Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsense Squid only TCP_Tunnel

    Scheduled Pinned Locked Moved
    Cache/Proxy
    2
    4
    843
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      Meclee
      last edited by

      I've been searching everywhere but sadly didn't find anything relating to my problem.
      I'm very new to pfsense and Firewalls in general. So i'm kinda stuck.

      I'm running Pfsense on a small Intel Nuc.
      i3-3217U 1.8Ghz
      8Gb of RAM
      32Gb of Storage (upgradeable, I just want to see it work)

      My Pfsense is running in its own internal Network 192.168.3.0
      and I have a client attached to it 192.168.3.12 .
      Its WAN is connected to my main Network 192.168.1.0

      So i've setup Squid Proxy Service like all the Tutorials out there.
      I'd like to be able to cache files I'm downloading and Browser Data.
      But all I get when I check with
      tail -f /var/squid/logs/access.log

      are mostly TCP_Tunnel
      very rarely TCP_MISS
      but no TCP_HIT's
      479bed4c-e1dc-497e-8634-9218fec651a1-image.png

      This is how my Squid is configured
      General:
      7db7d054-bb55-4403-a3c5-a1646042d7c8-image.png
      430b3aa4-ddd0-441e-b55d-0277d8bb42c0-image.png
      968045e0-7878-45be-aac8-509d64970bf4-image.png

      Local Cache:
      0ec6c3bd-23e6-4d62-8c45-b596e8a6a3e0-image.png
      a0c75203-7597-4434-b28a-0ad4a8f12b2a-image.png

      Rules:
      867d8666-b77f-4054-a763-6e7224cb2a5e-image.png

      I'm really at a loss right here and don't know what to do.

      I would appreciate any help
      Thank you very much

      A 1 Reply Last reply Reply Quote 0
      • A
        aGeekhere @Meclee
        last edited by

        @meclee You need to add the custom refresh_patterns
        https://github.com/mmd123/squid-cache-dynamic_refresh-list
        After that test by downloading a steam game (twice) or use http://speedtest.tele2.net/.

        Also a note that traffic from https sites cannot be cached as it is encrypted (maybe you can try with SSL Man In the Middle).

        Never Fear, A Geek is Here!

        M 1 Reply Last reply Reply Quote 1
        • M
          Meclee @aGeekhere
          last edited by

          @ageekhere Thank you very much, that List really helped!
          And thank you for clarifying that https sites cant be cached, now i can tell my superior why that didn't work.

          A 1 Reply Last reply Reply Quote 0
          • A
            aGeekhere @Meclee
            last edited by

            @meclee Also sometimes the cache may have to be reset (either when updating the custom refresh_patterns, major squid updates or something has gone wrong) here is the guide for the subject.

            https://docs.netgate.com/pfsense/en/latest/troubleshooting/squid.html

            Basically
            squid -k shutdown
            rm -rf /var/squid/cache
            squid -z
            squid
            squid -k parse (look to see if there are errors in the custom refresh_patterns).

            Never Fear, A Geek is Here!

            1 Reply Last reply Reply Quote 1
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.