I found a work around. Since fetch does work I wrote a script to fetch the blacklist to /root. I put it in cron before the invoking the SquidGuard blacklist install.  I have the SquidGuard install the blacklist from /root. It is not elegant but it is functional.

I use Squid in nontransparent mode Does it Block cookies ? 1)  Squid generally isn't used to block anything.  It's a caching proxy.  While it can do some simple URL filtering, squidGuard is better suited. 2)  Since these filter on domains/URLs, not web objects in general, it doesn't block cookies.

I am having the same issue with clam AV. As soon as the primary  syncs with the secondary it clears my config on the secondary and no VirusScan happens. Any ideas? Temporarily I have disabled siync on the secondary but that is not the fix.

In Squidguard, Proxy filter SquidGuard: Common Access Control List (ACL) and in Target Rules deny a list that has torrents.

This means your question belongs here https://forum.pfsense.org/index.php?board=60.0 A simple solution that will solve your problem : Remove Squid. It is (was ?) known that Squid modifies pfSense own script files, so be careful, be ready to re-install a clean pfSense version.

hi. have you managed to resolve this? i'm seeing the same behaviour.

FYI, some RFCs like 4515 describe string representation in search filters and especially characters that must be escaped. ampersand is clearly one of these which means it requires backslash as an escape character.

Adding acl's is not used for selecting the certificate thats gets send back to the client which is only influenced by SNI and haproxy itself, it is however used for selecting which backend will actually serve the request. So if your hosting multiple sites, on different webserver behind 1 public ip, the using acl's is required for that. As you probably know the used host header for the acl can only be read after the ssl-handshake already completed. Ill check if i can add the option "Add ACL for certificate Subject Alternative Names." you mention, it seems indeed the X.tld is only added by default (by some ca's) for the www. subdomain.

Hello. I myself have the same problem wit the block page not displaying properly and it does when i switch the admin interface to use http instead https. Any fix for this yet?

I found a solution, here is what I did : viconfig, find the line ldap_user in <squidauth>type the letter with the accent. Now I can see the accented character in web configurator". I still cannot save, I think there is some kind of bug with accented characters with the proxy server LDAP authentication form in the web configurator. By way, to test the ldap connection from the shell /usr/pbi/squid-amd64/libexec/squid/squid_ldap_auth …. I had to create three missing symbolic link : ln -s /usr/pbi/squid-amd64/local/lib/libmd5.so.1 /usr/lib/libmd5.so.1 ln -s /usr/pbi/squid-amd64/local/lib/liblber-2.4.so.8 /usr/lib/liblber-2.4.so.8 ln -s /usr/pbi/squid-amd64/local/lib/libldap-2.4.so.8 /usr/lib/libldap-2.4.so.8 Chris</squidauth>

ohhh oops, by any chance is there a way to redirect youtube to another webpage?

Is a reinstall needed to fix this?

I'm glad the ACL addition solved your problem.

I found that after an upgrade I need to delete the squid cache or else webpages will not load Thanks.  My next maintenance window is this Friday night.  I'll try it again after whacking the cache structure.

i am winding WAN traffic in traffic real time display but no LAN traffic This is a problem with Squid and dynamic content.  For each smaller segment of a file that your system requests, squid will download the entire file.  This means taht for 100MB of LAN traffic, you may be downloading more than 1 GB.  I don't know how to fix that.  I usually disable Dynamic Content in Squid. also can anyone explain 4320 100% 43200 reload-into-ims;  means ? http://www.squid-cache.org/Doc/config/

Solved. After Facebook APP update it works now.  >:( "Something's not working with the Facebook for iOS app. If something's not working with the Facebook app for iPhone or iPad, first make sure you have the most up-to-date version of the app. To do this, go to the App Store on your iPhone or iPad and update the app. If there's a newer version of the Facebook app you don't have yet, it'll be listed there for you to download. If this doesn't solve your issue, try reporting your problem to us." https://www.facebook.com/help/168738436521284

The only way now for me is delay_pools a old technology from squid. But your clients always want ways to control traffic.

No idea.  I've never done what you're doing there.

Ah ok thank you very much for your help. Regards.