Squid + SquidGuard + AV, HTTPS not working

lluisclava

Hi gays,

I have a new device with all updates and clear configuration. I'm trying to config a simple proxy from LAN to WAN with content filtering and AV working in HTTP and HTTPS. I prefer transparent proxy but dosen't matter if it's not. I use squid(with ClamAv) + squidguard for that.

The problem is, I can't have working toguether in HTTPS, AV + content filtering.

As I read in documentations I can switch the SSL/MITM from "splice all" or "Splice whitlisted/Bump otherwise".

If I switch to "splice all" I can have content filtering working fine in HTTPS, and content filtering + AV in HTTP.
If I switch to "splice whitlisted/bump otherwise" then I can have two scenarios:
With content filtering enabled all HTTPS is bloqued.
With content filtering disabled HTTP and HTTPS works with AV but not with content filtering obviously.

All the tests are done in transparent mode.

So could anyone help me with that? Is it possible to have running content filtering + AV in HTTPS??

Thanks in advance!

Rico

Wow, calling us Gay in your first posting.
Have you checked https://www.netgate.com/resources/videos/squid-squidguard-and-lightsquid-on-pfsense-24.html ?

-Rico

lluisclava

Sorry about calling your gays, I'm not an English Native.

Okey it's solved following the video you said. I thing the problem comes with a diferent order of enabling the elements of the proxy....

Thanks so much @Rico !

Rico

You're welcome, glad you have it working now.

-Rico