Thank you, I did this and it's the closest thing to working squid that I've seen yet. With these changes both lagado and chrome detect the proxy settings.
Unfortunately, squid (or at least squidguard) doesn't work.
If port 80 is open, then proxy files are transmitted, autoconfigure is completed and lagado and chrome report using the proxy settings. However, everything appears to be bypassing the proxy somehow? Apparently nginx is opening its listening port (nmap reports port 80 on my pfSense box opened by nginx) on my LAN, because with that configuration enabled, port 80 is opened, if I change the listen port, then that port is open (my rules block ports 80 and 443 except in a few specific circumstances). I still don't understand how this is allowing SSL (443 is closed, nginx didn't open it, and nmap doesn't report it opened) but not applying squidguard rules to SSL?
If I close port 80 after the proxy file has been downloaded, then it simply destroys the internet connection,
I tried forwarding all port 80/443 traffic to 127.0.0.1 on 3128 to force http&/s traffic to squid, but that didn't work either.
Any suggestions?
At this point I'd also be interested in a way to use shallalist on pfBlockerNG…. pfBNG does everything that I want from squid except shallalist, and it just works with no issues.