• Pfsense + Squidguard clean install. Squidguard won't start

    3
    0 Votes
    3 Posts
    3k Views
    KOMK
    Squidguard is a helper app that takes URLs from squid and processes them in realtime as they're requested by the user.  You definitely need squid installed first.
  • SquidGuard Inconsistencies

    Moved
    5
    0 Votes
    5 Posts
    1k Views
    rodrigoinfocasper.com.brR
    good morning people, I'm running exactly the same versions, and going through the same difficulty as my friend RPX_D, did anyone ever figure out the problem. Active squidguard on the hour I have problem with https sites, and I am forced to disable ….
  • Using CLAM AV without Squid

    5
    0 Votes
    5 Posts
    1k Views
    RangoR
    So i'm assuming ClamAV is still NOT preffered way to do AV screening. I'm sort of glad to hear that anyway as when i enable squid proxy and clamav, one of those two slows down my DNS significantly to the order of 10x where dns lookup was 30ms now with all those services running is 600ms which is 2000% slow down. I think it's proxy not clam av but that's a no go for me if that's the price to pay. I'm still trying to figure out why i would need proxy server for 3 clients max and why would anyone want to deal with cache of that later.
  • Sound the alarm! squid newbie question

    2
    0 Votes
    2 Posts
    565 Views
    emammadovE
    Did you enable Trasnparent proxy and SSL Filtering?
  • ClamAV – multiple vulnerabilities

    2
    0 Votes
    2 Posts
    1k Views
    BismarckB
    Upgraded to 0.99.4
  • Squid proxy server and OCSP responders

    1
    0 Votes
    1 Posts
    992 Views
    No one has replied
  • Select loop Error. Retry 1

    1
    0 Votes
    1 Posts
    286 Views
    No one has replied
  • Squid Proxy working on some networks and not others

    1
    0 Votes
    1 Posts
    382 Views
    No one has replied
  • Squid guard does not work

    3
    0 Votes
    3 Posts
    686 Views
    D
    Hello, I have already configured it in transparent mode but it still does not block the squid guard, I do not know if I have something wrong configured, now with what you say about HTTPS, the CAs certificate I believe it, I import it because it shows me a form to create import and if I do not configure that it does not let me enable the Enable SSL filtering option. ![squid guard.png](/public/imported_attachments/1/squid guard.png) ![squid guard.png_thumb](/public/imported_attachments/1/squid guard.png_thumb) ![squid guard 2.png](/public/imported_attachments/1/squid guard 2.png) ![squid guard 2.png_thumb](/public/imported_attachments/1/squid guard 2.png_thumb)
  • Blocked page by Squid Proxy is not Squid's default page

    5
    0 Votes
    5 Posts
    2k Views
    emammadovE
    Thank you for your reply. I leave it as it is. In TCP Port, section is empty. Default 80 for HTTP, 443 for HTTPS. How can I add two port in the same section? It only allows one port number. If I add for example 445, then it should apply both?
  • Blacklist not downloading in pfsense 2.3 SquidGuard

    29
    0 Votes
    29 Posts
    22k Views
    C
    @zehcolmeia: @milou: Try more 5 click in 2 seconds, and download begin. unbelieveble…. work this... I am not very sure how many time i clicked, but i click very fast around 30 times in 2 second, and it just work like a magic! Thankssssssssssssssssssss guys :D
  • Captive Portal makes HA Proxy unfunctional

    1
    0 Votes
    1 Posts
    346 Views
    No one has replied
  • How get Squid + SquidGuard to clear Client Browser Cache

    4
    0 Votes
    4 Posts
    990 Views
    KOMK
    When you make your changes, do you remember to go back to the General settings tab and click Apply?  If you don't do that, your changes will not take effect.
  • Squid + MAC adresses + mailreport

    1
    0 Votes
    1 Posts
    415 Views
    No one has replied
  • Google and Gmail.com issue

    3
    0 Votes
    3 Posts
    754 Views
    rodrigoinfocasper.com.brR
    Boa tarde, Conseguiu resolver amigo, estou passando por essa dificuldade.
  • Squid MITM SquidGuard Not Showing Default Error Page?

    5
    0 Votes
    5 Posts
    3k Views
    T
    Here is the answer I think, but I can't decipher it: Delayed error responses When Squid fails to negotiate a secure connection with the origin server and bump-ssl-server-first is enabled, Squid remembers the error page and serves it after establishing the secure connection with the client and receiving the first encrypted client request. The error is served securely. The same approach is used for Squid redirect messages configured via deny_info. This error delay is implemented because (a) browsers like FireFox and Chromium do not display CONNECT errors correctly and (b) intercepted SSL connections must wait for the first request to serve an error. Furthermore, when Squid encounters an error, it uses a trusted certificate with minimal properties to encrypt the connection with the client. If we try to mimic the true broken certificate instead, the user will get a browser error dialog and then, if user allows, the Squid error page with essentially the same (and possibly more detailed/friendly) information about the problem. Using a trusted certificate avoids this "double error" effect in many cases. And, after all, the information is coming from Squid and not the origin server so it is kind of wrong to mimic broken origin server details when serving that information. Squid closes the client connection after serving the error so that no requests are sent to the broken server. It is important to understand that Squid can be configured to ignore or tolerate certain SSL connection establishment errors using sslproxy_cert_error. If the error is allowed, Squid forgets about the error, mimics true broken certificate properties, and continues to talk to the server. Otherwise, Squid does not mimic and terminates the server connection as discussed above. Thus, if you want users to see broken certificate properties instead of Squid error pages, you must tell Squid to ignore the error. from https://wiki.squid-cache.org/Features/MimicSslServerCert
  • SQUID proxy wont work HTTPS? SOLVED

    9
    0 Votes
    9 Posts
    2k Views
    K
    Dont worry hope you get better "winter is coming" but what did the trick was ticking Resolve DNS IPv4 First with that it worked everything so odd i have never seen this before Thank you
  • SquidGuard…

    2
    0 Votes
    2 Posts
    574 Views
    KOMK
    Whenever you make a change to squidguard, you have to remember to go back to the General settings tab and click Save then Apply.
  • I think squid whitelist is being wrongly documented or badly configured

    6
    0 Votes
    6 Posts
    4k Views
    M
    Yes I know that this is "dstdomain" format but for demonstration purpose it works. Correct format is something like this: (.).yahoo.com ..yahoo.com .yahoo.com To be honest I would prefer to have a choice in squid module implemented in pfsense which format of whitelist/blacklist will be used. On my linux squid boxes I use dstdomain everywhere.
  • Squid possible memory leak

    3
    0 Votes
    3 Posts
    1k Views
    B
    Nope.  Didn't work. Still extremely unstable.  Sigh….. Looking into memory pools now and certificate memory issues.  Any ideas welcome still....
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.