@moti4553 help @stephenw10 Dear we still present the problem, I already put DNS to IP 127.0.0.1, but the problem there is that I do not see my internal applications, please could you give me a light

@Simbad

Hi,

This is not a problem, in fact, they have been in this version for a long time.
AV filtering on the firewall doesn't really have a reason for existence, especially since it only applies to http

the daily.cld is updated and this is the essential momentum

http://database.clamav.net/main.cvd
http://database.clamav.net/daily.cvd
http://database.clamav.net/bytecode.cvd

https://www.freshports.org/www/squidclamav

ba5e4004-0758-414d-b052-89a06f592b7e-image.png

As soon as you have access to the full, decrypted data stream it's most probably possible to cache everything.

But :
The, for example, ccs style sheet file, can have a unique name - and won't be re used ever again, so it will get reloaded anyway.
The file creation date can be set to 'now' so the browser will request a fresh copy, even if the content didn't change at all.
etc etc .

See https://forum.netgate.com/topic/155280/squid-https/3

@High_Voltage said in new fun and odd issue with squid/wpad on pfsense with android!:
These
.microsoft.com .windowsupdate.com .akamaitechnologies.com .akadns.net
should not (never) be cached.
Example : if the windows update isn't guaranteed to from "the source" then every windows install is at risk. Microsoft couldn't tolerate that situation, it could kill the company overnight.

So this

acl splice_it ssl::server_name .reddit.com

handles everything going to / coming from is handled the same way.
( no need to read a a manual to understand that ^^ )

@viktor_g That solves my problem on

Version 2.4.5-RELEASE-p1 (amd64)
built on Tue Jun 02 17:51:17 EDT 2020
FreeBSD 11.3-STABLE

I guess I need to upgrade the

Version 2.3.5-RELEASE-p2 (i386)
built on Thu May 10 15:03:18 CDT 2018
FreeBSD 10.3-RELEASE-p29

Thank you for you patience and support

Hi, I tried to use mixed mode and it works as expected (including LightSquid). ☺

I admit that this is one of the problems with Squid as a package with pfSense, it doesn't rely on automatic log rotation and clean-up. I still do it manually, but if there is a software that can do this automatically, I'm in.

@dragoangel Thank you, you are correct. I am my way to becoming versed with HAProxy.

Layer 4 connection problem - connection refused is clearly says that port you mention doesn't open or listen. So: or you have firewall issues on your server or app not listen on server IP you are pointing.

@aGeekhere I'll look into this right now actually, took me a bit longer than I'd like it to have, for me to get to this. I'll add them in and see how it goes, thank you!

EDIT: oh my lord that's funny, that article you'd linked is one of the sources I actually did use when compiling that list that I posted in the github that I'd had in my original post haha.

changes committed to the github, thank you again.

thanks @viktor_g

@srlek Hi, srlek
Thank you for your reply.

dunno why you need clash

Because I am in China, the gov blocks a lot of websites.

but for proxying https you need squid-guard on pfsense

I have installed squid-guard package, and I set target rules=all, and it doesn't work.

Maybe I need more knowledge about routing. 😂 😂 😂

@viktor_g Thanks will do!

Thanks, it looks like it was working just the account got locked out, had to reset it.