How to install Squid and ClamAV on pfSense

It’s about time to move on with our pfSense tutorial series. This time we will cover: How to install Squid and ClamAV on pfSense.

Squid is a powerful proxy server that helps you keep your network traffic low by caching data locally from web pages you were visiting. For example, if you just visited arstechnica.com and 5 minutes later one of your colleagues visits arstechnica too, he will get the previously cached version of it, hence it’s saving you bandwidth. Of course, if there was anything new released on the web page in the meanwhile he will get that new information directly from the web, but you get the idea.

In this guide, we will install a non-transparent proxy. If you want to install a transparent proxy, just tick Transparent HTTP Proxy and Bypass Proxy for Private Address Destination in the process.

So let’s dive right into the installation.

 

Step 1: Installing and configuring the Squid Proxy Server

Log in to your pfSense firewall and navigate to System / Package Manager / Available Packages

1 - Enter Squid as a search term
2 - Click on Search
3 - Click on Install next to Squid
Squid Installation
Squid Installation

That done, Navigate to Services / Squid Proxy Server / General

Just change the values I mention, leave everything else by default.

1 - Select LAN as your Proxy Interface
2 - Tick Allow Users on Interface
Configuring Squid
Configuring Squid

Navigate to Services / Squid Proxy Server / Local Cache

Configuring Squid
Configuring Squid

Configure the Hard Disk Cache Size to your liking and also according to your available hard drive space. You don’t necessarily want to dedicate 90% of your hard drive space to Squid.

I got a 25GB SSD and dedicated 3000 MB for a start. Start low and if you run full, increase or clear the disk cache once in a while.

For Maximum Object Size, I went with 10 MB but you can leave it on the default 4 MB if you want. The lower this value, the higher the speed, the bigger the value, the more bandwidth you safe.

1 - Increase Hard Disk Cache Size to your liking
2 - Set Maximum Object Size to your liking
Configuring Squid
Configuring Squid

Next, we configure the Memory Cache Settings.

This setting can significantly increase your speed, but it should not surpass 50% of your total memory.

I got 8 GB of RAM on my box so I dedicated 2048MB. You can adjust this value accordingly. Shoot for around 25% of your total memory.

1 - Adjust Memory Cache Size
Configuring Squid
Configuring Squid

Navigate to Services / Squid Proxy Server / General

1 - Tick Enable Squid Proxy and hit save
Configuring Squid
Configuring Squid

 

Step 2: Create a Firewall rule for your Proxy Server

Now we need to add a quick Firewall Rule to your LAN Network.

Navigate to Firewall / Rules / LAN and click on add.

1 - Inteface: LAN
2 - Source: LAN Net
3 - From Destination 3128 (TCP)
4 - To Destination 3128 (TCP)
Creating a Firewall Rule
Creating a Firewall Rule

 

Step 3: Setting the Proxy Server on your System

On Windows 10 hit the Windows Button and type: Proxy

Sorry, my locale is German but you should get the point.

Alternatively, you can set the proxy in the browser of your choice only.

1 - Switch on the Manual Proxy 
2 - Enter the IP Address of your pfSense box
3 - Enter the port 3128
4 - Check Don't use proxy for local addresses (Intranet)
Setting Your Proxy
Setting Your Proxy

Step 4: Activating ClamAV

Now we are already at the last step: Activating ClamAV.

Head back to your pfSense Firewall and Navigate to Services / Squid Proxy Server / Antivirus

1 - Tick Enable AV
2 - You can enter a redirect URL of your liking
3 - I enabled Google Safe Browsing, choice is up to you, uses quite some RAM. 
4 - Set the ClamAV Database Update Time to a schedule of your liking, I go with 6 hours
5 - Select your Regional ClamAV Database Update Mirror (Important! Slow otherwise!)
Hit Save
Activating ClamAV
Activating ClamAV

At last, Navigate to Status / Services and make sure that:

  • c-icap
  • clamd
  • squid

Services are running.

Now you should be all set up. It took a while for me until the proxy was fully working and the internet was quite slow at first, but after a little while, all worked fine.

I experienced this behavior several times before. If you have problems accessing HTTPS sites head to Services / Squid Proxy Server / General and tick: Resolve DNS IPv4 First.

This was just the first article covering Squid. We will play around with it quite a bit in the future so stay tuned for more fishy content 😉

And as always, if this was helpful for you consider getting your hardware from my affiliate links below.

 

You can get pre-installed pfSense hardware here:

I use a PC Engines APU.1D4 Bundle which is only available on the German Amazon, so you have to look how to get it in the US, but I assume the options above are of equal quality.

 

 

 

One thought on “How to install Squid and ClamAV on pfSense

  • October 10, 2017 at 9:54 am
    Permalink

    You don’t to SSL filtering? I’m not getting that to work very well. Everything works, but it’s painfully slow.
    Is CalmAV working now, wasn’t enough stable when I tried it in early builds of 2.3.

    Reply

Tell us what you think!

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: