Unable to configure squid properly.
-
Hiya,
I'm very new to pfsense, i've been using it for about 10 days so please bare with me…
I'm trying to set up a box to be a generic transparent web cache proxy and from all acounts pfsense is more than capable, unfortunatly i don't seem to be able to make it work.
I have installed v1.2.3 on a p4 3ghz pc with 1gb ram, set up my WAN as DHCP and bridged the LAN to the WAN. Created a firewall rule to pass all WAN to LAN & disabled NAT. Installed Squid & lightsquid and set up as per the instructions. I connect my laptop to the LAN interface of pfsense, i get a DHCP ip from my router, i can ping google but am unable to browse!
I've had a bit of a play around if i disable 'Allow users on interface' and add my subnet under 'Access Control' i can then browse but i'm sure its not cacheing as lightsquid doesnt list anything...
I'm probably missing something stupid, any help / pointers are welcome.
Many thanks
Dave
-
Any reason that you bridged LAN & WAN? This would only be necessary in a few very specific configurations. The 'typical' relationship between LAN and WAN as far as routing is set up to work by default.
-
Hiya,
Thanks for your reply. I wanted to create a generic web cache/proxy that was transparent. This appeared to be the simpleist way to achieve it. I need all traffic to pass straight through and will need DHCP to be assigned from the WAN side.
Essentially it works apart from it doen't cache anything…. If i disable the LAN->WAN bridge and resetup the DHCP server in pfsense then the cache works perfectly but i'm then running on the wrong subnet :-(
I'm sure there must be a way to do this but i cannot for the life of me work it out!!
Many thanks
Dave
-
You refresh your lightsquid in order to do logging
-
Hiya,
Infortunatly i got dragged onto another project for a while but i'm back on this one now.
Been playing with my pfsense box for a few hours to familerise myself with it again.Still can't get it to work as i want, with the bridge disabled transpatent squid works fine,
with the bridge enabled transparent squid doesn't work. Do i need to make any manual
changes to any conf files??I may be completely wrong here but to me it looks like the interface squid is bound to is
a 'NIC' not the 'bridge', does the bridge have an internal address of its own that i can bind to?
If i manually set the proxy in the browser i have to bind to the 'wan' interface and give the
browser the 'wan' address….........Many thanks
Dave
-
When you have LAN bridged to WAN, the LAN side has no IP. You'd probably want to bind squid to the WAN in that case.