Squid transparant mode does not work! Need HELP! Classic one?
-
Dear PF users,
I installed squid2 on the latest pfsense a week. I am getting grey and my patience is running out.
I have spent days and days reading and watching tutorials how to setup squid.The problem is even though I have followed the exact steps, when checking transparent mode in the proxy server menu item, the browser cannot access certain websites.
If I turn it off, I can browse the web without any restrictions.I cannot find no solution. I have read a pfsense thread, the only one existing regarding this issue apparantly and they say, change this change that in the squid file,…(squid.conf)
Well I changed the file accordingly and I ended up having a broken firewall.Do you guys what is going on? Squid is something basic. It has been there for years and should be simple to setup. Am I missing something here?
Thank you,
I am looking forward to read your first thoughts and opinion about the matter,...
-
I installed squid2
There is your first mistake. Squid2 is ancient and depracated. Use squid3 instead. I don't know why they even list squid2 anymore.
-
Hmm,
Yes I already tried squid3, I think I had a similar problem with it. Maybe it was me or due to lack of documentation. The pfsense doc only refers to the configuration of squid2 not version 3.
But that is not my only concern. Squid3 gets installed along with clamav any some other ICAP junk. Well that is very nice and techy, but when you watch the logs especially ClamAV, you see overall errors with clamd not running and that sort of rubbish.
Things that you do not want to see in a secured environment giving you a false sense of security. -
Squid3 is the only one that works as far as I know. Turn off the ClamAV and ICP stuff, as I do.
btw this has nothing to do with the firewall and should instead be in the the Cache/Proxy forum.
-
Hmm,
Yes in noticed the childboard.
Turn off anti-virus? That sounds so stupid. The could have least leave it out of the squidguard package.
Would you like to give last thought about squidguard which I installed afterwards.
Well I followed the pfsense doc regarding squidguard.
I felt that after configurating squidguard, it did not respond like I wanted at all.
When the whole crap is activated (sometimes it does not), it even does not open a website and I get a https:443 error.
Any first thought on how to fix that?
Thank you
-
Turn off anti-virus? That sounds so stupid.
It slows everything down too much. If you're concerned about viruses, use client AV protection instead of ClamAV on the firewall.
Any first thought on how to fix that?
Start a new thread in the Cache/Proxy forum.
-
have you checked the allow users on the interface??if not… do tick it..
