3. Squid as reverse proxy

Squid as reverse proxy

  • F

    Hi.

    I'd like to run Squid as a reverse proxy for multiple webservers on my LAN. The configuration was easy, I'd just added  httpd_accel_single_host off, changed the http_access rules in /usr/local/etc/squid.conf and created a firewall rule that NATs all incoming HTTP traffic to port 3128 on the local LAN interface.

    The problem is that pfSense (or Squid) seems to remove my changes to squid.conf at every reboot! I tried write-protecting the file, but that didn't help. Is there anyting else I can do to stop it from removing my changes?

    Regards,

    Flic

    0
  • H

    conf-files are generated from the config.xml on reboot and on changes inthe webgui. You could store your modified files somewhere on the pfsense and copy them over the generated ones after reboot with a hidden config.xml option maybe: http://faq.pfsense.com/index.php?action=artikel&cat=10&id=38&artlang=en&highlight=hidden
    Make sure to reload the services after replacing the conf files and don'T touch the webgui any more ;-)

    Or have a look at the squid package and try to add some gui elements for that function and commit it back. This would be the cleaner attempt.

    0
  • F

    Thanks, I'll take a look at that!

    0
  • L

    You should really take a look at this: http://varnish.linpro.no/

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy