This is for Lync but, it worked for skype too? I'm having issues with skype from december (2015) until now. My pfSense has squid3+Squidguard+Lightsquid on transparent mode+Man in the Middle(hor http & https filtering). I'm trying to bypass the Skype servers IP address and nets but, until now, I had no luck… "Unable to connect with Skype" shows when I open Skype. If I bypass from the proxy the IP of the PC where skype is running, Skype works without troubl; removed the bypass, the issue comes back. Any advise or tip (or cheatsheet) are welcome :D Thanks in advance.

@keelingj: I have Squid3 configured as a transparent web proxy (want to cache Windows and antivirus updates) and would like to optimize my settings.  Specs: Intel Atom C2758 8-core 32GB RAM 100GB Intel enterprise SSD I currently have 16GB of RAM and 30GB of SSD allocated to Squid.  However, my server's RAM usage is only 11% so I think the cache object sizes need to be tweaked.  Suggestions? If wsus is not an option then there exists windows offline updates installer or Downloader. Download them and run its instalation on machines.

in pf 2.2.6 i can`t by pass squid3 cache Hit in captive portal bandwit limiter

ClamAV is too heavy to be on a firewall IMO and puts an undue burden on all your network traffic.  Plus, I don't know how effective their signatures are as compared to the large anti-threat vendors.  Better to run client protection of some sort.

No.

hello, Im still having problem on this topic. :'( new pfsense installed and last version of squid3. 2.2.6+ 0.4.7

C'mon guys, gimmie a hint here :(

Hi, Still trying to understand why sarg does not report blocked sites, according to "sarg -xz" output block.log is empty but it is not. Thx for your help wc -l /var/squidGuard/log/block.log     502 /var/squidGuard/log/block.log 2016-01-05 17:08:44 [82855] Request(default/blk_blacklists_games/-) 1.gravatar.com:443 IP/- - CONNECT REDIRECT sarg -xz SARG: Init SARG: Loading configuration from /usr/local/etc/sarg/sarg.conf SARG: TAG: access_log /var/squid/logs/access.log SARG: TAG: graphs yes SARG: TAG: output_dir /usr/local/sarg-reports SARG: TAG: anonymous_output_files no SARG: TAG: resolve_ip yes SARG: Chaining IP resolving module "dns" SARG: TAG: user_ip no SARG: TAG: topuser_sort_field BYTES normal SARG: TAG: user_sort_field BYTES normal SARG: TAG: exclude_users /usr/pbi/sarg-amd64/etc/sarg/exclude_users.conf SARG: TAG: exclude_hosts /usr/pbi/sarg-amd64/etc/sarg/exclude_hosts.conf SARG: TAG: date_format e SARG: TAG: lastlog 0 SARG: TAG: remove_temp_files yes SARG: TAG: index yes SARG: TAG: index_tree file SARG: TAG: overwrite_report no SARG: TAG: use_comma yes SARG: TAG: exclude_codes /usr/pbi/sarg-amd64/etc/sarg/exclude_codes SARG: TAG: max_elapsed 0 SARG: TAG: report_type topusers topsites sites_users users_sites date_time denied auth_failures site_user_time_date downloads SARG: TAG: usertab none SARG: TAG: long_url no SARG: TAG: date_time_by bytes SARG: TAG: charset UTF-8 SARG: TAG: privacy no SARG: TAG: bytes_in_sites_users_report no SARG: TAG: topuser_num 0 SARG: TAG: dansguardian_conf SARG: TAG: squidguard_conf /usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard.conf SARG: TAG: redirector_log_format #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp#/#tmp#/#url#/#tmp# #ip#/#tmp# #user# #end# SARG: TAG: show_sarg_info no SARG: TAG: show_sarg_logo no SARG: TAG: displayed_values bytes SARG: TAG: authfail_report_limit 0 SARG: TAG: denied_report_limit 0 SARG: TAG: siteusers_report_limit 0 SARG: TAG: user_report_limit 0 SARG: TAG: squidguard_report_limit 0 SARG: TAG: www_document_root /usr/local/www SARG: TAG: ntlm_user_format domainname+username SARG: TAG: realtime_refresh_time 0 SARG: TAG: realtime_types GET,PUT,CONNECT SARG: TAG: realtime_unauthenticated_records show SARG: TAG: sorttable /sarg_sorttable.js SARG: TAG: hostalias /usr/pbi/sarg-amd64/etc/sarg/hostalias SARG: Loading exclude host file from: /usr/pbi/sarg-amd64/etc/sarg/exclude_hosts.conf SARG: Loading exclude file from: /usr/pbi/sarg-amd64/etc/sarg/exclude_users.conf SARG: Reading host alias file "/usr/pbi/sarg-amd64/etc/sarg/hostalias" SARG: List of host names to alias: SARG: Parameters: SARG:          Hostname or IP address (-a) = SARG:                    Useragent log (-b) = SARG:                    Exclude file (-c) = /usr/pbi/sarg-amd64/etc/sarg/exclude_hosts.conf SARG:                  Date from-until (-d) = SARG:    Email address to send reports (-e) = SARG:                      Config file (-f) = /usr/local/etc/sarg/sarg.conf SARG:                      Date format (-g) = Europe (dd/mm/yyyy) SARG:                        IP report (-i) = No SARG:            Keep temporary files (-k) = No SARG:                        Input log (-l) = /var/squid/logs/access.log SARG:              Resolve IP Address (-n) = Yes SARG:                      Output dir (-o) = /usr/local/sarg-reports/ SARG: Use Ip Address instead of userid (-p) = No SARG:                    Accessed site (-s) = SARG:                            Time (-t) = SARG:                            User (-u) = SARG:                    Temporary dir (-w) = /tmp/sarg SARG:                  Debug messages (-x) = Yes SARG:                Process messages (-z) = Yes SARG:  Previous reports to keep (--lastlog) = 0 SARG: SARG: sarg version: 2.3.9 Sep-21-2014 SARG: Reading access log file: /var/squid/logs/access.log SARG: Records in file: 2397, reading: 100.00% SARG:    Records read: 2397, written: 2397, excluded: 0 SARG: Squid log format SARG: (info) date=06/01/2016 SARG: (info) period=06 Jan 2016 SARG: Period: 06 Jan 2016 SARG: File /usr/local/sarg-reports/06Jan2016-06Jan2016 already exists, moved to /usr/local/sarg-reports/06Jan2016-06Jan2016.1 SARG: (info) outdirname=/usr/local/sarg-reports/06Jan2016-06Jan2016 SARG: Sorting log /tmp/sarg/IP.user_unsort SARG: Making file: /tmp/sarg/IP SARG: Sorting log /tmp/sarg/IP.user_unsort SARG: Making file: /tmp/sarg/IP SARG: Sorting log /tmp/sarg/IP.user_unsort SARG: Making file: /tmp/sarg/IP SARG: Sorting log /tmp/sarg/IP.user_unsort SARG: Making file: /tmp/sarg/IP SARG: Sorting log /tmp/sarg/IP.user_unsort SARG: Making file: /tmp/sarg/IP SARG: Sorting log /tmp/sarg/IP.user_unsort SARG: Making file: /tmp/sarg/IP SARG: Sorting log /tmp/sarg/IP.user_unsort SARG: Making file: /tmp/sarg/IP SARG: Sorting log /tmp/sarg/IP.user_unsort SARG: Making file: /tmp/sarg/IP SARG: Sorting log /tmp/sarg/IP.user_unsort SARG: Making file: /tmp/sarg/IP SARG: Sorting log /tmp/sarg/IP.user_unsort SARG: Making file: /tmp/sarg/IP SARG: Sorting log /tmp/sarg/IP.user_unsort SARG: Making file: /tmp/sarg/IP SARG: (info) Dansguardian report not produced because no dansguardian configuration file was provided SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Hour string too long in redirector log file /var/squidGuard/log/block.log SARG: Hour string too long in redirector log file /var/squidGuard/log/block.log SARG: Hour string too long in redirector log file /var/squidGuard/log/block.log SARG: Hour string too long in redirector log file /var/squidGuard/log/block.log SARG: Hour string too long in redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Reading redirector log file /var/squidGuard/log/block.log SARG: Sorting file: /tmp/sarg/redirector.int_log SARG: (info) No downloaded files to report SARG: (info) Denied report not produced because it is empty SARG: (info) Authentication failures report not produced because it is empty SARG: (info) Redirector report not generated because it is empty SARG: Sorting file: /tmp/sarg/IP.utmp SARG: Making report: IP SARG: Sorting file: /tmp/sarg/IP.utmp SARG: Making report: IP7 SARG: Sorting file: /tmp/sarg/IP.utmp SARG: Making report: IP SARG: Sorting file: /tmp/sarg/IP.utmp SARG: Making report: IP SARG: Sorting file: /tmp/sarg/IP.utmp SARG: Making report: IP SARG: Sorting file: /tmp/sarg/IP.utmp SARG: Making report: IP SARG: Sorting file: /tmp/sarg/IP.utmp SARG: Making report: IP SARG: Sorting file: /tmp/sarg/IP.utmp SARG: Making report: IP SARG: Sorting file: /tmp/sarg/IP.utmp SARG: Making report: IP SARG: Sorting file: /tmp/sarg/IP.utmp SARG: Making report: IP SARG: Sorting file: /tmp/sarg/IP.utmp SARG: Making report: IP SARG: Making index.html SARG: Successful report generated on /usr/local/sarg-reports/06Jan2016-06Jan2016 SARG: Purging temporary file sarg-general SARG: End

If you're already using Shallalist, have you tried blocking the blk_BL_adv category?  That's ads.

where and how can i see if i Loses connection to the Internet Maybe my link does not work well Download begins high speed 2Mb Drops to 1.1Mb and 500 KBs and stop i try from another computer on my lan same result how can i fix  the problem ??

Thanks for the reply, Really good stuff, one more questions been looking to implement WPAD, but what if window server 2012r2 handles the DHCP would i need to DMZ to forward it to pfSense to run the DHCP? Thank you edit: So i think i figured it out instead of of adding the WPAD directions on pfSense DHCP I would do it though windows server Open the DHCP console Server 2012: Click Add… Name: WPAD Data type: String Code: 252 In the String Value box, type the URL of the PAC file (eg: http://192.168.3.254:8085/wpad.dat http://192.168.3.254:8085/wpad.da http://192.168.3.254:8085/proxy.pac ) Right click Server Options and click Configure Options Confirm that 252 – WPAD is ticked and contains the correct URL Right Click Scope Options and click Configure Options Scroll Down and tick 252 – WPAD Click OK

@cmb: Probably ought to leave them alone if it finds the job and just its time is different. That's the behaviour I expected but times are changed back to the default. This problem applies to more cron jobs: squid log rotate, clam-av virus update, etc. What is a proper workaround? make shell scripts that execute the php jobs and add them to cron? Does anyone know a better solution? (because this solution means maintenance with each future release)

Digging up an old thread here but I am having issues caching comodo antivirus definitions TCP_CLIENT_REFRESH_MISS/200 http://cdn.download.comodo.com/cis/download/installs/cmc3/forest.xml - 198.41.209.106 TCP_MISS/302 http://download.comodo.com/cis/download/installs/cmc3/forest.xml - 178.255.82.5 TCP_MISS/404 http://download.comodo.com/cis/download/installs/cmc3/affiliates/6100/forest.xml - 178.255.82.5 TCP_CLIENT_REFRESH_MISS/200 http://cdn.download.comodo.com/cis/download/updates/release/inis_4020/cis_update_x64.xml.7z - 198.41.209.106 TCP_MISS/302 http://download.comodo.com/cis/download/updates/release/inis_4020/cis_update_x64.xml.7z - 178.255.82.5 TCP_CLIENT_REFRESH_MISS/200 http://cdn.download.comodo.com/cis/download/updates/release/inis_4020/recognizers/proto_v6/cmdscope_update_x64.xml.7z - 198.41.209.106 TCP_MISS/302 http://download.comodo.com/cis/download/updates/release/inis_4020/recognizers/proto_v6/cmdscope_update_x64.xml.7z - 178.255.82.5 TCP_CLIENT_REFRESH_MISS/200 http://cdn.download.comodo.com/av/updatesurl/versioninfo.ini - 198.41.209.106 TCP_MISS/302 http://download.comodo.com/av/updatesurl/versioninfo.ini - 178.255.82.5 TCP_CLIENT_REFRESH_MISS/200 http://cdn.download.comodo.com/av/updates58/versioninfo.ini - 198.41.209.106 No custom ACLS