This may be related to empty blacklist after a reboot.

this script created by carlospicture placed on /usr/local/etc/rc.d may help:

#!/usr/local/bin/php -f     $incl = "/usr/local/pkg/squidguard_configurator.inc";     if (file_exists($incl)) {         require_once($incl);         sg_reconfigure_blacklist( "http://www.shallalist.de/Downloads/shallalist.tar.gz", "" );     }     exit; ?>

Start from the beginning.  Which version of pfSense, squid, squidguard?  Start with squid first.  Get it to the point where it's processing properly by shelling in and checking /var/squid/logs/access.log in realtime.  Once you know squid is processing, then install and configure squidguard.  Don't use transparent mode, use explicit mode with WPAD instead.

Add this rule at the top of our lan network. Please refer the screenshot.

The ports Aliases is nothing but to disable the direct access on port 80 and 443.

Capture.JPG
Capture.JPG_thumb

i have the same problem this morning.

i resolve my issue by doing the ff:

goto>services>proxyserver
remove the "custom options" hit save and apply.
you will notice your squid service is now UP.

to start your squidGuard service.
shell this command: squidGuard -c all -d

check your services and squidGuard is now Up.

I hope it helps.

I re-installed and re-configured everything from scratch almost identically and now it is working on the fresh setup. I no longer see the drastic latency increase and bandwidth decrease with squidGuard. I believe I had a completely broken setup. I was using Captive Portal along side Squid which is known to be broken last I check. No idea if this was the issue and no idea how I even got it to work at all. Anyway, the original problem of this post is gone and I have since disabled captive portal and replaced it with squid3 / RADIUS authentication / squidGuard. Works nicely.

Are you sure you don't have corrupt incomplete download served by some proxy over and over again? Other than that, as a random idea, if you only see this on 2.2.3, try

mount -o nosync /

Honestly, I forgot about it.

I've added a NAT rule to change the destination CARP address to the firewall address and that seems to make it work.

Hi!
Thank you for your response SisterOfMercy. Today I've read your reply and the post, and tried the following:
On Proxy Filter (Squidguard) -> Target Categories
I've created a new category called "white_list" (I didn't used "whitelist" to avoid future mistakes) and added the following domains:

msftncsi.com 131.107.255.255

also added to the regular expression box the following:

msftncsi

saved the changes, applyed the config on General Settings and tried (disconnect the cable and reconnect)

The result?

The network icon displayed a yellow triangle for an instant, but then the triangle dissapeared and now all is completely all right!

So thank you all for your help, I've added the text "[SOLVED]" at the topic's tittle so it can be helpful to others.

Greetings and thank you again!  ;D

as it turns out, its best just to leave pfsense alone and have any other contents be on another computer.

squidGuard gets called by squid on-demand so it isn't running if squid isn't busy.  Why does squid not start?  Anything in your System log?  Anything in /var/squid/logs/cache.log?

It's always been that way, where you have to either reboot or restart the squid service to get it to wake up.

But can you explain me what are these url_rewrite_children?

The page I linked to pretty much explains it.  It is how many squidGuard processes are created to handle URL rewrites from squid.  If you only have 16 defined (the default), and you have a thousand users all web-browsing, it will queue them and be very slow.  If you have a lot of children, then you will need a powerful CPU and more RAM.

Speaking of Filezilla, I stopped using it ever since the author starting letting SourceForge wrap his installers in shit.

www.winscp.net

No idea but you could try reinstalling it and then uninstalling it.

No worries, thanks much for your help, I will continue to play around and see what I can find out, have a good one!

Use the proxy in explicit mode vs transparent.. Then setup which users you want to use the proxy at the client.