End up removing the whole package,  the only reason to use it at home was the Anti-Virus, but it keeps wriite intensive activities to HDD, not worth it.

Use WPAD This is a short-cut.  ;) You have to notice that WPAD has no impact on HTTPS filtering. What makes difference here is use of explicit proxy instead of transparent proxy. Purpose, with WPAD, is to ease proxy discovery (WPAD stands for Web Proxy Auto Discovery) in order to use explicit proxy because manual configuration can be painful in case you have a lot of clients (or in case your proxy moves or… whatever that would require to change such setting). For reasonably small group of clients, configuring manually proxy at browser level can be the easiest solution.

so I had to configure manually on every desktop. WPAD might have saved you a lot of time.

@doktornotor: OMG. You really just have no clue… I was telling you that you should NOT use http:// (plaintext) for logins. There is no "allow paintext auth in squid" and that's NOT your problem either. Your problem is that the site is incompatible with your proxy. As soon as you have managed to produce the stupid HTTPS/MITM filtering, you will NOT be able to login to that site at all. You do NOT want to proxy financial services sites, HTTP or HTTPS. It's just damn stupid and dangerous!!! Exclude that site from any proxying and move on. but it work on pfsense 2.1.5

Hi, I can not find the problem (finally I wonder if this is a SNI problem I change the configuration and no longer uses the tcp. Everything works perfectly now! Thank you for your help have a good day laurent

woah after 6 months of using SQUID i got used to it… I got fed up with the reverse proxy thing and I deleted squid3 package all at once The internetz is sooooooooo FAST now it's incredible !!! I was under the impresssion that squid was speeding up our interwebz connection but it was NOT I'm enjoying high speed internet for real now !

I don't know about that, but squid 2 was marked as obsolete 3 years ago by the Squid group.  Today they recommend that you not use it.  The pfSense Squid2 package may have been updated for the security vulns but I don't know for sure. http://wiki.squid-cache.org/RoadMap/Squid2

How to make Antivirus works on HTTPS link?

@KOM: I guess I will wait longer until there is a squid3 stable version. FYI I'm running pfSense 2.2.2 with Squid3 0.2.8 (I hate the new version scheme, it's really Squid 3.4.10) and squidGuard 1.5.1.  Works like a charm. I agree with you there! But its the package version number, not the port/binary itself. The description should probably include the binary version for less confusion.  …..based on Squid 3.4.10

I think I remember there being a problem with Squid and limiters but I might be wrong.

Is squidGuard stable with squid3? Yes, but after installing it you have to restart squid or reboot the entire thing. Is there are report generator that (Lightsquid) that works with squid3? Lightsquid and Sarg both work well, but Sarg needs the symlink fix or the GUI won't show the reports.

Hi Namm, I am not interested in using IP addresses since it kills the idea of dynamic hosts for example: cdn-1.xx.yy Such hosts are usually mapped to multiple IP's dynamically spinned on one cloud or the other. I would like to use the dns name and would like it to be resolved accordingly, otherwise there is no use excluding domains. I wish pfSense guys will respond to this thread and say something about this and why they blocked such option from working through the UI. Today, almost every proxy have the ability to exclude/bypass destination domains by putting: ".mydomain.com" Best Regards, Nissim

Is there any way to fix this? Should I submit a bug report on redmine?

If you guys are using embedded version on an appliance, the /tmp folder sits in RAM and gets dumped every reboot, and that's where the blacklists are stored.

So I've tried this : @jimp: To remove squid, squidguard, lightsquid, and anything else with 'squid' in its package name: foreach (array_keys($config['installedpackages']) as $sec) { if (strpos($sec, "squid") !== false) unset($config['installedpackages'][$sec]); } write_config("Removed all squid-related settings"); And it did what I needed. THANKS!

Hi Guys, Problem Solved, thanks for the support….. I have re-installed squid package and squid gaurd its worked charm.......