Squid, Squidguard, Squidclamav with HTTPS/SSL Configuration Guide Needed



  • Good Evening,

    I am writing this evening, to request someone to write or link to a comprehensive configuration guide for Squid, Squidguard, Squidclamav with transparent HTTPS/SSL functionality for pfSense.  As a home user, I have worked through numerous guides for several months.  Squid, Squidguard, & Squidclamav all work flawlessly in transparent mode.

    Once HTTPS/SSL (man in the middle) is enabled, even with the self signed certificate installed as a root certificate authority, Windows Updates, access to the Apple Store stop working, in addition to apps like Facebook stop updating, etc. etc.  Without HTTPS/SSL enabled, too many sites get past SquidGuard to make it an effective guard for a family application.

    The Squid package has the power to do so much good, but its fine tuning for everyday use, is elusive.  Please consider contributing what you can.



  • @darrenkdean:

    Good Evening,

    I am writing this evening, to request someone to write or link to a comprehensive configuration guide for Squid, Squidguard, Squidclamav with transparent HTTPS/SSL functionality for pfSense.  As a home user, I have worked through numerous guides for several months.  Squid, Squidguard, & Squidclamav all work flawlessly in transparent mode.

    Once HTTPS/SSL (man in the middle) is enabled, even with the self signed certificate installed as a root certificate authority, Windows Updates, access to the Apple Store stop working, in addition to apps like Facebook stop updating, etc. etc.  Without HTTPS/SSL enabled, too many sites get past SquidGuard to make it an effective guard for a family application.

    The Squid package has the power to do so much good, but its fine tuning for everyday use, is elusive.  Please consider contributing what you can.

    Darn, when I found this subject header I was hoping there was more to the thread…
    Oh well, when those who are prone to pithy responses suggest that "search is your friend" at least we can link back to this!

    Rick



  • Transparent mode is the devil and should be avoided at all costs.

    https://doc.pfsense.org/index.php/WPAD_Autoconfigure_for_Squid


  • Banned

    @Ramosel:

    Oh well, when those who are prone to pithy responses suggest that "search is your friend" at least we can link back to this!

    https://forum.pfsense.org/index.php?topic=101502.msg566236#msg566236

    So… yeah, use the darned search, be it Google or this forum.


Log in to reply