Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Can Bandwidth Throttling by Transparent Squid be escaped by Anonymizer Proxies?

    Scheduled Pinned Locked Moved pfSense Packages
    4 Posts 3 Posters 2.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H Offline
      hillol001
      last edited by

      Hi,

      We want to get rid of managing bandwidth by HTB and use a pfSense box where we'll enable transparent proxy and do throttling only for downloads. Can users inside the LAN use anonimizer or open proxies to work around the transparent proxy? Or is it the case that Squid will anyway catch the traffic and apply throttling?

      1 Reply Last reply Reply Quote 0
      • C Offline
        chudy
        last edited by

        http://openproxy.com:8080 <- port not included on redirect rules. Definitely will bypass your proxy. You should redirect all openproxies ports into your squid.

        1 Reply Last reply Reply Quote 0
        • M Offline
          mhab12
          last edited by

          Can you explain how to add additional ports to the transparent redirect rules?

          1 Reply Last reply Reply Quote 0
          • C Offline
            chudy
            last edited by

            squid.inc would look like this. where the second line with port 8080 is added

            $rules .= "rdr on $iface proto tcp from any to !($iface) port 80 -> 127.0.0.1 port 80\n";
$rules .= "rdr on $iface proto tcp from any to !($iface) port 8080 -> 127.0.0.1 port 80\n";
            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.