@rootvallum Nope, the response i got is Apache-Coyote/1.1

Anyone here ?

By putting check-ssl keyword in the config. https://github.com/pfsense/FreeBSD-ports/blob/ae27b1718e27a0655adf27b99fc1df6c90f1c524/net/pfSense-pkg-haproxy-devel/files/usr/local/pkg/haproxy/haproxy.inc#L1120 Anyhow that line will be gone soon..

If you are using ldap port, you can try to create a load balance on pfsense for port 389 and point you config to it.

@marcelloc said in XMLRPC Sync Squid: @rootvallum said in XMLRPC Sync Squid: @marcelloc Hi marcello can you give suggestion please :) You will need to code a bit to get it working. Take a look on sync replication code under squid.inc. You will see all the "tabs" it includes before pushing to backup server. If you comment tabs you do not want to sync, you can forward your configuration to other boxes. $xml = array(); $xml['squid'] = $config['installedpackages']['squid']; $xml['squidupstream'] = $config['installedpackages']['squidupstream']; $xml['squidcache'] = $config['installedpackages']['squidcache']; $xml['squidantivirus'] = $config['installedpackages']['squidantivirus']; $xml['squidnac'] = $config['installedpackages']['squidnac']; $xml['squidtraffic'] = $config['installedpackages']['squidtraffic']; $xml['squidreversegeneral'] = $config['installedpackages']['squidreversegeneral']; $xml['squidreversepeer'] = $config['installedpackages']['squidreversepeer']; $xml['squidreverseuri'] = $config['installedpackages']['squidreverseuri']; $xml['squidauth'] = $config['installedpackages']['squidauth']; $xml['squidusers'] = $config['installedpackages']['squidusers']; /* Assemble XMLRPC payload */ $params = array(XML_RPC_encode($password), XML_RPC_encode($xml)); Remember to disable replication on squid before any package update/upgrade. Thanks for your Guidance marcello . I'll try this :)

nope, does not seem to work. Best way I've been able to get to work is by forwarding the nginx logs like I described above. Would prefer not to do it this way since tons of messages get sent when you are in the pfSense mgmt interface for a device. I'll keep trying to figure out how to just get the block.log.

Yep, that was it, needed to do the action. Thanks for the help! frontend rancher bind 10.168.12.20:443 name 10.168.12.20:443 ssl crt /var/etc/haproxy/rancher.pem mode http log global option http-keep-alive option forwardfor acl https ssl_fc http-request set-header X-Forwarded-Proto http if !https http-request set-header X-Forwarded-Proto https if https timeout client 30000 acl aclcrt_longhorn hdr_reg(host) -i ^longhorn\.home\.swth(:([0-9]){1,5})?$ acl aclcrt_rancher hdr_reg(host) -i ^rancher\.home\.swth(:([0-9]){1,5})?$ use_backend rancher_http_ipvANY if aclcrt_longhorn or aclcrt_rancher aclcrt_rancher

@lemonparty1 said in Squid needs a cache hit rate graph somewhere. Anywhere: @manojsemwal wow that is quite pretty! What visualization tool are you using? Hi We are using Graylog + elasticseach. we collect data from dozens of squid proxy servers + firewalls + wap + switches + windows servers + Linux servers.

@gertjan Thank you for your reply.. i will study further to get the ans ...

You have to use MITM for it to work or you can use this method, which also works perfectly fine. https://forum.netgate.com/topic/100342/guide-to-filtering-web-content-http-and-https-with-pfsense-2-3

Mostly because nobody is actively developing on that package. We've nudged it here and there (like the cache option) but it's been mostly unchanged for years. If someone wants to take that on, code it up and submit a PR.