• Squid Bug 4940 opened in 2019 patched

    2
    0 Votes
    2 Posts
    406 Views
    JonathanLeeJ

    Maybe Squid and Snort can stay as holiday packages 📦 😉😉

  • 1 Votes
    4 Posts
    638 Views
    M

    My ticket was finally rejected because Squid will be removed in the next major version: https://www.netgate.com/blog/deprecation-of-squid-add-on-package-for-pfsense-software

  • 4 Votes
    4 Posts
    2k Views
    H

    Thank you very much. Works fine.

  • Squid/LightSquid/SquidGuard alternatives

    18
    0 Votes
    18 Posts
    9k Views
    JonathanLeeJ

    I use PfSense Plus so I can't test it

  • Connection problems to upstream proxies after squid package upgrade

    4
    0 Votes
    4 Posts
    2k Views
    B

    Ensure that the upstream Squid proxies (xxx.xxx.243.53 and xxx.xxx.243.54) are reachable and responsive. You can test this using tools like telnet or nc from the Netgate firewall. Double-check your Squid configuration settings to make sure there are no typos or misconfigurations. Pay close attention to the upstream proxy settings. Ensure that the version of Squid you are using (5.4.1) is compatible with your current environment and the other proxies. And remember, you can buy proxies quickly, but it's important to find a company you trust. Check the release notes for any known issues or updates related to your configuration. If the issue started after upgrading Squid, you might consider downgrading to a previous version that was stable in your environment. You can check the Squid release history and choose a version that was working well for you. Verify that there are no firewall rules blocking the Squid proxy from establishing connections to the upstream proxies. This includes both the Netgate firewall rules and any external firewalls.

  • Domain whitelist/blacklist per-VLANs

    4
    0 Votes
    4 Posts
    489 Views
    T

    @CZvacko @michmoor : Thank you for your answers.

    I have just seen the deprecation notice: https://www.netgate.com/blog/deprecation-of-squid-add-on-package-for-pfsense-software.

    (And this is sad because out-of-the-box Squid support was 50% of the reason why I bought the Netgate 6100).

  • Squid transparent on one interface and non-transparent on second

    1
    0 Votes
    1 Posts
    157 Views
    No one has replied
  • HAProxy multiple subdomains

    9
    0 Votes
    9 Posts
    1k Views
    I

    @viragomann Thank you!

    I've got it working. I had 2 problems:

    From what I have read, duckdns shares the txt file for let's encrypt on all your subdomains, that is the reason why the second SSL certificate Issue never completed. I have created another subdomain (in one custom domain), created the certificate and selecting it in Additional Certificates everything worked.

    Thanks again

  • problem with whatsapp and squid proxy server

    13
    0 Votes
    13 Posts
    3k Views
    N

    @vlurk
    I tried to do this but the result was the same and I started to have more problems on my network with other devices, so I decided to leave squid in transparent mode for http and uninstall squidguard, and in squid I did not activate ssl; For https filtering I do it with pfblockerNG which updates with thousands of blacklists and the update is done with the period of time I want. Therefore, if you are not going to perform an exhaustive analysis of the certificate, I recommend this scenario.

  • pf2ad updated to 2.7.1 compatibility

    1
    1 Votes
    1 Posts
    358 Views
    No one has replied
  • Squid PROXY TRANSPARENTE - HTTPS - ERRO NO CERTIFICADO

    2
    0 Votes
    2 Posts
    394 Views
    G

    @hyanviana SSL/MITM Mode use Splice All

  • squid + squidguard + captive portal issue

    11
    0 Votes
    11 Posts
    1k Views
    H

    @Gertjan yes i just saw that.. Well i'll look for an alternative then

  • 0 Votes
    7 Posts
    838 Views
    JonathanLeeJ

    @johnpoz side note I finally found my invasive container it's on my 2019 Motorola g-power the thing is registering all sorts of Snort open AppID items I am not using, everything else on my network is matched to app use. It even saw Opera browser I don't even use that, alongside Snapchat, LinkedIn on and on even a bunch of Stripe payment service, and endless Skype. It was the smartphone.

  • Squid future questions

    16
    1 Votes
    16 Posts
    1k Views
    JonathanLeeJ

    Looks like Squid's website just released version 6.5 on Nov 4th 2023

    That was 10 days ago. . .

    Screenshot 2023-11-14 at 4.29.12 PM.png

    I am confused as it was said it was not updated in 2 years. . .
    Screenshot 2023-11-14 at 4.34.47 PM.png
    Was updated again Nov 6 2023

    Also many security issues have been resolved per the GitHub.

    Screenshot 2023-11-14 at 4.31.04 PM.png

    I am thinking install it on a raspberry pi 5 8gb and NAT to it from the firewall

  • issue with backend on HAPROXY

    4
    0 Votes
    4 Posts
    945 Views
    M

    This seems to be working now/resolved.

    I bounced the whole firewall and my (pihole) dns servers and came back to it 30 minutes later and now it is working.

    I don't understand what bouncing the pihole servers, or the full firewall ( given I previously bounced the dns resolver / haproxy services) might have done but with the haproxy backend happy, everything is now working.

    hopefully this helps the next guy :)

  • Client certificate check fails

    1
    0 Votes
    1 Posts
    251 Views
    No one has replied
  • HAProxy Client Certificate authentication stops working after a while

    3
    0 Votes
    3 Posts
    636 Views
    S

    Still noone?

  • HAProxy local syslog not working

    4
    3 Votes
    4 Posts
    1k Views
    V

    Nice!

    I forgot to link to the issue ticket: https://redmine.pfsense.org/issues/14764

  • Infamous /409 issue

    25
    0 Votes
    25 Posts
    2k Views
    JonathanLeeJ

    What is the next official Netgate product that will continue to support a proxy with SSL intercept that can be purchased? Now that this is being twightlighted?

    What version should I upgrade too for proxy cacheing abilities? I have a SG-2100 currently. Should users move to Palo Alto?

  • Rewrites use with WPAD

    1
    0 Votes
    1 Posts
    248 Views
    No one has replied
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.