• squid ssl ca not selectable

    8
    0 Votes
    8 Posts
    845 Views
    R
    new version from pf2ad is working :)
  • Squid ACL Whitelist not working

    Moved
    6
    0 Votes
    6 Posts
    21k Views
    viktor_gV
    @zacha fixed in squid 0.4.44_15
  • 1 Votes
    1 Posts
    265 Views
    No one has replied
  • Squid proxy NONE/503

    10
    0 Votes
    10 Posts
    11k Views
    K
    @C0RR0SIVE said in Squid proxy NONE/503: I just use Shallalist for my SquidGuard, it helps block some common annoyances really, don't think it has been updated in some time though. More useful if you have kids trying to get to porn sites more than anything IMO. Yeah, I use Unifi AP's and a Captive Portal in my Unifi software that requests they setup the proxy on their device using a proxy.pac file that's stored on a local webserver. When they pull from that file they go through HTTP/S just fine. If they don't they just get rejected on 443/80. Haven't had an issue with guests doing that so far. I also make sure I link to instructions stored on the local web server so they can follow those. I have done some testing, but nothing concrete yet... I was on 2.4.5, and have been having some other issues with it. I decided to compile a version of 2.4.4-p3 and installed that, then restored all my settings. So far SQUID + SquidGuard has been rather stable and fast. I suspect the issue isn't just SQUID, but 2.4.5. Can you confirm what version of PFSense you are on? I still see 503 errors, but those look purely SquidGuard and PFBlocker related (as in, what I am seeing, the URL is in my SquidGuard list or tied to a list on PFBlocker). I see. I use Unifi AP's/controller too so we pretty have a similar setup. I have to play around with Squidguard when this issue gets fixed. I'm also at pfsense 2.4.5 but I'm not sure when those 503 errors started showing up but I also highly suspect it's after the 2.4.5 upgrade.
  • Squid 0.4.44_15-21 new features

    1
    0 Votes
    1 Posts
    300 Views
    No one has replied
  • HAProxy Issue on 2.4.5?

    Moved
    4
    0 Votes
    4 Posts
    546 Views
    P
    @Smoothrunnings I still don't understand the problem. Haproxy needs a IP to listen on.. Do you still have the old SmoothWall box? Can you check what the contents of haproxy.cfg was there? And besides that, if it warns i'm pretty sure there is actually something configured wrongly.. Perhaps can you share the current haproxy.cfg file? (its okay to partially obfuscate public ip's and domainnames you have in there as long as its done consistently..)
  • Haproxy and Acme standalone certificate validation option- need advice

    1
    0 Votes
    1 Posts
    204 Views
    No one has replied
  • Squid reverse proxy cert

    2
    0 Votes
    2 Posts
    218 Views
    viktor_gV
    Please update to 0.4.44_21
  • HAProxy with ACME wildcard inconsistencies

    3
    0 Votes
    3 Posts
    821 Views
    P
    @custardduck22 Common 'issue' like this is also the port :80 redirect that pfSense has, if for some reason a 'http' request is done instead of 'https' the pfSense webgui-redirect could get cached by a browser.. (that redirect it can be disabled in 'system/advanced settings') Anyhow good you've already got it fixed.
  • Squid ssl proxy : NONE/200 X.X.X.X:443

    2
    1 Votes
    2 Posts
    2k Views
    G
    @guez I also specify that I use the transparent mode. If the solution is to configure a proxy by DHCP, that does not concern me and thank you to indicate it to me
  • Rocket Chat unable to connect over App, but only that

    1
    0 Votes
    1 Posts
    543 Views
    No one has replied
  • replace old squid

    1
    0 Votes
    1 Posts
    276 Views
    No one has replied
  • How to get squid to serve multiple servers off single WAN address?

    2
    0 Votes
    2 Posts
    459 Views
    No one has replied
  • HTTPS Everywhere Plugin For Squid

    3
    0 Votes
    3 Posts
    664 Views
    S
    Upgraded to pfSense 2.4.5 and this broke. I figured out the problem and it is very simple. Delete old stuff: pkg remove p5-XML-NamespaceSupport-1.12 pkg remove p5-XML-SAX-Base-1.09 pkg remove p5-XML-SAX-1.00 pkg remove p5-XML-LibXML-2.0132,1 Install the new packages: pkg add https://pkg.freebsd.org/FreeBSD:11:amd64/latest/All/p5-XML-NamespaceSupport-1.12.txz pkg add https://pkg.freebsd.org/FreeBSD:11:amd64/latest/All/p5-XML-SAX-Base-1.09.txz pkg add https://pkg.freebsd.org/FreeBSD:11:amd64/latest/All/p5-XML-SAX-1.02.txz pkg add https://pkg.freebsd.org/FreeBSD:11:amd64/latest/All/p5-XML-LibXML-2.0202,1.txz For 2.5.0: pkg add https://pkg.freebsd.org/FreeBSD:12:amd64/latest/All/p5-XML-NamespaceSupport-1.12.txz pkg add https://pkg.freebsd.org/FreeBSD:12:amd64/latest/All/p5-XML-SAX-Base-1.09.txz pkg add https://pkg.freebsd.org/FreeBSD:12:amd64/latest/All/p5-XML-SAX-1.02.txz pkg add https://pkg.freebsd.org/FreeBSD:12:amd64/latest/All/p5-XML-LibXML-2.0202,1.txz But the most important thing!!! Open this file in a text editor: /usr/local/libexec/squid/https-everywhere/squid.pl Change to first line from: #!/usr/local/bin/perl5 To: #!/usr/local/bin/perl And another thing that isn't necessary but I found helpful with heavy use is increasing the helpers: Go to Services > Squid Proxy Server Show advanced options at the bottom And update in Custom Options (Before Auth): url_rewrite_children 16
  • squidguard can't start

    1
    0 Votes
    1 Posts
    201 Views
    No one has replied
  • Using URL in HAProxy Backend instead of IP address

    5
    0 Votes
    5 Posts
    3k Views
    A
    Gotcha, thank you.
  • CMS with SSL check complain site is insecure when it isn't

    6
    0 Votes
    6 Posts
    1k Views
    tn1rpi3T
    @Gertjan Yeah, never mind. I'm taking it up with one of the CMS developers. Actually, I've used the CMS in question for almost a decade now. The problems began when I first used it behind HaProxy after they implemented the SSL-check.. Anyway, thanx for your input.
  • Setting up ACME with HAProxy

    3
    0 Votes
    3 Posts
    970 Views
    MORGiONM
    @iPenguin I was able to get HAProxy & ACME working with this guide https://youtu.be/FWodNSZXcXs
  • Squid - Kerberos - update keytab issue

    1
    0 Votes
    1 Posts
    579 Views
    No one has replied
  • Squid suddenly won't start... (for reverse proxy)

    6
    0 Votes
    6 Posts
    1k Views
    GertjanG
    Check also https://forum.netgate.com/topic/151523/reverse-squid-no-longer-working-on-latest-development-branch
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.