Transparent squid-0.4.36_3 not working. Any help appreciated.



  • I carried out a clean install of pfsense 2.3.3 (i386)
    Configured enough to enable internet access.
    Installed squid-0.4.36_3
    Configured squid in transparent mode, and it fails, with a timeout on web pages.

    I have configured squid with no transparent mode, tested it and its working.
    I have spent some time looking for errors in logs, and looking up bugs that mention changing group memberships etc.

    None of this is working for me, so any help appreciated.

    Rgds
    Mat



  • try to create rules in firewall>rules>lan

    IPv4    *    *    127.0.0.1    3128    *    none
    IPv4    *    *    127.0.0.1    3129    *    none

    you must place this below the Anti-Lockout Rule.



  • Hi waldopulanco,

    Tried that, and the behaviour is the same.

    I did read a post, along the lines that this is a specific i386 issue. Another user is suggesting a recompile of the squid package with a different flag set.

    I was kinda hoping for a workaround by now, as with squid not working, I cant use squidguard either.

    A bug was raised, suggesting that the latest squid package is using different permissions/user/group, but I followed that "resolution" to no avail.

    Appreciate you replying.

    Rgds
    Mat


  • Banned

    @waldopulanco:

    try to create rules in firewall>rules>lan

    IPv4    *    *    127.0.0.1    3128    *    none
    IPv4    *    *    127.0.0.1    3129    *    none

    you must place this below the Anti-Lockout Rule.

    That's completely unneeded and already taken care of by the package  - https://github.com/pfsense/FreeBSD-ports/blob/devel/www/pfSense-pkg-squid/files/usr/local/pkg/squid.inc#L2162



  • I confirm this behavior. I knew the transparent proxy did not work in pfSense 2.3 so I kept it off.

    A while ago I upgraded to 2.3.3 (i386) and switched the squid on. I started to get timeout in web browser. Something is still wrong with the package.



  • Running Pfsense version 2.3.4 with squid 0.4.36_3, can confirm squid works only when in non transparent proxy mode



  • @odix:

    Running Pfsense version 2.3.4 with squid 0.4.36_3, can confirm squid works only when in non transparent proxy mode

    For me only HTTPS (with SpliceAll SSL/MITM mode) is not working in Transparent mode.



  • I do have the issue too for more than one year and no one trying to help.
    I was hoping the new version would fix this but it's not the case



  • Indeed I managed to get it work as I stated here (you can find my conf also):
    https://forum.pfsense.org/index.php?topic=129450.0 (Pfsense 2.3.4 Squid 0.4.36_3 http/https (splice all)+ transparent mode + squidguard)

    Instead I cannot get it work in NON Transparent mode. technicalicsti can you share your non transparent working conf?
    Thanks



  • vielfede: I have read that thread but I am still sorf of confused. What was the key setting for getting the squid to work in transparent mode?



  • Still not working on 2.3.4 -  I heard it is working on BETA 2.4 - is it true?



  • I have just upgraded to pfSense 2.3.4 and Squid 0.4.36_3.
    Tried to switch the transparent proxy on but the communication on port 80 stopped as before.



  • @Pontiac_CZ:

    vielfede: I have read that thread but I am still sorf of confused. What was the key setting for getting the squid to work in transparent mode?

    Sorry, my mistake! I missed to clear proxy settings in client pc, hence I was suposed to use transparent mode. Indeed it does not!
    Or better:

    • splice all + transparent mode: http works, https sometimes works and sometimes it does not, no idea about the causes

    • splice all + NON transparent mode works (flawlessly) http+https (you have to set proxy client settings)



  • @vielfede:

    @Pontiac_CZ:

    vielfede: I have read that thread but I am still sorf of confused. What was the key setting for getting the squid to work in transparent mode?

    Sorry, my mistake! I missed to clear proxy settings in client pc, hence I was suposed to use transparent mode. Indeed it does not!
    Or better:

    • splice all + transparent mode: http works, https sometimes works and sometimes it does not, no idea about the causes

    • splice all + NON transparent mode works (flawlessly) http+https (you have to set proxy client settings)

    Vielfede,
    What about the "block page" while using HTTPS/Non-Transparent mode? Is it showing your "block page" normally? do you have your pfsense web-console using Https as well?
    Thanks!
    fabricio.


Log in to reply