Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Some help over here please

    Scheduled Pinned Locked Moved Cache/Proxy
    6 Posts 3 Posters 833 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M Offline
      MR-NT
      last edited by

      Dear All
      can any one tell me how to exclude IP address or some IPS from LAN net  to browse free without squid & squidguard , i am installed squid & squidguard to filter traffic , but i want some IP address go internet direct without pass throw squid ?

      1 Reply Last reply Reply Quote 0
      • DerelictD Offline
        Derelict LAYER 8 Netgate
        last edited by

        Put them in the bypass in squid itself.

        On the General tab:

        Bypass Proxy for These Source IPs
        Do not forward traffic from these source IPs, CIDR nets, hostnames, or aliases through the proxy server but let it pass directly through the firewall.
        Applies only to transparent mode. Separate entries by semi-colons (;)

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • M Offline
          MR-NT
          last edited by

          Thanks Brother

          1 Reply Last reply Reply Quote 0
          • M Offline
            MR-NT
            last edited by

            but if you please , what about if i didnt use transparent mode , how can i do it ?

            1 Reply Last reply Reply Quote 0
            • KOMK Offline
              KOM
              last edited by

              If squid is explicit then you just need to relax your firewall rule that blocks 80,443/tcp on LAN to allow them out direct.

              For example, I have a LAN rule that allows an alias called ExemptfromProxy to use 80,443/tcp.  Below that is a rule that blocks 80,443/tcp for everyone else (forcing them to use the proxy).  Any clients that need direct access get added to the ExemptfromProxy alias.

              1 Reply Last reply Reply Quote 0
              • M Offline
                MR-NT
                last edited by

                Thanks In advance brother

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.