@tn1rpi3 said in haproxy | Browser says ERR_TOO_MANY_REDIRECTS:

BOTTOM LINE:
All sites are responsive now.
However, apache2 does not yet redirect to the desired content.

After some extensive trial and error with ACL settings I've come full circle.
meaning that
I added an "http-request set uri" action to my_site.com
and under fmt I put "/subfolder_name"

--> This finally sets the desired path on the server.
Alas, now the error message "ERR_TOO_MANY_REDIRECTS" has returned.

Since the initial cause of above error was solved, I will declare this topic as solved.
I would appear appropriate to open another topic on this.

@tn1rpi3

I will try over at Cloudflare however previously I was passing all packets to the Apache reverse proxy/webserver and I wasn't receiving any 502 errors. Now that HA proxy is in the middle, things don't seem to be working.

thanks for reply! nop, i dont read those info. i think that no transparent proxy is the next step.

There is a checkbox to enable transparent mode in Squid.

Also see the hangout: https://youtu.be/xm_wEezrWf4

@tn1rpi3 Solved. Settings on pfsense haven proven quite correct thanks to PiBa's input. The router's correct IP address has been reassigned. Some misunderstanding on the ISP's side..
All good now.

@elcid
Hello, I am trying to send the squidguard records to send them to graylog and then see them with grafana, can I do it?

Greetings and thanks in advance

Hello Friends...Yeah this method works. Squid is logging with mac address. But i'd like to see logs with mac on Light Squid. When i apply your method Light Squid does not show logs and also Light Squid wants me to enable "Enable Acces Logging" checkbox on Squid. If i download the log file to my computer and open with notepad i can see the logs with mac....But as i said i can not see on Light Squid....Is there any way to see the logs with mac on Light Squid?

Nobody any idea? Can't be the only one wanting that feature.

Hi,
Finally I figured it out, however I'm not happy about what I've found.
HAProxy is working on both interfaces after change default gateway from WAN group WGDefault where WAN1 and WAN2 belongs to Automatic.
IMHO proxy shouldn't rely on that setting at all.
I'm gonna check pfSense bug reports and submit one eventually.

I would certainly expect that to work, or that approach at least, as long as that user really is in that group and LDAP is returning it.
Check the logs.

Steve

@Gertjan Thanks Sir ,one more question i want to share scenario our website hosted on x server(it can be cent os httpd or windows iis) so that webserver frontend backend in pfsnese HA proxy .so this thing https://forum.netgate.com/topic/149300/captive-portal-err_ssl_protocol_error/6 help me in this scenario or different thing.

@Foloder
So i presume portal.example.org resolves to the IP 192.168.1.101 on the client machine your testing from?
Also check haproxy's stats page to verify that the server shows as 'up', it probably needs 'ssl-checks' enabled on the backend server if it isn't.

Other that that the config seems fine..

Many thanks for your response PIBa...

Since posting my question I have learned that re-writing the headers, using actions in HAProxy is not going to help rewrite the content of the pages themselves (my bad, I'm a noob). The calls to the MongoDB were not direct as you suggested, they were indirect responses from the parseserver app. The solution has been to simply tell the db to declare these https:// urls and that works fine. I had assumed if the db and the parse server weren't actually TLS themselves this might not work, but that was over thinking it perhaps.