Squid: how to "catch" 8080 port web traffic
-
Hi,
It seems that our Squid Proxy don't catch web traffic when the port is different than 80 and 443.
As an exemple, when we try to access to a website on port 8080, it doesn't appear in access.log.
How can we enable filter on other ports than 443 and 80?
I've already tried to add 8080 in "ACL SafePorts" (even if is already included in default list 21 70 80 210 280 443 488 563 591 631 777 901 1025-65535)
Technical informations:
-Pfsense 2.4.4-RELEASE-p1
Thanks.
-
@genseb there is ACl SSL option for safe ports , make sure to add 8080 there.
-
Thanks for your answer.
I've already tried but didn't work. Still no log and filter 8080 port.
-
Doesn't squid currently work by adding NATs to redirect all port 80/443 traffic to 127.0.0.1? Maybe you could add your own LAN NAT and try it for 8080.
-
@genseb said in Squid: how to "catch" 8080 port web traffic:
Thanks for your answer.
I've already tried but didn't work. Still no log and filter 8080 port.
are you able to access server with port 8080 directly?
where this server is located ? -
Yes, I can access the server on port 8080 directly. The server is located in a cloud platform.
My "issue" is that squid only logs connection on 443 and 80 port. When I access servers on other ports, servers are accessible, web pages well serves etc. but nothing logged.
My Squid is in transparent mode and my pfsense is defined as gateway of my network (1 NIC as LAN and 1 as WAN) so currently everything passthrough pfsense.
The only way I'll find to reach my goal is to forward port 8080 on 3128 but can't do it for every port... so it seems to be a weird thing so I think I'm not on the right way with this solution.
-
@genseb I have not used transparent proxy.
may be it should create automatic NAT when you add port there in Safe_ACL.
Pfsense is a Good firewall, but lot of issues in proxy.
