Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Solved: Squid #Custom options

    Scheduled Pinned Locked Moved pfSense Packages
    3 Posts 2 Posters 5.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      keno
      last edited by

      Hello Everybody,

      I am new to pfSence and I am testing it already a few days. But only on a virtual machine. I like it but there is one thing can not get work. And that is Squid Custom options.
      I am trying to put there some commands to get the headers replaced. But without success. When I have tried it on ipcop then I could change the user-agent to "something", but with pfSence - no chance.

      So what I did is: Installed pfsense on a virtual machine with two network cards. Just started it and did the initial configuration. After that installed the Squid package. Putted some commands (one or several) to custom options and tried to test it. It never worked. I did reinstall pfsence maybe 15 times… but I stil can not find a solution.

      Here is my squid.conf. I confirm that squid is working because I configured the  browser to connect via proxy server and Internet is working normally there.

      Any help is apreciated.

      I forgot: I have tested both versions: 1.2.2 and 1.2.3 RC1.

      Thanks in advance.

      # Do not edit manually !
      http_port 192.168.1.1:3128
      http_port 127.0.0.1:80 transparent
      icp_port 0
      
      pid_filename /var/run/squid.pid
      cache_effective_user proxy
      cache_effective_group proxy
      error_directory /usr/local/etc/squid/errors/English
      icon_directory /usr/local/etc/squid/icons
      visible_hostname localhost
      cache_mgr admin@localhost
      access_log /dev/null
      cache_log /var/squid/log/cache.log
      cache_store_log none
      shutdown_lifetime 3 seconds
      # Allow local network(s) on interface(s)
      acl localnet src  192.168.1.0/255.255.255.0
      forwarded_for off
      via off
      uri_whitespace strip
      
      cache_dir aufs /var/squid/cache 100 16 256
      cache_mem 8 MB
      maximum_object_size 10 KB
      minimum_object_size 0 KB
      cache_replacement_policy heap LFUDA
      memory_replacement_policy heap GDSF
      offline_mode off
      dns_children 32
      
      # No redirector configured
      
      # Setup some default acls
      acl all src 0.0.0.0/0.0.0.0
      acl localhost src 127.0.0.1/255.255.255.255
      acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901  3128 1025-65535
      acl sslports port 443 563 
      acl manager proto cache_object
      acl purge method PURGE
      acl connect method CONNECT
      acl dynamic urlpath_regex cgi-bin \?
      cache deny dynamic
      http_access allow manager localhost
      
      http_access deny manager
      http_access allow purge localhost
      http_access deny purge
      http_access deny !safeports
      http_access deny CONNECT !sslports
      
      # Always allow localhost connections
      http_access allow localhost
      
      request_body_max_size 0 KB
      reply_body_max_size 0 allow all
      delay_pools 1
      delay_class 1 2
      delay_parameters 1 -1/-1 -1/-1
      delay_initial_bucket_level 100
      delay_access 1 allow all
      
      # Allow local network(s) on interface(s)
      http_access allow localnet
      # Custom options
      header_replace User-Agent Googlebot 3.0
      
      # Default block all to be sure
      http_access deny all
      
      
      1 Reply Last reply Reply Quote 0
      • K
        keno
        last edited by

        O.K. I have found the error myself.
        The respecting header must be denied first, only then it can be replaced.

        I hope it helps somebody.

        1 Reply Last reply Reply Quote 0
        • J
          jigpe
          last edited by

          Please post your solutions. Thanks

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.