As soon as you have access to the full, decrypted data stream it's most probably possible to cache everything. But : The, for example, ccs style sheet file, can have a unique name - and won't be re used ever again, so it will get reloaded anyway. The file creation date can be set to 'now' so the browser will request a fresh copy, even if the content didn't change at all. etc etc .

See https://forum.netgate.com/topic/155280/squid-https/3

@High_Voltage said in new fun and odd issue with squid/wpad on pfsense with android!: These .microsoft.com .windowsupdate.com .akamaitechnologies.com .akadns.net should not (never) be cached. Example : if the windows update isn't guaranteed to from "the source" then every windows install is at risk. Microsoft couldn't tolerate that situation, it could kill the company overnight. So this acl splice_it ssl::server_name .reddit.com handles everything going to / coming from is handled the same way. ( no need to read a a manual to understand that ^^ )

@viktor_g That solves my problem on Version 2.4.5-RELEASE-p1 (amd64) built on Tue Jun 02 17:51:17 EDT 2020 FreeBSD 11.3-STABLE I guess I need to upgrade the Version 2.3.5-RELEASE-p2 (i386) built on Thu May 10 15:03:18 CDT 2018 FreeBSD 10.3-RELEASE-p29 Thank you for you patience and support

Hi, I tried to use mixed mode and it works as expected (including LightSquid).

I admit that this is one of the problems with Squid as a package with pfSense, it doesn't rely on automatic log rotation and clean-up. I still do it manually, but if there is a software that can do this automatically, I'm in.

@dragoangel Thank you, you are correct. I am my way to becoming versed with HAProxy.

Layer 4 connection problem - connection refused is clearly says that port you mention doesn't open or listen. So: or you have firewall issues on your server or app not listen on server IP you are pointing.

@aGeekhere I'll look into this right now actually, took me a bit longer than I'd like it to have, for me to get to this. I'll add them in and see how it goes, thank you! EDIT: oh my lord that's funny, that article you'd linked is one of the sources I actually did use when compiling that list that I posted in the github that I'd had in my original post haha. changes committed to the github, thank you again.

thanks @viktor_g

@srlek Hi, srlek Thank you for your reply. dunno why you need clash Because I am in China, the gov blocks a lot of websites. but for proxying https you need squid-guard on pfsense I have installed squid-guard package, and I set target rules=all, and it doesn't work. Maybe I need more knowledge about routing.

@viktor_g Thanks will do!

Thanks, it looks like it was working just the account got locked out, had to reset it.

@viktor_g Thanks, installed, function seems to be ok (but upgrading process was problematic this time).

happen also to me during update to 2.4.5-RELEASE-p1, squidguard stuck at reboot on deinstall