which doesn't require any SSL-bump, even for HTTPS, but does require explicit proxy or if you need/want to intercept HTTPS, which means SSL-Bump thus certificate.
  • Reduce squidGuard Load Times

    4
    0 Votes
    4 Posts
    4k Views
    KOMK
    Yeah I have no idea about that, sorry.
  • Cisco asa + squid + wccp

    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • How to disable SSL filtering in transparent mode while SSL enable

    7
    0 Votes
    7 Posts
    2k Views
    K
    Exactly thats why I am posting this :). If you have a better solution then post it
  • Squid Guard Groups ACL bug

    1
    0 Votes
    1 Posts
    881 Views
    No one has replied
  • Connect squid squidguard and ssl_bump

    3
    0 Votes
    3 Posts
    2k Views
    A
    nice one sir :)
  • LightSquid report hard to believe

    1
    0 Votes
    1 Posts
    943 Views
    No one has replied
  • System: Group manager - Access Squid3 and SquidGuard

    1
    0 Votes
    1 Posts
    626 Views
    No one has replied
  • /var/squid/log

    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • 0 Votes
    5 Posts
    6k Views
    Kalle13K
    Ive found the solution for me.  ;D I simply reinstalled squid. Now its working properly. Cheers
  • Lightsquid report times out

    2
    0 Votes
    2 Posts
    2k Views
    C
    Okay, I discovered that the problem might be with the web browser I'm using. I can bring up the report in Firefox, but not at all in Safari. Turning off SSL doesn't make a difference. Trying in a new user and clearing all caches and history doesn't do the trick either.
  • WPAD Block Port 80 Rule is blocking all of my traffic

    31
    0 Votes
    31 Posts
    7k Views
    P
    Thank you, I did this and it's the closest thing to working squid that I've seen yet. With these changes both lagado and chrome detect the proxy settings. Unfortunately, squid (or at least squidguard) doesn't work. If port 80 is open, then proxy files are transmitted, autoconfigure is completed and lagado and chrome report using the proxy settings. However, everything appears to be bypassing the proxy somehow? Apparently nginx is opening its listening port (nmap reports port 80 on my pfSense box opened by nginx) on my LAN, because with that configuration enabled, port 80 is opened, if I change the listen port, then that port is open (my rules block ports 80 and 443 except in a few specific circumstances). I still don't understand how this is allowing SSL (443 is closed, nginx didn't open it, and nmap doesn't report it opened) but not applying squidguard rules to SSL? If I close port 80 after the proxy file has been downloaded, then it simply destroys the internet connection, I tried forwarding all port 80/443 traffic to 127.0.0.1 on 3128 to force http&/s traffic to squid, but that didn't work either. Any suggestions? At this point I'd also be interested in a way to use shallalist on pfBlockerNG…. pfBNG does everything that I want from squid except shallalist, and it just works with no issues.
  • Squid blocks images and video transfer via whatsapp

    2
    0 Votes
    2 Posts
    3k Views
    P
    Hi, Did you manage to solve this ? I'm facing the same problem, tried a couple of things but no luck so far …
  • Squidguard scheduled/automatic update for blacklists?

    6
    0 Votes
    6 Posts
    2k Views
    KOMK
    I agree that it could definitely be improved, but I wanted to make sure you weren't under some false notion about what pfSense is and isn't.
  • Squid + LightSquid = HTTPS filtering

    2
    0 Votes
    2 Posts
    2k Views
    A
    same problem. anyone?
  • Configuration for Squid + RADIUS in CARP environment?

    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • SQUID in Transparent Mode

    3
    0 Votes
    3 Posts
    1k Views
    A
    Hi Chris Thank you very much for your answer. What is Squid configuring in background if I enable transparent mode? Do I need to configure pfSense as follows, if I want, for example, forward traffic to port 5555 transparently to Squid? INSIDE Interface: Source of Traffic 192.168.10.10: IP Address of the interface on which Squid is listening 3128: Squid port Thank you asan ![Screen Shot 2016-08-23 at 19.50.52.png](/public/imported_attachments/1/Screen Shot 2016-08-23 at 19.50.52.png) ![Screen Shot 2016-08-23 at 19.50.52.png_thumb](/public/imported_attachments/1/Screen Shot 2016-08-23 at 19.50.52.png_thumb)
  • Lightsquid report

    1
    0 Votes
    1 Posts
    828 Views
    No one has replied
  • Reverse Proxy / Layer 7 Security

    2
    0 Votes
    2 Posts
    2k Views
    C
    Does anyone have a guide or tips on how to install mod_security on PFSense 2.3? Module is gone now and I suspect it is due to the change to nginx; there are builds f mod_security now for nginx so am wondering if anyone has tried using it for a reverse security proxy in latest pfsense? Thanks
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.