@RonpfS thank yoy sir. problem solved

@jason0
Make that rule for example:

@rjcrowder

Ok.

can you please guide me what is best way to do this.

read this
https://forum.netgate.com/topic/74934/how-to-block-youtube-in-pfsense/20

If you put Squid 'in-line' with two interfaces then all the redirects would happen there and not at the main firewall.
You don't have to do that though, it's easier to just redirect traffic to the proxy from the firewall as I outlined. In that case whatever is running Squid is only a proxy server, it only needs one interface.

Steve

You can do that using Squid and Squidguard as you say. First up watch the hangout we did on this:
https://youtu.be/xm_wEezrWf4

Steve

@doktornotor
Well the least stated he obvious but was cause of problem. Squidguard.conf was pointing to nonexistent directory, ...log. when installation used ....logs. I think they were just so close I couldn't see the difference for the words.

@netn00b not sure if you found a good solution to this.
I do something similar with a script to update the IP's for my VPN in squid.conf

I've stripped my VPN config lines out into a seperate file (vpn.conf) and then replaced them with an include

include /usr/local/etc/squid/vpn.conf

This way the GUI is always correct and can be updated as normal and you can still keep your IP's current.

in Squid/real time
i found
TAG_NONE/200 102.132.97.27:443
when HTTPS/SSL Interception Enable SSL filtering.

Also the dns name for mydomain.ry works but hits the same page as above. when I add a prefix onto it I continue to get:

This site can’t be reached mail.mydomain.ry’s server IP address could not be found.
DNS_PROBE_FINISHED_NXDOMAIN

@PiBa Thanks! I first placed it in the frontend, but then all my backend servers went to /webmail. I put it in actions in the backend server for my mailserver and it works like a charm!

@KOM thank you!

@akuma1x @stephenw10 only change the range of the ips ! :o thanks !

I don't know. I don't use pfB.

@KOM It was set to "uk" so I changed to "en", saved and restarted service which has fixed the issue. TA