Thank you :)

Lets call it weird then.

@knothstine: I'm having the same problem, but with squid 4.3.9 and squidGuard 1.9.15. kivimart, I'd like to try your solution, but I don't know where to put it. Squid 4.3.9 it's squid2, try updating to squid3.

Squid Cache (Version 3.3.10)? WTH is this? How did you install this on 2.2.x? May I suggest you flatten and rebuild that box from scratch? Seriously, upgrading this package from any previous versions (2.7.x, 3.1.x, 3.3.x) and across major pfSense releases is a complete no go. And - ditto for downgrading.

Turn on 'Resolve DNS IPv4 First' this is necessary.

Thanks for the info

I already told you that noone will be patching Squid binaries on pfSense to fix typos.

Finally getting to turning on squid3 antivirus and smacked right into this same problem. Running on pfSense 2.2.5-DEVELOPMENT (amd64) built on Sun Nov 01, with squid3 0.4.1.1, The filename to edit is different, it's now /usr/local/pkg/squid_antivirus.inc But editing to change [::1] to 127.0.0.1 now works, and even though the C-ICAP access log still shows ::1, it still passes the EICAR test. Much thanks for the workaround.

What I can tell u is: Don't use any more ufs, use aufs. U have not enable logging, are u not going to use SARG or other app to get squid reports? How many user will use your cache? 3GB for cache is low even for a small number of users. But will be better to show squid.conf, some important settings are missing here. See u latter!!!

That's always been the default with ClamAV AFAICT. All I know is that whenever I deploy pfSense with ClamAV then my customers complain about being unable to download files because of the "Heuristics.Broken.Executable" error.  If I don't need to go and modify the config file for that anymore I'd be happy.  I always seem to forget…

Hello doktornotor! Thank you again for answering. I created and set up new partitions using a small how-to for FreeBSD. /cache01 /cache02 /cache03 Now I will add the lines "cache_dir" in squid.inc: cache_dir ufs /cache01 128000 64 256 cache_dir ufs /cache02 128000 64 256 cache_dir ufs /cache03 128000 64 256 But would add the customized field if it existed. And so I would be more quiet. Okay, I just have to be careful to keep the lines "cache_dir" in the Squid configuration.

Reading the file "/usr/local/pkg/squid.inc" found a link to http://wiki.squid-cache.org/ConfigExamples/DynamicContent/YouTube#Discussion Question answered. Jairo Raiol

Dear PiBa, Thank you very much! While I could not really figure out the cause, what  did help was to set "Stick on SourceIP" in the backend. Generally, the cluster to which HAProxy does connect has locking set up in a way that it should not matter if one request goes to one cluster member and the next request goes to another cluster member. Nevertheless, this does seem to help. Regards, Michael

30% off is a little bit much. Sometimes squidproxy do thinks like speed up … ::)

What would require trusted certs in what I was thinking? Transparent proxies will trigger your web browser's Man in the Middle warning whenever you visit an HTTPS site. Also, would this WPAD have the Roku circumvent the firewall altogether? WPAD is just a technique for devices to auto-locate your web proxy.  That's all.  It looks complicated, but it's really just a single DNS entry, a DHCP entry and a small file named wpad.dat with a proxy.pac symlink. Also, would this WPAD have the Roku circumvent the firewall altogether? No.  WPAD is just a method of auto-detecting the proxy and nothing more. Your wpad.dat|proxy.pac files need to be on any HTTP server you can use.  I use my pfSense box but any old Apache on *nix will do.

Oh now it´s working, I use this URL: https://blocked-by-Proxy.lan.mydomain.com/sgerror.php?url=403%20&msg=&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u And I have a certificate on my website. Working great now  :)

Can u please give details? Diagnostics - Backup/Restore.  Set Backup area to All.  Click the Download configuration button.

This link explains it for me, so perhaps usefull for others. https://community.mcafee.com/docs/DOC-4816 Thanks for the help once more.