Squid - select loopback interface or not?

pfsense_user12123 · Oct 31, 2017, 9:48 PM

There are hundreds of tutorials in this forum and on the web about configuring squid the correct way.
But the main question for me is:

Is it necessary to select the „loopback“ interface for proxy along with the lan interfaces or not?
Everyone says something different. It looks like no one really knows the right answer.
Please ….can some pro answer this question?

Thx very much

periko · Nov 1, 2017, 5:58 AM

I ask u this.

U have a network in the range 192.168.1.0/24, u setup pfsense with 2 interfaces, WAN+LAN.

Them u decide to install squid, u want to protect the network behind the LAN, in this situation u need the loopback?

In my little experience, I just need loopback went I need to get squid internal performance info which mgr give us, other than that no need loopback.

Hope this give u some info.

pfsense_user12123 · Nov 1, 2017, 1:50 PM

@periko:

I ask u this.

U have a network in the range 192.168.1.0/24, u setup pfsense with 2 interfaces, WAN+LAN.

Them u decide to install squid, u want to protect the network behind the LAN, in this situation u need the loopback?

In my little experience, I just need loopback went I need to get squid internal performance info which mgr give us, other than that no need loopback.

Hope this give u some info.

I have three lan Interfaces.

I hope I understood you correctly, and so I disabled the loopback interface now.

I found this on the pfsense page
https://doc.pfsense.org/index.php/Setup_Squid_as_a_Transparent_Proxy

Or does anyone disagree turning off the loopback interface?

KOM · Nov 1, 2017, 12:52 PM

IIRC you need the loopback interface selected for Lightsquid to work.

pfsense_user12123 · Nov 1, 2017, 1:53 PM

@KOM:

IIRC you need the loopback interface selected for Lightsquid to work.

ok only for lightsquid. And if i wanna use squidguard….Do i have to turn loopback device also on ?

KOM · Nov 1, 2017, 3:31 PM

Not sure. I'd just leave loopback selected unless it's giving you some specific problem.

pfsense_user12123 · Nov 1, 2017, 5:32 PM

@KOM:

Not sure. I'd just leave loopback selected unless it's giving you some specific problem.

Ok. Thx. Is loopback necessary for clam (antivirus) ?

KOM · Nov 1, 2017, 6:07 PM

Definitely no idea. I don't run that crap on my router. AV belongs on the client, not the router.

pfsense_user12123 · Nov 1, 2017, 8:14 PM

Thx KOM….you helped me and a lot of other users in this forum. :-)

pfsense_user12123 · Nov 7, 2017, 1:46 PM

I found a difference when I activate loopback interface in proxy mode.

if the loopback interface is activated, advertising links on google search results won´t open. thats great!
if i deactivate the loopback interface, advertising links on google search results open again..

can someone explain why it is like that?

thx

KOM · Nov 7, 2017, 2:03 PM

Perhaps the loopback interface is used by squidguard?

pfsense_user12123 · Nov 7, 2017, 3:15 PM

no

KOM · Nov 7, 2017, 3:47 PM

It's now a week later and you're still worrying about this? Stuff works when it's selected, stuff breaks when it isn't. Just leave it selected.