Go to console, run a shell and run:

tar xv -C / -f /usr/local/share/pfSense/base.txz ./usr/bin/install

From my view point, Nginx is a better choice mainly because it is both faster and lighter than Apache.
You will easily find plenty of HowTo e.g. this one.

Thanks cmb,

Now its working.

@mepstein:

Hi,
In Squid 3.5, ssl_bump server-first all is deprecated and can't be used (at last in transparent mode) for sni sites. This must be fixed by the pfsense developments.

Insert the following code in Custom ACLS (Before Auth) and test navigating to this site: https://sni.velox.ch/

acl step1 at_step SslBump1 ssl_bump peek step1 ssl_bump bump all

For me, this is working very well with gmail.com and other sites using sni.

thank you so much mepstein. this solved it nicely.

Thanks hollister, problem is resolved.

Yes - thank-you. I was just about to begin directory diving. I would have moved the 'install' from my pfSense appliance. This saved me a lot of work. Lots of good info here. I am very glad to know more about the tarball.

I can confirm that the workaround works great. Without any errors.

That's the issue here.
https://redmine.pfsense.org/issues/6643

To work around it, run:

tar xv -C / -f /usr/local/share/pfSense/base.txz ./usr/bin/install

see here: http://www.itnotes.eu/?p=3218

I have a problem here too but it's blocking everything, no categories list anymore?

Hi Guys, already solved the problem.

1 - remove squid and squidguard (also remove manually all the files related to squid and squidguard)
2 - reinstall both package
3 - And just follow the tutorial at ( https://forum.pfsense.org/index.php?topic=73640.150)
4 - Its seem that the update of squidguard was affecting it performance
5 - Restart
6 - And ready to go

Zombie thread or not, this long-standing problem without a solution is crazy.

With squid == websites broken

Without squid == websites work

Apparently browsers don't mind having dropped connections or whatever else is going on.  Why does squid cause a greater failure than apparently the source error?

-Rob

Run:

pkg update -f

To update package lists.

Hello, see my topic: https://forum.pfsense.org/index.php?topic=115530.0

Solved for me:
I am not sure exactly how, but finally I got the squid with default config.
Several times in different sequence I made as follows:

remove all about squid from <installedpackages></installedpackages>section of configuration file and restore pfSense configuration from modified configuration file install squid with or without squidguard uninstall (check/uncheck checkbox "Keep Settings/Data") squid and squidguard enable and disable squid and squidguard reboot pfSense manually remove files squid from filesystem (including *.txz files) (not sure) restore configuration from unmodified pfSense configuration file (with squid settings in <installedpackages></installedpackages>section)

@aGeekHere:

For https you can use wpad.
Sites that have popup loops are normally bad sites which can be blocked by squidguard and a block list.
You can also enforce google safe search for all clients.

Not that simple, although this is the beginning of the right approach.

Explicit (meaning not transparent) proxy is mandatory otherwise HTTPS goes direct.
(one could intercept even HTTPS in addition to SSL-Bump… this is another approach but not that simple)

WPAD will, basic, get rid of the burden of manually configuring each and every device so this it relies on proxy. No more (not less)
Then, second step, proxy.pac content will tell browser when to use proxy (and which ones) or not.

Next step is proxy configuration:

blacklists at Squidguard level will prevent to access unwanted domains (including proxies, redirectors...  :P) and direct IP  ;D ;D page content can not obviously be controlled for HTTPS flow (unless you enable SSL-bump, AKA MITM) ad-removal is partially done with blacklist too

good!!
  +1