Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Solved: Squid #Custom options

    Scheduled Pinned Locked Moved pfSense Packages
    3 Posts 2 Posters 5.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      keno
      last edited by

      Hello Everybody,

      I am new to pfSence and I am testing it already a few days. But only on a virtual machine. I like it but there is one thing can not get work. And that is Squid Custom options.
      I am trying to put there some commands to get the headers replaced. But without success. When I have tried it on ipcop then I could change the user-agent to "something", but with pfSence - no chance.

      So what I did is: Installed pfsense on a virtual machine with two network cards. Just started it and did the initial configuration. After that installed the Squid package. Putted some commands (one or several) to custom options and tried to test it. It never worked. I did reinstall pfsence maybe 15 times… but I stil can not find a solution.

      Here is my squid.conf. I confirm that squid is working because I configured the  browser to connect via proxy server and Internet is working normally there.

      Any help is apreciated.

      I forgot: I have tested both versions: 1.2.2 and 1.2.3 RC1.

      Thanks in advance.

      # Do not edit manually !
http_port 192.168.1.1:3128
http_port 127.0.0.1:80 transparent
icp_port 0

pid_filename /var/run/squid.pid
cache_effective_user proxy
cache_effective_group proxy
error_directory /usr/local/etc/squid/errors/English
icon_directory /usr/local/etc/squid/icons
visible_hostname localhost
cache_mgr admin@localhost
access_log /dev/null
cache_log /var/squid/log/cache.log
cache_store_log none
shutdown_lifetime 3 seconds
# Allow local network(s) on interface(s)
acl localnet src  192.168.1.0/255.255.255.0
forwarded_for off
via off
uri_whitespace strip

cache_dir aufs /var/squid/cache 100 16 256
cache_mem 8 MB
maximum_object_size 10 KB
minimum_object_size 0 KB
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
offline_mode off
dns_children 32

# No redirector configured

# Setup some default acls
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901  3128 1025-65535
acl sslports port 443 563 
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl dynamic urlpath_regex cgi-bin \?
cache deny dynamic
http_access allow manager localhost

http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports

# Always allow localhost connections
http_access allow localhost

request_body_max_size 0 KB
reply_body_max_size 0 allow all
delay_pools 1
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_initial_bucket_level 100
delay_access 1 allow all

# Allow local network(s) on interface(s)
http_access allow localnet
# Custom options
header_replace User-Agent Googlebot 3.0

# Default block all to be sure
http_access deny all
      1 Reply Last reply Reply Quote 0
      • K
        keno
        last edited by

        O.K. I have found the error myself.
        The respecting header must be denied first, only then it can be replaced.

        I hope it helps somebody.

        1 Reply Last reply Reply Quote 0
        • J
          jigpe
          last edited by

          Please post your solutions. Thanks

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.