Hi, Guys My machine is an amd64 computer,  pfSense 2.2.2 from live-cd, I have been trying Squid3 for weeks, there were Snort, pfBlockerNG and Squid3,  3 packages under pfSense, all clean installed, but can't surf the internet unless I turn off the Transparent HTTP Proxy mode, all I get are the following error: ERROR The requested URL could not be retrieved The following error was encountered while trying to retrieve the URL: http://www.google.ca Connection to 127.0.0.1 failed. The system returned: (60) Operation timed out The remote host or network may be down. Please try the request again. Your cache administrator is admin@localhost. Also, the Antivirus never works for me.  Does Antivirus have to be worked with Transparent HTTP Proxy mode turned on? Thanks for any helps.

That leads to the attached error in the logs, with proxy stopping (after the status went to running). [image: Snap278.png] [image: Snap278.png_thumb]

@deddric: Same isue here..anyone got it working? /d This appears to be ongoing.  I edited havp.inc to change the WORK_DIR and still not working.

Apt-cacher might be a better fit for you.  I've been running squid3 in a corporate environment and my hit rate is never above 7% no matter how much I fiddle with the squid config.  However, I have heard good results when caching Linux updates in general since they don't play games with the filenames of the updates like with Windows Updates and other A/V updates.

Ya, unfortunately the URL keeps changing, but isnt that what dynamic content is? to catch even changing URLs?

Thanks m8 for sharing the solution. I also had that problem with reverse proxy + Dynamic IP address.

Likewise, I get exactly the same error in my system logs and when I arrive in the morning I find the squid service in a 'stopped' state. A manual start fixes everything again, but it's annoying having to do this every morning. My system log: May 31 00:00:00 php: swapstate_check.php: Creating Squid cache dir /var/squid/cache May 31 00:00:00 php: swapstate_check.php: Creating squid cache subdirs in /var/squid/cache May 31 00:00:00 php: swapstate_check.php: The command '/usr/pbi/squid-amd64/sbin/squid -k shutdown -f /usr/pbi/squid-amd64/local/etc/squid/squid.conf' returned exit code '1', the output was '2015/05/31 00:00:00| Warning: empty ACL: acl throttle_exts urlpath_regex -i "/var/squid/acl/throttle_exts.acl" squid: ERROR: Could not send signal 15 to process 55868: (3) No such process' May 31 00:00:05 php: swapstate_check.php: The command '/usr/pbi/squid-amd64/sbin/squid -k kill -f /usr/pbi/squid-amd64/local/etc/squid/squid.conf' returned exit code '1', the output was '2015/05/31 00:00:05| Warning: empty ACL: acl throttle_exts urlpath_regex -i "/var/squid/acl/throttle_exts.acl" squid: ERROR: Could not send signal 9 to process 55868: (3) No such process' May 31 00:00:05 squid[98304]: Squid Parent: will start 1 kids May 31 00:00:05 squid[98304]: Squid Parent: (squid-1) process 98610 started May 31 00:01:39 squid[98304]: Squid Parent: (squid-1) process 98610 exited with status 0 May 31 00:01:39 php: swapstate_check.php: Squid cache and/or swap.state exceeded size limits. Removing and rotating. File was 148248 bytes, 0% of total disk space.

Thanks all for the replys :-) I'll try that and lets se if that work :) Best Regards :-)

any replay?

Either tell  squid to use  dns servers of your vpn provider, see squid  doc for exact  configuration parameters, or assign the vpn lan clients  your vpn provider dns by dhcp. Or both.

log erros: May 28 17:46:47 php: rc.filter_configure_sync: There was an error while parsing the package filter rules for /usr/local/pkg/squid.inc. May 28 17:46:47 php: rc.filter_configure_sync: The command '/sbin/pfctl -nf /tmp/rules.test.packages' returned exit code '1', the output was 'no IP address found for itrsa.com.ar /tmp/rules.test.packages:163: could not parse host specification no IP address found for itrsa.com.ar /tmp/rules.test.packages:164: could not parse host specification no IP address found for itrsa.com.ar /tmp/rules.test.packages:165: could not parse host specification' May 28 17:46:43 php: rc.filter_configure_sync: Not installing NAT reflection rules for a port range > 500 May 28 17:46:31 php: rc.filter_configure_sync: There was an error while parsing the package filter rules for /usr/local/pkg/squid.inc. May 28 17:46:31 php: rc.filter_configure_sync: The command '/sbin/pfctl -nf /tmp/rules.test.packages' returned exit code '1', the output was 'no IP address found for itrsa.com.ar /tmp/rules.test.packages:163: could not parse host specification no IP address found for itrsa.com.ar /tmp/rules.test.packages:164: could not parse host specification no IP address found for itrsa.com.ar /tmp/rules.test.packages:165: could not parse host specification'

Did you see my reply in your previous post about this issue? https://forum.pfsense.org/index.php?topic=94437.msg524779#msg524779

Problem is the c-icap.conf file does not contain the line indicated in the instructions: Remove ldap configuration'Manager:Apassword@ldap.chtsanti.net?o=chtsanti?mermberUid?(&(objectClass=posixGroup)(cn=%s))' from 'c-icap.conf' field. In the c-icap.conf file, the ldap section looks like such: # Module: ldap_module # Description: # Add LDAP support to c-icap. The user can use LDAP based lookup tables # using the following lookup table path: #       ldap://[username:password@]ldapserver?base?attr1,attr2?filter[{[cache=no]}] # The filter can contain the "%s" formating code which will be replaced by # the search key # Examples of supported ldap urls: #     ldap://ldap.chtsanti.net?o=chtsanti?cn,uid?uid=%s #     ldap://cn=Directory Manager:Apassword@ldap.chtsanti.net?o=chtsanti?mermberUid?(&(objectClass=posixGroup)(cn=%s)) # # WARNING: is not enough tested it may contain bugs! # Example: # Module common ldap_module.so # End module: ldap_module So it appears that it is throwing an error although the .conf file does not contain the aforementioned lines?

I have no idea.  I don't use squid3 on pfSense anymore.