Working after putting the ip in the exception list. thanks for your support

"lightsquid.cfg "change at line 17:

wrong path "/usr/pbi/lightsquid-amd64/www/lightsquid/tpl""
right path: "/usr/local/www/lightsquid/tpl"

now everything is working.

It might be that some change to the packages was in the devel or RELENG_2_3 branch of the package repo but not RELENG_2_3_0. Probably not a huge deal, eventually we'll get that all synced back up, we're still working things over post-release though.

Hi, I think I found the solution, just add the port in 'ACL SSLPorts' in 'ACLs under Proxy Server : Access Control, for me it worked for port 8443 and 2087

@killmasta93:

its a plugin of firefox called web of trust

Oh, ok. I searched with google, but there is too much World of Tanks with such kind of search request :)

hmm…odd...try to reinstall squidguard and use winscp an search sgerror.php it has to use that php that what shows the error page OR get the error page find what php shows on the URL and search it using winscp

@PiBa:

Is the wan address used in the certificate CN or alternative names? I think the acl does not match the request you send. Which then means no backend is selected, and thus no server is available..

Simply removing the 'Add ACL for certificate CommonName (host header matches CN of certificate)' checkbox might make it work.

Well spotted my friend ! It was as simple as un-checking Add ACL for CN :)

You were right! Problem Solved

Thank you so much for your help.

Search for squid 3 ssl interception then, many threads out there already. You may be able to push a CA via GPO, but there is no way to get HTTPS without some client-side modification. That's the whole point of HTTPS, to prevent MITM attacks from breaking the chain of trust. You have to trust your own CA which then makes fake certs to break into the connections (to put it simply). It's a really bad practice.

Hi,

I had the same problem as yours.

I have one pfSense box as my firewall/gateway, and I have another pfSense box as a proxy/filter. Both are Hyper-V VMs.
The proxy box had only one WAN interface, and I did not manage to change the configuration in SquidGuard to take the IP of that interface instead of the localhost IP.
I solved the problem adding a private network between my Firewall pfs and the Proxy pfs. With both LAN and WAN, SquidGuard take the correct IP of my Proxy box.

BUMP anyone??

So i did a fresh install everything worked then all of sudden…stopped again not even sure what is going on....

Capture.PNG
Capture.PNG_thumb
Capture1.PNG
Capture1.PNG_thumb

Dont want to overpost here but I know this is an old post but not sure if this applies or if anyone had solved it

So i keep getting

UPGRADE WARNING: URL rewriter reponded with garbage ' 192.168.3.3/- - GET'. Future Squid will treat this as part of the URL.

where 192.168.3.3 is my IP but Not sure what the upgrade warning means? should be concern? or let it be? Im running transparent mode +WPAD so i leave the option rewrite to int blank page

and that annoying

pinger: initializing ICMP PINGER....