Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squid3 transparent proxy not intercepting traffic

    Scheduled Pinned Locked Moved Cache/Proxy
    2 Posts 1 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      BitBear
      last edited by

      Hi,

      I have pfsense 2.2.6 with squid 3.4.10. There is one LAN facing physical interface with two VLANs on it - native VLAN 1 and VLAN 100. I have squid configured to listen on 3128 and enable transparent proxy on both LAN interfaces. It works flawlessly on VLAN 1, but when I enable transparent proxy on VLAN100, no HTTP traffic would work (HTTPS works fine still as I don't want to intercept them). Both LAN's addresses are in the allowed subnet list.

      I tried port forwarding using NAT - any HTTP requests from VLAN100 subnet -> pfsense's VLAN100 address on port 3128. Then I'd get "Invalid URL" from squid with the host part of the URL missing.

      For both interfaces, explicitly setting the proxy works. Auto config by WPAD works too.

      Any help is appreciated.

      Thanks!

      1 Reply Last reply Reply Quote 0
      • B
        BitBear
        last edited by

        Turns out adding a rule to allow all hosts in VLAN100 -> 127.0.0.1:3128 made it all work. Still a bit confused on why it was needed.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.