NAT Port redirection not working.

aaronouthier

So, I'm using DansGuardian and Squid together. I need to port forward ports 80 & 443 outgoing to port 8080 (DansGuardian) for a type of transparent Proxy Proxy use. I am aware that Squid has a transparent proxy option, but that isn't what I need. I am trying to send traffic from local networks to DansGuardian then through Squid and then out to the internet. Squid's Transparent option sends local network traffic directly to squid, bypassing DansGuardian, and this won't do.

I am aware of the privacy issues - I am the only one using this network connection, and I don't care about this.

I have an allow LAN to any firewall rule, which comes last in the list of rules, but still seems to override my port forward rule. The end result is, all traffic is going directly to the internet, bypassing DansGuardian and Squid, despite my forwarding rules. I currently am blocking ports 80 and 443 from internal networks to WAN. This works in theory, but alas, my PS3 and Xbox 360 won't connect to the Internet now - they have 0 support for explicit proxies. What to do??

Inverse26

Hi aaronouthier,

I know you post is already a bit older, but could you find a solution for your problem? I'm having quiet the same situation.

Regards,

Inverse26

KOM

Post your problem in the NAT forum and someone will help you.

marcelloc

@aaronouthier:

So, I'm using DansGuardian and Squid together. I need to port forward ports 80 & 443 outgoing to port 8080 (DansGuardian) for a type of transparent Proxy Proxy use.

SSL port will not work on dansguardian for transparent proxy.

aaronouthier

Thanks. Figured that one out already. That post is a bit old now.

jetberrocal

@marcelloc:

@aaronouthier:

So, I'm using DansGuardian and Squid together. I need to port forward ports 80 & 443 outgoing to port 8080 (DansGuardian) for a type of transparent Proxy Proxy use.

SSL port will not work on dansguardian for transparent proxy.

:(

I am looking for help with Dansguardian SSL support with Squid3-dev on Non-transparent mode.  I am still on pfsense 2.1.5, using the DG and Squid3-dev packages as they come with the pfsense packages.

The HTTPS sites are blocked succesfully and access succesfully when allowed.  The problem is that when blocked, it does not redirect to the access denied HTML template page, as done with the HTTP sites, but the browsers return a generic error connection page.

Please tell me what information do you need from me, in order to be able to help me.

I tried to start a thread for this, but I did not get any reply.

https://forum.pfsense.org/index.php?topic=91012.msg505084#msg505084

At least tell me if this can not be solved.