Stable Transparent Proxy - $250 {awarded}

  • My company is currently in the market for a new router/firewall/url filter.  We currently use M0n0wall coupled with a really old box made by now defunct Ramp Networks (WebRamp).  pfSense would do everything we need and so much more, but as noted in the boards the Squid package isn't in the best of shape.  I was unable to get transparent proxy to stay up and running once the latest version of the package (which has been pulled) was pushed out.

    Our company just got new bandwidth and needs to make a change fairly soon.  Rather than throw money into a Cisco, Sonicwall, or the like, I was thinking it would be better to make a donation to you guys for the great work you're doing.

    Specifics: Not too much beyond what was already in the Squid package.  I know that Cisco caps out at 250 URLs on the whitelist.  This is a current limitation of our WebRamp as well.  I would like to see something more like 500, or maybe no limit.  I understand that there may be lag in the initial lookup.  It's also imperative that there be an option for 'unfiltered' IPs/MACs where we can list out managers who will not be subject to the URL whitelist.  The main point here is to get a stable transparent proxy up and running.

    $250 stands - if you want to join the party, please do!  Let me know what you guys think.

  • Thanks for the offer.  Does it have to be squid?  Squid seems to break down on FreeBSD under heavy loads.  The application spends much of it's time waiting on GIANT locking (per top) which really wreaks havoc.

    I was considering something like: but I am open to suggestions.

  • At this point I'm not really concerned with the back end.  I suppose down the road it might be helpful to have something as widely used and supported as Squid, but maybe not.  That's too bad that Squid has issues with FreeBSD, but please, if you can get a something going with oops! that follows the options I mentioned above, you'll win my heart (and the bounty).

  • Uuh I don't know who gets the bounty, but I think I have fixed the squid package.

    About the high loads, I don't know, I have it up and running, but I'm also the only one using the box.

    I must say the latest squid is different from the previous one.

  • That's great you think you fixed it.  Would you mind sending me a PM with a download link and the command I need to manually install the package?

    Assuming it's fixed, I would still like to make a donation to pfSense, but certainly you should get a little bit of bounty too.

  • Well I think the bounty should be for the pfsense team, I didn't do that much, only fixing some stuff.

    I don't know what the guys of pfsense think about sending you those files, I didn't make the stuff, I only fixed it.

    But I think the squid package will be back in the list when they had time to check things out an place the files.

  • Sounds good, I found the pertinent thread in the packages forum.  Thanks for your work on this, I'm sure many people are very appreciative or at least will be when Squid hits the packages list again.

  • It appears to be getting closer.  Stay tuned.

  • The current squid in packages should work as required and I would like to claim the bounty.

    Kind regards,


  • You guys are the best.  I can't believe the progress made over the last week or so.  I'll send you guys $125 now and the remainder once I get a chance to test things out.  I'm away from my pfSense box and clients for Christmas, but will return on Tuesday.  I'll give it a go for a few days and if it all goes well will pay you the remainder then.  I can't imagine any other issues coming up.  Thank you, thank you, thank you.  Merry Christmas all.

    What PayPal is best to send payment to?

  • I will claim half the bounty with and the remainder to go to the general pfsense account at

    Thanks in advance!



  • Payment sent, $62.50 to each of you.  Thanks again.  Enjoy your holiday!

  • Payment received.

    Thank you.

  • Looks like the remainder of the bounty hinges on the ACL functionality.  I'm really looking forward to it working again.  Thanks again for all the work on this thus far.

  • Thanks again for all the squid work.  Hope nobody minds if databeestje gets the $125 remaining on my bounty.  I'm really looking forward to the last few kinks getting worked out soon.

    Maybe some of the other Squid users out there could pitch in a bit too, data deserves it!

Log in to reply