@jeffrey_223 One last note,

for Wpad to work with the blocked sites like this. . .

3277a6f1-2f50-4c8b-845c-105902b74bcb-image.png
(Image: Hotjar blocked and splash screen showing)
You have to adapt the admin access certificate to be a intermediate, it must use the ca that you created with Squid, or it will give common name errors. Or use a PfSense CA and make a intermediate just for admin access
32c12094-7306-4a3e-9c7b-56f33456a6aa-image.png

@iorx Me too did you ever find a solution to this?

@impatient

https://forum.netgate.com/topic/176445/squid-cache-table-showing-year-1969-over-and-over/3?_=1670984881914

I have the same issue is there any solution to fixing this in a Netgate 2100 max? Everthing else works caching url blocking Clam AV SSL intercept and Clam AV. This log just shows 1969

After the helper starts or clear cache is ran it shows the right date and after it goes right back to 1969

@lakitu78 I have hits, and refresh unmodified showing in the logs above. But is this for registration of users?

@persia1364 Yes I believe that you can install Squidguard, configure the LDAP integration and then filter based on usernames but this is not simple and I have not tried it myself.

@cobca I do not know if you are running Squidguard, if so also make sure you have a loopback dummy ACL that lets the firewall and the proxy work. If you do not have this it will fail to reach wpad and will not work correctly as Squidguard will block the redirects.

Screenshot 2022-12-10 at 9.35.14 AM.png
(Image: My dummy acl)

I have mine set up to allow the loopback and the firewalls ip address to talk to one another and also let the wpad work.

Screenshot 2022-12-10 at 9.37.56 AM.png
(Image: Group acl with loopback and firewall Ip)

Screenshot 2022-12-10 at 9.38.33 AM.png
(Image: location of group acl that attaches to the dummy acl rules)

@mnoya2
Try this:
https://github.com/ahuacate/pfsense-haproxy/blob/master/README.md
https://docs.deeztek.com/books/pfsense/page/pfsense-haproxy-softether-vpn
https://cbonte.github.io/haproxy-dconv/2.2/configuration.html

@jonathanlee Palo Alto does the same thing with certificates and intercepts on their firewalls. Just set it up ethically and it will work.

virus.PNG
(HTTPS cloud based virus stopped with use of MITM)

@jonathanlee

I wish you could pick what certificate to ignore with this.

@jonathanlee
The antivirus is working however it no longer uses the red screen also.

What could cause this?

Screenshot 2022-12-03 at 9.18.10 AM.png

New version of found virus screen

Screenshot 2022-12-03 at 9.17.57 AM.png

Virus table empty will no longer log files, cleared also to resolve same result no updates are placed into the log file for what virus is found

Screenshot 2022-12-03 at 9.17.53 AM.png

Image shows that viruses are caught in https still Eciar test found however it is not logging anything and the red splash screen is gone

@gertjan

Error

squidclamav_check_preview_handler: Wed Nov 30 15:56:36 2022, 92197/1098002432, ERROR clientip is null, you must set 'icap_send_client_ip on' into squid.conf

Screenshot 2022-11-30 at 4.02.08 PM.png

It goes on and on...

I have also just added

adaptation_send_client_ip {$icap_send_client_ip}

to line 234 of

Screenshot 2022-11-30 at 3.32.23 PM.png

ref https://forum.netgate.com/topic/129331/adaptation_send_client_ip-vs-icap_send_client_ip?_=1669853066007

It seems to already be enabled also, any ideas?

Screenshot 2022-11-30 at 4.06.21 PM.png

Keep in mind it all worked until a week or so ago, not it will not even see the test virus anymore

@tyoungls

adaptation_send_client_ip {$icap_send_client_ip}

are you sure it is not line 234?

Screenshot 2022-11-30 at 3.32.23 PM.png

@bmeeks Thanks for the reply! Understood!