Some help over here please



  • Dear All
    can any one tell me how to exclude IP address or some IPS from LAN net  to browse free without squid & squidguard , i am installed squid & squidguard to filter traffic , but i want some IP address go internet direct without pass throw squid ?


  • Netgate

    Put them in the bypass in squid itself.

    On the General tab:

    Bypass Proxy for These Source IPs
    Do not forward traffic from these source IPs, CIDR nets, hostnames, or aliases through the proxy server but let it pass directly through the firewall.
    Applies only to transparent mode. Separate entries by semi-colons (;)



  • Thanks Brother



  • but if you please , what about if i didnt use transparent mode , how can i do it ?



  • If squid is explicit then you just need to relax your firewall rule that blocks 80,443/tcp on LAN to allow them out direct.

    For example, I have a LAN rule that allows an alias called ExemptfromProxy to use 80,443/tcp.  Below that is a rule that blocks 80,443/tcp for everyone else (forcing them to use the proxy).  Any clients that need direct access get added to the ExemptfromProxy alias.



  • Thanks In advance brother