Squid port 3128 and Firewall Rules

mcury

@JonathanLee said in Squid port 3128 and Firewall Rules:

@mcury Yes I do have both, my XBOX uses the transparent side

Have you bypassed all other hosts that don't need transparent proxy in the Squid settings ?

Disable transparent proxy for one sec and test.

If it works, enable it again and try to bypass clients that are pointing to the proxy (explicit) in the transparent settings.

JonathanLee

@mcury How do you bypass for example one host like 192.168.1.17 from the SSL intercept but still make it use the the transparent proxy?

mcury

@JonathanLee said in Squid port 3128 and Firewall Rules:

How do you bypass for example one host like 192.168.1.17 from the SSL intercept but still make it use the the transparent proxy?

1- Disable transparent proxy
2- You would have to create the transparent NAT manually, using a ! in the source, with that IP address.
3- That NAT would have to redirect outbound TCP 443 connections to 127.0.0.1 3128.

Test like that, if doesn't work, try to change the port in the 3rd step to 3129.

I think that will do it.

Note that you would also need to create one for port 80.

JonathanLee

@mcury Thanks!!!! that helps a lot I no longer see double requests for everything and it all still works!!! The XBOX uses transparent and UpNp and all the devices that know about the proxy don't need the transparent!!! YES!!!

mcury

@JonathanLee said in Squid port 3128 and Firewall Rules:

@mcury Thanks!!!! that helps a lot I no longer see double requests for everything and it all still works!!! The XBOX uses transparent and UpNp and all the devices that know about the proxy don't need the transparent!!! YES!!!

Oh, good to hear that :)

JonathanLee

@mcury

Thanks all I see is WAN blocks now !! YES!!! THANK YOU

JonathanLee

Could it be set flags SYN ACK ? and or state type keep or sloppy ?