In the control panel, go to the System | Cert. Manager | CAs, click the Add button, and create a new root certificate. This certificate must be installed on users computers in the Trusted Root Certification Authorities section, you can download it by clicking on the Export CA button:
Go to the System | Package Manager | Available Packages, enter in the Search term field: squid, and install the squid package:
Go to the Services | Squid Proxy Server and enable the following options:
In the System | Advanced | Secure Shell section you need to enable the Secure Shell Server option. Now you can download log files using the SCP protocol. By default, the Squid log files are located in the /var/squid/logs/ directory, to use SSH/SCP we use the 'Admin' user password, however, we need to specify 'root' as username.
For SCP access, you can use any program that supports this protocol, for Windows it can be WinSCP, PSCP from PuTTY package, SCP from CygWin package, etc. Command line for SCP.EXE from CygWin:
SCP.exe root@192.168.0.1:/var/squid/logs/*.log*
PSCP.exe [-pw password] root@192.168.0.1:/var/squid/logs/*.log*
By default, in pfSense Squid package log files are created in the squid format. This format can be used (in ProxyInspector in the server properties choose the format - squid), but it has a significant drawback - there is no information about the parameters of the HTTP-request and the HTTP-referrer. This does not allow you to fully use the capabilities of ProxyInspector (reports on search phrases and viewed videos, CrystalWeb technology), fortunately this format can be changed.
logformat squidmimemod %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %un %Sh/%<A %mt %rp %>st "%{Referer}>h"
access_log /var/squid/logs/access.log squidmimemod
logfile_rotate 90
logformat squidmimemod %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %un %Sh/%<A %mt %rp %>st "%{Referer}>h"
Tags: Squid, pfSense, log files, ProxyInspector, https