Pfsense squid not redirecting 80 to 3128 in transperant mode
-
Hi all,
Plase help me with this problem.
I have using pfsense squid but it stops redirecting 80 to 3128 in transperant mode.
I have tried reinstall all packages but without success.I have the following configuration:
WAN (ext internet)- LAN1 (vlan 192.168.0.1), LAN2 (vlan 192.168.1.1), LAN3 (vlan 192.168.2.1)How to manual create a rule to forward traffic from all LAN networks to proxy. It seems that pfsense not create it automaticaly.
Thanks
-
what are you configuring squid to do? are you selecting all 3 of the LAN interfaces for the transparent mode?
-
Yes all 3 of the LAN interfaces are selected in proxy interface and the transparent mode is checked.
After this problem the config was the same and worked.
I also tried to use proxy enabled only on LAN but the result is the same. Not redirecting.
If i manually select settings (proxy IP, and port) in browser it works with proxy and lightsquid without problems.I cannot stop the machine for reinstallation of pfsense because there are ~200 user that using it all the time. Now it works without proxy and file type restrictions :-(
-
Anyone ???
-
Make sure your webGUI is set to a port other an 80 - try HTTPS/443.
-
webGUI is set to a port 8080. :-(
here is my squid.conf
Do not edit manually !
http_port 192.168.0.1:3128
http_port 192.168.1.1:3128
http_port 192.168.2.1:3128
http_port 127.0.0.1:80 transparent
icp_port 0pid_filename /var/run/squid.pid
cache_effective_user proxy
cache_effective_group proxy
error_directory /usr/local/etc/squid/errors/Bulgarian
icon_directory /usr/local/etc/squid/icons
visible_hostname firewall.redcross.bg
cache_mgr admin@redcross.bg
access_log /var/squid/log/access.log
cache_log /var/squid/log/cache.log
cache_store_log none
logfile_rotate 30
shutdown_lifetime 3 seconds
uri_whitespace stripcache_mem 256 MB
maximum_object_size_in_memory 32 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
cache_dir aufs /var/squid/cache 100000 32 256
minimum_object_size 0 KB
maximum_object_size 512000 KB
offline_mode off
cache_swap_low 80
cache_swap_high 90No redirector configured
Setup some default acls
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 8080 3128 1025-65535
acl sslports port 443 563 8080
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl dynamic urlpath_regex cgi-bin ?
acl unrestricted_hosts src "/var/squid/acl/unrestricted_hosts.acl"
acl banned_hosts src "/var/squid/acl/banned_hosts.acl"
acl blacklist dstdom_regex -i "/var/squid/acl/blacklist.acl"
cache deny dynamic
http_access allow manager localhosthttp_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslportsAlways allow localhost connections
http_access allow localhost
quick_abort_min 0 KB
quick_abort_max 0 KB
request_body_max_size 0 KB
reply_body_max_size 0 allow all
delay_pools 1
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_initial_bucket_level 100
delay_access 1 allow allThese hosts are banned
http_access deny banned_hosts
These hosts do not have any restrictions
http_access allow unrestricted_hosts
Block access to blacklist domains
http_access deny blacklist
Default block all to be sure
http_access deny all
-
The redirect rules are not in squid.conf, they are located here…
/usr/local/pkg/squid.inc -
The problem is solved :-)
I reinstalled pfsense and restored backup config.Everything not works perfect.
Thanks for support