Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squid Proxy bypasses firewall rules

    Scheduled Pinned Locked Moved General pfSense Questions
    3 Posts 2 Posters 595 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      ProperCactus Rebel Alliance
      last edited by

      I have a bunch of firewall rules being made by aliases set by pfBlockerNG, however it seems kinda pointless when Squid Proxy just bypasses the firewall completely......

      How can I apply the traffic filtering using the same aliases in the firewall with Squid Guard?

      stephenw10S 1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator @ProperCactus
        last edited by

        It depends how those rules are being applied.

        You can apply that as a floating outbound rule using the alias(es) as destination to block Squid.

        Steve

        P 1 Reply Last reply Reply Quote 0
        • P
          ProperCactus Rebel Alliance @stephenw10
          last edited by

          @stephenw10 thanks yea I worked out my problem.

          Because I has a rule at the bottom of floating that blocked anything I didn't specifically allow out, I then was allowing WAN to HTTP/HTTPS for Squid and it was quick matching.

          I had to rejig that block all rule to avoid HTTP/HTTPS so that it allows that traffic by default (No quick rule allow needed for WAN) and then I catch any bad traffic with the explicit deny rules.

          Seems to work now.

          1 Reply Last reply Reply Quote 1
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.