@jonathanp123 I gave up on transparent mode too. i'm still running without the wpad for a moment. But when blocking a website with HTTPS pfSense tries to resolve a host 'https://http*', like the error. With HTTP it displays the correct page.

@viktor_g Is updated... so SSL filtering works only in transparent proxy ?

I found this and haven't been able to test yet. SquidGuard is broken for https out of the box. You need configure Common ACL Target Rules List Default access [all] to Allow, save. Then click Apply in General settings tab. My best bet is that Default access has no block page configured for some reason. If anyone knows how to get Default access to deny working please let me know. Here is my working SquidGuard configuration step by step tested on pfSense 2.3.4-RELEASE-p1 (amd64): Download any blacklist - shallalist. for example. General Settings -> Blacklist options -> check to enable blacklist Put in Blacklist URL: shalla list Go to Blacklist tab. Hit download (Black list url is already there) Wait for it to finish downloading. 2. You need to configure your blacklist default to Allow state (The default state which is Deny all is what causes https://http/* error) Go to Common ACL Tab Hit plus button on Target Rules List Scroll down to Default access [all], set access to allow Set other categories that you want to be blocked to deny. Hit save at the bottom of the page. Go to General settings Tab. Click Apply at to Top of the page so your settings will be applied from Common ACL Tab. Check if https sites load properly now. Remember to clear cache from before playing with pfsense from your browser or it will show you old state of web filtering.

@kevdog Config seems to look fine.. The haproxy stats page does count your connection/request? And shows the server as 'up'? Testing from 'outside' ? Perhaps disable the transparent-client-ip feature until stuff starts working, then try enabling that again.?

@kevdog Yes openssl is 'build in'. Those settings should work alright.. Does it work without them? Do you get a 'error' or 'warning' when applying the settings?

@nico1234 said in Crash pfsense when squid is enable: panic: ufs_dirbad == file system error. Ran fsck ?

@tn1rpi3 said in haproxy | Browser says ERR_TOO_MANY_REDIRECTS: BOTTOM LINE: All sites are responsive now. However, apache2 does not yet redirect to the desired content. After some extensive trial and error with ACL settings I've come full circle. meaning that I added an "http-request set uri" action to my_site.com and under fmt I put "/subfolder_name" --> This finally sets the desired path on the server. Alas, now the error message "ERR_TOO_MANY_REDIRECTS" has returned. Since the initial cause of above error was solved, I will declare this topic as solved. I would appear appropriate to open another topic on this.

@tn1rpi3 I will try over at Cloudflare however previously I was passing all packets to the Apache reverse proxy/webserver and I wasn't receiving any 502 errors. Now that HA proxy is in the middle, things don't seem to be working.

thanks for reply! nop, i dont read those info. i think that no transparent proxy is the next step.

There is a checkbox to enable transparent mode in Squid. Also see the hangout: https://youtu.be/xm_wEezrWf4

@tn1rpi3 Solved. Settings on pfsense haven proven quite correct thanks to PiBa's input. The router's correct IP address has been reassigned. Some misunderstanding on the ISP's side.. All good now.

@elcid Hello, I am trying to send the squidguard records to send them to graylog and then see them with grafana, can I do it? Greetings and thanks in advance