Rules with thansparent proxy enabled



  • Hello,

    I just enabled transparent proxy on our PFsense appliance (default port 3128).

    The last of our firewall rules we have is this catchall rule:

    Action	Protocol	Source 	Port 	Destination 	Port
    Block	TCP		LAN NET	any	any		any
    

    So I had to put this new rule just befor it:

    Action	Protocol	Source 	Port 	Destination 	Port
    Pass	IPv4 TCP	LAN NET	any	This firewall	3128
    

    Isn't it stange? Without this rule pfsense machine is not reachable on port 3128 (even disabling transparent proxy and leaving squid to listen on port 3128). Is this the normal way to configure it?

    Thanks


Log in to reply