3. Solved: Squid #Custom options

Solved: Squid #Custom options

  • K

    Hello Everybody,

    I am new to pfSence and I am testing it already a few days. But only on a virtual machine. I like it but there is one thing can not get work. And that is Squid Custom options.
    I am trying to put there some commands to get the headers replaced. But without success. When I have tried it on ipcop then I could change the user-agent to "something", but with pfSence - no chance.

    So what I did is: Installed pfsense on a virtual machine with two network cards. Just started it and did the initial configuration. After that installed the Squid package. Putted some commands (one or several) to custom options and tried to test it. It never worked. I did reinstall pfsence maybe 15 times… but I stil can not find a solution.

    Here is my squid.conf. I confirm that squid is working because I configured the  browser to connect via proxy server and Internet is working normally there.

    Any help is apreciated.

    I forgot: I have tested both versions: 1.2.2 and 1.2.3 RC1.

    Thanks in advance.

    # Do not edit manually !
http_port 192.168.1.1:3128
http_port 127.0.0.1:80 transparent
icp_port 0

pid_filename /var/run/squid.pid
cache_effective_user proxy
cache_effective_group proxy
error_directory /usr/local/etc/squid/errors/English
icon_directory /usr/local/etc/squid/icons
visible_hostname localhost
cache_mgr admin@localhost
access_log /dev/null
cache_log /var/squid/log/cache.log
cache_store_log none
shutdown_lifetime 3 seconds
# Allow local network(s) on interface(s)
acl localnet src  192.168.1.0/255.255.255.0
forwarded_for off
via off
uri_whitespace strip

cache_dir aufs /var/squid/cache 100 16 256
cache_mem 8 MB
maximum_object_size 10 KB
minimum_object_size 0 KB
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
offline_mode off
dns_children 32

# No redirector configured

# Setup some default acls
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901  3128 1025-65535
acl sslports port 443 563 
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl dynamic urlpath_regex cgi-bin \?
cache deny dynamic
http_access allow manager localhost

http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports

# Always allow localhost connections
http_access allow localhost

request_body_max_size 0 KB
reply_body_max_size 0 allow all
delay_pools 1
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_initial_bucket_level 100
delay_access 1 allow all

# Allow local network(s) on interface(s)
http_access allow localnet
# Custom options
header_replace User-Agent Googlebot 3.0

# Default block all to be sure
http_access deny all
    0
  • K

    O.K. I have found the error myself.
    The respecting header must be denied first, only then it can be replaced.

    I hope it helps somebody.

    0
  • J

    Please post your solutions. Thanks

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy