Squid3 transparent proxy not serving pages
-
I remember that i386 squid had some issues many months ago and I don't know if they got addressed or not. That might be your problem. Are you able to run x64?
-
On your test PC, did you set your default gateway to pfsense's LAN ip address?
-
On your test PC, did you set your default gateway to pfsense's LAN ip address?
Yes, the gateway is via DHCP and I checked.
@KOM:
I remember that i386 squid had some issues many months ago and I don't know if they got addressed or not. That might be your problem. Are you able to run x64?
Yes, I will report back. Originally this was to be on an older machine but I have since put in a new one.
-
32-bit builds will go away soon enough so you really should move to 64-bit if you can.
-
I have installed and setup the amd64 version. I am having the same problems with the transparent proxy. Manually set up in browser is fine.
I have the same settings as before. What else can I check? It seems the requests never hit the cache or firewall. I will keep looking as well.
Thank you.
-
I ended up unticking the transparent proxy and manually adding a LAN rule to do the same thing:
rdr on fxp0 inet proto tcp from any to 192.168.2.0 port = http -> 127.0.0.1 port 3128This does not work. The rule shows but does not redirect to http to 3128.
I wonder if there is a problem with the built in rule:
rdr on fxp0 inet proto tcp from any to ! (fxp0) port = http -> 127.0.0.1 port 3128In the meantime, if anyone has an idea of why the transparent proxy isn't working within Squid3 please let me know.
Thank you.
-
In the meantime, if anyone has an idea of why the transparent proxy isn't working within Squid3 please let me know.
It's working just fine for pretty much everyone but you… Do a traffic capture, this doesn't go anywhere with the amount of info available here.
-
Transparent proxy is a PITA when it comes to HTTPS, so perhaps this is a blessing in disguise. Consider keeping squid in explicit mode and use WPAD to help your clients find it automatically.
https://doc.pfsense.org/index.php/WPAD_Autoconfigure_for_Squid
-
@KOM:
Transparent proxy is a PITA when it comes to HTTPS, so perhaps this is a blessing in disguise.
;D 8) Not a fan of transparent proxies either.
-
Thanks for the suggestion KOM. I used the wpad link you sent and am dropping the transparent proxy. I guess I am stuck in the past - had that set up using centos but lost the hard drive and was trying to recreate it on pfsense. This is a better solution. I will monitor it and make certain that it works as expected.
Thanks for the help doktornotor as well - when I have time I will try the sniffer.
