Good morning @ndg1987.
The proxy in transparent mode does not filter HTTPS requests, only HTTPs. If you distribute the PAC, I understand that you have it in “Non-transparent” mode.
The same happens to me. For it to be all filtered, it is necessary to force all requests to go through the proxy. For this I have created the following rules in the Firewall:
1º Create a group with the HTTPS and HTTP services.
2º Create the rule that prevents HTTPS and HTTP requests that do not go through the proxy.
You have to configure the Proxy in all the Clients, either by hand, or by means of the PAC. In this way, I managed to get it to work correctly. Maybe someone has a better way to do it, but this is mine.
For Edge and Chrome, I have configured the distributed PAC option. For Firefox, it doesn’t work and you have to configure the Proxy manually either in the Browser or from “Internet Options → Connections”. wiki.ipfire.org - Web Proxy Auto-Discovery Protocol (WPAD) / Proxy Auto-Config (PAC)
Try it, I hope it works for you.
Greetings.