• Update Accelerator

    5
    0 Votes
    5 Posts
    1k Views
    W
    @gertjan There is an underlying misconception why Update Accelerator integrates into Squid managed by ipFire. After all, pfSense does it too. In the pfSense documentation on Squid there is a section just dedicated to Windows Update with the patterns recommended by Squid. So we are not violating Windows functionality. What Update Accelerator does is to use Squid to download the update and then save the files in a separate folder. When Squid intercepts a new download, instead of looking in the cache, it fetches the file in this other folder. Same thing for the other updates that are not from Microsoft. I am not part of the development team, I just find that this is what is described in the documentation and that U.A. is activated in the Squid configuration page.
  • Squid transparent proxy freezes Netflix streams after a few minutes

    Moved
    1
    0 Votes
    1 Posts
    472 Views
    No one has replied
  • Squid Transparent Proxy for other ports

    1
    0 Votes
    1 Posts
    335 Views
    No one has replied
  • Increase HAProxy Backend Server Session Limit

    haproxy
    6
    0 Votes
    6 Posts
    3k Views
    N
    @crowfather I get that the backend limit is 1/10th the front end... but still not sure what this resolves. If you set the front-end to 500 does that mean the back-end is really 500 but is only showing 50. Should we be setting it to 10X the value we want or is it that it only incorrectly displays this way? --Nikolaos
  • HAProxy DNS Internal servers

    1
    0 Votes
    1 Posts
    404 Views
    No one has replied
  • Trouble with HA Proxy

    1
    0 Votes
    1 Posts
    576 Views
    No one has replied
  • HaProxy and Websockets

    2
    0 Votes
    2 Posts
    1k Views
    MrPeteM
    @jimfreeze Unfortunately, a bug in HAproxy 2.2 breaks websockets. Hopefully we can get 2.3 or future soon... or the patch integrated! (https://github.com/haproxy/haproxy/issues/737)
  • Squid Proxy and QUIC issues

    2
    0 Votes
    2 Posts
    2k Views
    JonathanLeeJ
    @jonathanlee I found a work around on Squids website block UDP port 443 and UDP 80 it works after and you can access Facebook and it filters and runs Clamav within proxy.
  • 0 Votes
    3 Posts
    760 Views
    JonathanLeeJ
    @jonathanlee Firewalls and AntiVirus is a thing of beauty when it works correctly. It is art. This can decode and inspect every single https, http URL not only that the URLs that are cookie related. This inspects for spyware viruses check for issues. Amazing. What a work of art. Google started working Facebook does not like this running for some reason last website issue for me. Bing, Google, News sites, all work just not Facebook. [image: 1639418169271-squid.jpg]
  • SSL Intercept

    6
    0 Votes
    6 Posts
    2k Views
    johnpozJ
    @reeko said in SSL Intercept: Blocking things with DNS is not efficient at all I have no idea why you would think that.. Its pretty simple to grab lists or create lists of blocked stuff. But here you go if your wanting to try it. https://wiki.squid-cache.org/ConfigExamples/Intercept/SslBumpExplicit Intercept HTTPS CONNECT messages with SSL-Bump Clients do not send connect messages when in "transparent' mode of interception of the traffic.. You could try this https://turbofuture.com/internet/Intercepting-HTTPS-Traffic-Using-the-Squid-Proxy-in-pfSense Good luck.. Maybe someone else will chime that does this.. Its not a common practice for sure. I haven't actually used proxy to try and do such filtering in many years. Not a fan of any sort of messing with any ssl traffic. If was going to do it, would use explict pointing to the proxy and use sslbump.. You will have to trust your CA you create - there is no way to use a cert from 3rd party for such a thing because there is no way to create certs on the fly for www.somedomain.tld from already trusted CA.. So devices that can not be set to trust your CA will not work..
  • How to direct connect some website?

    1
    0 Votes
    1 Posts
    352 Views
    No one has replied
  • Generic HAProxy Question (home lab)

    1
    0 Votes
    1 Posts
    374 Views
    No one has replied
  • Unofficial E2guardian package for pfSense

    1k
    3 Votes
    1k Posts
    2m Views
    P
    @periko said in Unofficial E2guardian package for pfSense: Hello marcelloc or other e2guardian users, does e2guardian is already support for pfsense 2.5.2? Regards!!! I've been using it on 2.5.2 for months now, no issues.
  • Squidguard Group Layering

    1
    0 Votes
    1 Posts
    497 Views
    No one has replied
  • haproxy e log

    2
    0 Votes
    2 Posts
    618 Views
    P
    please help me, thanks
  • Save changes in Haproxy causing Crash report

    1
    0 Votes
    1 Posts
    385 Views
    No one has replied
  • HAProxy Backend Problem since upgrade

    2
    0 Votes
    2 Posts
    605 Views
    V
    UPDATE: This is a HA Proxy Dev problem it appears We had Dev on 2.4.5 prior to 21.0x When updating, HA Proxy dev went to a different version which is now not working with SSL backends. From what research we have seen and tried, it is a SSL handshake problem. We tried, reduced SSL settings, real trusted certs...and so on. The only fix was to uninstall HA Dev and install the normal HA Proxy Package Same config, works fine. (old 2.4.5 HA Dev is Current 21.05.1 Prod HA Proxy...or close) Not sure what changed in the versions to break our setup. Any insight would be appreciated if you have seen this behavior
  • Squid https filtering squidguard acl target list - erratic behaviour

    1
    0 Votes
    1 Posts
    359 Views
    No one has replied
  • unable to verify the first certificate

    1
    0 Votes
    1 Posts
    711 Views
    No one has replied
  • SquidGuard Filter Whitelist: Domains work, URLs and RegExp Don't

    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.