hi!
      Above error.
      I try to remove squid cache file (rm -fR /var/squid) and then reinstall squid package, It is Ok!

Anyone?

You have the code and process linked in this post, yet you go again and again and again, instead of reading it.

Other than that - it works for everyone else. Perhaps call ghostbusters. (The install of course gets logged to the same place where you grabbed the "template not found" stuff.)

Hi Michael,

It would indeed be a step further, but i think its a rather 'dangerous' option if i understand it correctly..If you dont think it through you might loose access to http only sites on the same domain that you/someone forgot where running as well.. Ill put it on my todo list though.

Regards,
PiBa-NL

Hi I had searched and banged my head for a while and finally figured out a way to authenticate users on squid3 using group authentication

for eg:- a group in ldap INTERNET having few members will get internet access rather then all of them.

auth_param basic program /usr/lib/squid/ldap_auth -v 3 -ZZ -b "dc=intra,dc=example,dc=com" -f uid=%s -h ip/hostname of ldap
external_acl_type ldapgroups ttl=5 %LOGIN /usr/lib/squid/squid_ldap_group -v 3 -ZZ -b "dc=intra,dc=example,dc=com" -f "(&(cn=%g)(memberUid=%u))" -h ip/hostname
acl ldapgroup external ldapgroups internet
auth_param basic children 200
auth_param basic realm test-Web Squid3 Proxy Server
auth_param basic credentialsttl 1 minute
acl ldap-auth proxy_auth REQUIRED

http_access deny !ldapgroup
http_access allow ldap-auth
http_access allow localnet
cache_peer localhost parent 3129 0 no-query proxy-only login=*:nopassword
http_access deny all

rm -rf /usr/local/sarg-reports ln -s /usr/pbi/sarg-amd64/local/sarg-reports /usr/local/sarg-reports

This will fix the missing index file error.

@doktornotor:

Yeah, it won't work without the INC file. Simply try again.

I tried 3-4 times, with the same result. I'll try it again later this week. Maybe the internet is just annoyed with me today. :)

EDIT: I tried it AGAIN, and it worked this time. Thanks for confirming that I wasn't doing anything obviously wrong.

Beginning package installation for Lightsquid .
Downloading package configuration file… done.
Saving updated package information... done.
Downloading Lightsquid and its dependencies...
Checking for package installation...
Downloading https://files.pfsense.org/packages/10/All/lightsquid-1.8_2-amd64.pbi ...  (extracting)
Loading package configuration... done.
Configuring package components...
Loading package configuration... done.
Additional files... done.
Loading package instructions...
Custom commands...
Executing custom_php_install_command()...done.
Executing custom_php_resync_config_command()...done.
Menu items... done.
Integrated Tab items... done.
Writing configuration... done.

Installation completed.
Lightsquid setup instructions:
Please visit Status - Squid Proxy Reports - Settings and read the configuration and usage instructions.
Jason Bottjen

doktornotor - Thank you for the info.

How long will it be before E2guardians is finish?

If it is too long I install Squid3 but I want E2guardin, seems to be the best to use with pfsense.

That seems ot be the case when you upgrade squid/squidguard.  You have to either reboot or restart the squid service.

I doubt NTLM authentication generates this amount of CPU requirement, unless there is something wrong.
Did you try to temporarily deactivate "black list" rules and filtering as well as anti-virus. These can be very CPU demanding.

@retr0:

Add the ca to windows with cert manager to root ca store no need to add it to individual browsers or apps.

This won't work with Firefox/other Mozilla-based browsers, nor with any other (badly designed) app that doesn't use system certificate store.

I was going to setup a squid proxy on another box on the network, but I'd really like to have squid on the same box as the pfSense. This is really the only issue standing in my way. Are there other things I can do to see why the pfSense box would have a slow speed locally?

I have solved in this way: edit /etc/sysctl.conf and add this line:

net.inet.ip.portrange.reservedlow=0
net.inet.ip.portrange.reservedhigh=20

Proxy Server: Traffic Management:Squid Transfer Quick Abort Settings: Finish transfer if more than x % finished

Set this to 95%

No idea. I'm not censoring my internet. :P

I use squid 2.7 and squidguard. After upgrade to 2.2.5 everything is working fine.

If you dont want to reload blacklist after every reboot, just make at least one entry into "target categories".

Oh… i didn't see that the case is closed.

Thanks for the help that is what I need  :)

I think you can put them in the Integrations section.