Redirect to squid almost working, but stuck when add the rules to pfsense



  • Hi all.

    I am using pfsense 1.2, squid box is running on dmz using centos4.6 and i am having problem configured it to work with transparent proxy.

    My setup is

    Lan: 192.168.0.0/24
    DMZ: 192.168.5.0/24
    Squid: 192.168.5.2

    When i manually entered the proxy server address into the browser i can surf without any problems. But once i add the rules for pfsense to redirect all my LAN client to use squid, it gave an error of

    
    1221638274.348      0 192.168.5.1 TCP_DENIED/403 1386 GET http://xxx.xxx.com/favicon.ico - NONE/- text/html
    1221638274.350     15 192.168.0.254 TCP_MISS/403 1420 GET http://xxx.xxx..com/favicon.ico - DIRECT/202.129.165.234 text/html
    1221638275.276      0 192.168.5.1 TCP_DENIED/403 1404 GET http://login.yahoo.com/config/cookie_token - NONE/- text/html
    1221638275.277   6101 192.168.0.248 TCP_MISS/403 1438 GET http://login.yahoo.com/config/cookie_token - DIRECT/209.191.92.114 text/html
    1221638276.075      0 192.168.0.254 TCP_NEGATIVE_HIT/403 1405 GET http://xxx.xxx.com/ - NONE/- text/html
    1221638276.799      0 192.168.0.254 TCP_NEGATIVE_HIT/403 1405 GET http://xxx.xxx..com/ - NONE/- text/html
    
    

    What i did was to create a NAT rule.

    Create a portforward interface LAN
    external adress any
    protocol tcp
    external port 80
    nat IP 192.168..5.2
    internal port 3128.

    Any help?? i have been struggling with this problem for quite sometimes now.



  • i'm having the same problem.
    when i entered the proxy manually (3128), it can be done.
    but when i use the redirect rules NAT for LAN interfaces from 80 to 3128, seems to be unresolved web.

    hiks…can anyone help me?


Log in to reply