Firewall / Squid and possible security related issue.
-
Hi Guys,
I think I've run into another problem with Squid and the Firewall this time.
With Squid enabled as transparent proxy, I went into Firewall Rules and changed the default LAN Net policy to "block" and ensured all protocols etc were set to "any". I am now assuming that no one on my Lan will be able to access the internet.
However, I was still able to access the internet, etc without any problems…matter-of-fact, I am doing so now with the block any rule turned on!
Now, when I turn off the squid service, revert the default LAN any rule to accept and then back to block, it works. I can no longer surf the internet and I get the Network Timeout error.
I am assuming the firewall rules take precedent here. Please let me know your thoughts.
Thanks
Jits
-
I didn't Reset the Firewall State table after making such a change. Again, I'm assuming based on what I'm reading that I should have to effect changes a bit quicker than normal. Correct?
-
Its in your squid.inc that modifies the pf rules.
You can edit your squid.inc in /usr/local/pkg/squid.inc and comment:
$rules .= "#pass in quick on $iface proto tcp from any to !($iface) port 80 flags S/SA keep state\n";
$rules .= "#pass in quick on $iface proto tcp from any to !($iface) port $port flags S/SA keep state\n";to show your current pf rules
pfctl -sr