I don't believe that Android, or at least older Android versions, supports WPAD. For the wifi connection, you would have to configure the proxy details manually. Make sure you block tcp80,443 on LAN to prevent people from going around the proxy (if that matters to you).

@fabricioguzzy said in Why E2guardian package is not Officially avaliable in Pfsense?:

Hello Vallum,
I´ve been testing the e2guardian package since December/18 and it's working fine.
It's way better then squidguard, no doubts or comparisons.
The package still has some small/cosmetic issues, most of them related to the LDAP search group/users and REstarting service mechanisms, but it's fully functional.
I also made some security scans over the firewall after install it and it got nothing, so it looks safe at all.
it worth to go ahead and try it. If you are still confused, consider create a Non-Production environment to test it until you get used to the GUI and processes.

Not sure why pfsense team didn't consider the package so far. Maybe because is it still under-construction, but I do agree with you. That is a "must have" package for sure.

hope that helps you.
Fabricio.

Thanks Fabricio . I will test this.

Does it work with squid disabled?

Have you tried go to Services - Squid Proxy Server - General - Transparent Proxy Settings - Bypass Proxy for These Destination IPs and added their hostname there?

Hey,

I found this video on the topic that was very helpful.
https://youtu.be/xm_wEezrWf4

thanks for your help, I had to reset the equipment to factory values, reconfigure and function correctly, maybe, as KOM says, squidgard was broken

After upgrading to 2.4.4_2 the menu worked just fine. Thanks.

Simple fix.

0_1547077823279_lightsquid.jpg

What?

Bypass is not destination in your case. It is source as it is internal IP and outgoing traffic, if you change that i guess it will work for you.

Hi @surinameclubcard thanks for taking the time to answer! I will definitely try that second example then. FWIW, I am currently using the first example i.e. NAT then HAProxy, and can confirm that does work.

Replying to myself: I just did a clean install of pfSense 2.4.4p1 and tried above with the haproxy-devel package:

Create a frontend, name it "test", save, Open "test", add an ACL, notice there is no "Traffic is ssl (no value needed):" option, Just to continue, name the ACL "https", expression="Host starts with:", value="https", save, Open "test" once again, edit the ACL, notice now there is the "Traffic is ssl (no value needed):" option, Change the expression to "Traffic is ssl (no value needed):", remove the value, save, same error. Or the ACL was completely removed.

Either something is broken or I am completely not understanding this user interface?

Anyone challenged with clamav and icap errors? I've increased the parameters recommended here. It seems to resolve the issue I'm currently seeing, but I now have each parameter at 3x their original default. I just hit another icap error and am getting ready to go to 4x, but I can't help but think clamav isn't worth running.