Squid HTTPS question and blocking Chromecast


  • Banned

    Newbie question. I have the latest stable of sense and squid installed and working as an http and HTTPS proxy on my small home network.

    My question is, SSL filtering is on and CA installed on network devices. HTTPS sites work but when I view the certificate it displays the website cert, I was expecting to see the self signed CA I made in pfsense? Is this OK or what did I mess up?

    My problem is that Chromecast doesn't work with SSL filtering on. Is there anyway that I can allow the Chromecast IP to bypass the squid proxy?

    Another question, I'd like to monitor squid proxy statistics but squidclient mgr:info isn't working? Anyone know how a basic user can monitor squid proxy?



    1. I would run WPAD instead of MITM and use proxy pac ,wpad.dat, and wpad.da and put an ignore for the chromecast, At the bottom is an example just copy everything and change according to your network and the IP of the chromecast so it goes direct

    2. To monitor squid I would use sarg or lightsquid if your running 2.2.6 or below

    function FindProxyForURL(url, host) 
    { 
        if (isPlainHostName(host) ||
            shExpMatch(host, "*.local") ||
            isInNet(dnsResolve(host), "192.168.3.0",  "255.255.255.0"))
            return "DIRECT";
    
            if (isInNet(dnsResolve(host), "10.10.10.1",  "255.255.255.255" ))
            { return "DIRECT"; }";;
    
         return "PROXY 192.168.3.254:3128";
    }
    
    

  • Banned

    Thank you, I did that and it all works great now!


Log in to reply