• Cannot delete or update squid package

    2
    0 Votes
    2 Posts
    979 Views
    N
    Okay, a reboot fixed this issue but I think a reboot should be the last opinion. Regards
  • New to Squid so have questions

    2
    0 Votes
    2 Posts
    683 Views
    C
    Yes, it is possible. BUT you cannot use transparent proxy and authenticated (password protected) proxy at the same time.
  • Password Length! HELP!!!

    2
    0 Votes
    2 Posts
    715 Views
    jimpJ
    Squid's basic auth is crap. It's based on crypt and cannot use any password over 8 characters long. In prior versions the password was silently truncated and accepted, now it's rejected, which is more correct.
  • [off-topic] [solved] Google Chrome not using proxy settings

    2
    0 Votes
    2 Posts
    793 Views
    C
    Nevermind, I solved the problem. Since my company uses Google Apps for work, there was a "cloud" policy under Google Admin Center which sent the proxy to all linked accounts on Chrome. The policy was explicit set to connect directly to the internet. That´s why the "change proxy" button was even grayed out.
  • Squid +squidGuard not authenticating any user with AD

    3
    0 Votes
    3 Posts
    1k Views
    C
    post your LDAP settings and filter criteria please
  • Squid performance on pfSense 2.3

    2
    0 Votes
    2 Posts
    2k Views
    P
    @monkeyx: Hi, The settings below were copied from a forum post, that I used to help improve performance of squid on pfSense 2.2. Could anyone advise if these settings are still needed on 2.3? add this to the /boot/loader.conf kern.ipc.nmbclusters=32768 kern.maxfiles=65536 kern.maxfilesperproc=32768 net.inet.ip.portrange.last=65535 or just delete it and replace with autoboot_delay="1" #kern.ipc.nmbclusters="0" hint.apic.0.disabled=1 kern.hz=100 #for squid kern.ipc.nmbclusters="32768" kern.maxfiles="65536" kern.maxfilesperproc="32768" net.inet.ip.portrange.last="65535" you might ask why squid is so slow? its because default configuration of pfsense is router not as a server thats why kern.ipc.nmbclusters="0" <- is set to zero. if you just simply remove this squid will be just fine. but to tune the squid i add this kern.ipc.nmbclusters: 32768 kern.maxfiles=65536 kern.maxfilesperproc=32768 net.inet.ip.portrange.last: 65535 I believe kern.ipc.nmbclusters is the only /boot/loader.conf.local variable you need to set. All of the other settings are managed by pfSense/FreeBSD and are bigger than the values recommended for pfSense 2.2 and earlier: [2.3.2-DEVELOPMENT][root@pfSense.lan]/root/scripts: sysctl net.inet.ip.portrange.last net.inet.ip.portrange.last: 65535 [2.3.2-DEVELOPMENT][root@pfSense.lan]/root/scripts: sysctl kern.maxfilesperproc kern.maxfilesperproc: 232389 [2.3.2-DEVELOPMENT][root@pfSense.lan]/root/scripts: sysctl kern.maxfiles kern.maxfiles: 258216 [2.3.2-DEVELOPMENT][root@pfSense.lan]/root/scripts: sysctl kern.ipc.nmbclusters kern.ipc.nmbclusters: 1000000 [2.3.2-DEVELOPMENT][root@pfSense.lan]/root/scripts:
  • 0 Votes
    3 Posts
    925 Views
    jimpJ
    No, you cannot have authentication active in squid while also having transparent mode active. There may be some other way to reach the same goal, however, it wouldn't involve strictly using pfSense (e.g. second proxy box you could manually configure with auth, or maybe 802.1x auth to drop into another VLAN, etc)
  • 2.3.1 squid transparent proxy with external clamd

    1
    0 Votes
    1 Posts
    580 Views
    No one has replied
  • SquidGuard Problem.

    1
    0 Votes
    1 Posts
    503 Views
    No one has replied
  • NEED HELP ABOUT SQUIDGUARD AND SQUID

    3
    0 Votes
    3 Posts
    892 Views
    J
    yes i did.. anyways thanks for the help i already fixed the problem CHEERS!
  • Haproxy with OpenVPN

    12
    0 Votes
    12 Posts
    11k Views
    S
    It is hard to keep in mind all nuances in all threads :D I never had to use that guide, but as I can see - this exactly what you need, working OVPN as one of backends and X-Forwarded for web requests.
  • Squid bypass. What am I doing wrong ?

    2
    0 Votes
    2 Posts
    814 Views
    A
    You are using a domain name instead on an IP.
  • Squid Reverse Proxy and VIPs

    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • Basic Squid configuration problem….

    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • Pfsense vlans and transparent proxy

    3
    0 Votes
    3 Posts
    2k Views
    C
    as I remeber filtering was working. I had lan interface aitting in default vlan while other interfaces in different vlans an different subnet, requests from that subnets was filtered but not badwidth. bandwidth was my problem. squid was listening to lan interface in default vlan. forget to mention that on lan interface was tagged other vlans not to other physical interfaces.
  • CAN'T INSTALL ANY PACKAGES IN PFSENSE 2.3.1

    2
    0 Votes
    2 Posts
    839 Views
    E
    I have the same problem, the server have internet conection and the time its ok, but i can't install anything help pls.
  • [CONFUSED] Squid Proxy + Filter + Alias blocking?

    3
    0 Votes
    3 Posts
    1k Views
    V
    Yes, Facebook has multiple IPs and FQDN. If I use the Firewall Alias option I can just load up the Alias (facebook.com fb.com www.facebook.com www.fb.com). The alias blocks fine. I have not tried to keep cycling the service. I was taking for granted the 'Apply' under Squid Filter was refreshing the config and clearing the cache. Does any one know for sure?
  • Two squid and one balancer [ SOLUTION ]

    1
    0 Votes
    1 Posts
    496 Views
    No one has replied
  • [Help] pfsense2.3.1+squid+squidGuard, How do access https://abc.com:7001

    4
    0 Votes
    4 Posts
    1k Views
    A
    @KOM: You should probably post your question in the forum for your native language, if it exists, because your questions don't make much sense.  You would access those web resources using their URLs just as you have put them.  Squid isn't going to intercept anything on port 7001 without you adding an ACL to Squid's Custom ACLS section.  To intercept HTTPS on transparent proxy, you need to enable Man in the Middle SSL filtering and install pfSense certificate son every client. KOM, Thank you very much, you solved my problem!
  • Bug/Wrong description by squid settings

    2
    0 Votes
    2 Posts
    740 Views
    R
    Can someone confirm the problem or is it just me?
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.