No ideas or suggestions?

@sensewolf

anybody got this working?

@gertjan thanks i will do that

@mrit
Okay, figured it out myself (and with the help of the WayBackMachine). Turns out, subdomains are only included for a domain if the domain is the only entry in the domain list.

So makes it very hard for me, to also add subdomains (as wildcard) to my allowlist. Maybe it works using regular expressions...

Source: https://web.archive.org/web/20210727190453/http://www.squidguard.org/Doc/aboutblocking.html

@periko Good morning, My whitelist I put https://secweb.procergs.com.br
https://assinador.ac.rs.gov.br
https://www.ac.rs.gov.br
http://crl.globalsign.net
https://www.alphassl.com
http://ocsp.globalsign.com

These were the addresses I put.

@jonathanlee not sure

@swinster there is a bug which is already reported, we are still waiting the fix.

@kom My use case was to restrict internet access to internal servers, allowing only permitted URL/IP combos, distro repos, etc. So no need for WPAD (+ I have no idea how it works)
And yes good of you to mention it because I forgot, also blocked all internet access in pfsense rules.

@jycai with free cf choose flexible mode.
Check your pfsense firewall.
Sometimes problem at frontend and backend. I remove and recreate. It’s work

how to bypasss pfBlockerNG from squid.

@dmalick Hit means its already stored, miss means its stored as of now because it was never stored yet, refresh means dynamic based refresh that is out of date or expired timer. Do a quick search on the specifics, you will never have 100 percent hits.

@mit the path is /usr/local/pkg/squid_antivirus.inc not squid.inc for latest pfsense 2.6 squid 0.4.45_9