Prioritizing traffic could help make better use of the bandwidth available. I never looked at the traffic shaper, but I imagine someone on here has. https://www.netgate.com/docs/pfsense/book/trafficshaper/what-the-traffic-shaper-can-do-for-a-network.html

Then you must set a local domain manually as well. The way WPAD works is that the client will do a DNS lookup for wpad.yourdomain.blah. The client then asks the server at the IP address for wpad.yourdomain.blah for its wpad.dat, wpad.da or proxy.pac file. The client then parses the requested WPAD config file to know where the proxy is and when to use it.

Same experience as you guys. Used it for caching and ClamAV. It was a false sense of security at best since it could only scan ~ 1% of traffic. So even if it was a 100% effective AV, it was still mostly useless. No point in adding complexity so I no longer use squid.

Thanks for the reply, so after many hours it was the HAproxy redirect rule i had to add 2 more rules on the ACL added web2 and web3 host matches www.mydomain.com and www.mydomain2.com on the bottom on actions add http-request redirect with the rule rule: prefix https://mydomain.com and the same thing for the mydomain2.com for anyone else that has this issue do the following. Hope this helps

Bonjour, j'ai beau navigué sur les forum en long en large et en travers, je ne trouve aucune information sur le fonctionnement de squid avec une authentification via portail captif couplé au ldap. C'est une solution proposée par pfsense mais je n'arrive pas à le faire fonctionner. Merci.

I have no interest in MITM proxy which essentially breaks SSL, making all but pointless. (Sorry to be blunt). I've decided to uninstall Squid. A comment hit home to me. Installing another application, putting my firewall packets through ANOTHER application, simply for a (secondary) virus scan. Not worth it. (As far as I know), (knocking on my wood shelf), I haven't had an issue with a virus since I can remember. I'm not saying it's a risk. I'm very aware of the need for a good virus scanner, but to add another layer to my firewall? Nah. Squid is officially retired in my book.

I don't believe that Android, or at least older Android versions, supports WPAD. For the wifi connection, you would have to configure the proxy details manually. Make sure you block tcp80,443 on LAN to prevent people from going around the proxy (if that matters to you).

@fabricioguzzy said in Why E2guardian package is not Officially avaliable in Pfsense?: Hello Vallum, I´ve been testing the e2guardian package since December/18 and it's working fine. It's way better then squidguard, no doubts or comparisons. The package still has some small/cosmetic issues, most of them related to the LDAP search group/users and REstarting service mechanisms, but it's fully functional. I also made some security scans over the firewall after install it and it got nothing, so it looks safe at all. it worth to go ahead and try it. If you are still confused, consider create a Non-Production environment to test it until you get used to the GUI and processes. Not sure why pfsense team didn't consider the package so far. Maybe because is it still under-construction, but I do agree with you. That is a "must have" package for sure. hope that helps you. Fabricio. Thanks Fabricio . I will test this.

Does it work with squid disabled? Have you tried go to Services - Squid Proxy Server - General - Transparent Proxy Settings - Bypass Proxy for These Destination IPs and added their hostname there?

Hey, I found this video on the topic that was very helpful. https://youtu.be/xm_wEezrWf4

thanks for your help, I had to reset the equipment to factory values, reconfigure and function correctly, maybe, as KOM says, squidgard was broken

After upgrading to 2.4.4_2 the menu worked just fine. Thanks.