Add safeports to squid ?



  • Hello,

    Squid/Squidguard are working like a charm on my box  :).

    But there is a problem.

    I need to allow squid to consider some ports (let say 4444 and 5555) as allowed.

    Obviously, pfSense prevents from modifying manually the file squid.conf

    But, via the GUI, i don't see any option to add these ports to acl_safeports.

    When i modify manually squid.conf, it works (after restarting the right services).

    But, as soon as i reboot, these changes are lost (i suppose pfsense "creates" the squid.conf depending on values filled in the gui).

    Any idea how to insert these safe ports ?

    Thank you,

    Sincerely,



  • add it manually General Option of squid and custom option at the bottom of the page.



  • If you're more hands on you can edit /usr/local/pkg/squid.inc



  • @mikesamo:

    add it manually General Option of squid and custom option at the bottom of the page.

    Thank you,

    Do you know how to add it exactly (i fear to type a conflictuous line between gui and cfg file…) ?

    Thank you



  • Here is a snippet from my squid.inc…

    # Setup some default acls
    acl all src 0.0.0.0/0.0.0.0
    acl localhost src 127.0.0.1/255.255.255.255
    acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 $webgui_port $port 1025-65535
    acl sslports port 443 563 $webgui_port
    acl manager proto cache_object
    acl purge method PURGE
    acl connect method CONNECT
    acl dynamic urlpath_regex cgi-bin \?
    


  • @mhab12:

    Here is a snippet from my squid.inc…

    # Setup some default acls
    acl all src 0.0.0.0/0.0.0.0
    acl localhost src 127.0.0.1/255.255.255.255
    acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 $webgui_port $port 1025-65535
    acl sslports port 443 563 $webgui_port
    acl manager proto cache_object
    acl purge method PURGE
    acl connect method CONNECT
    acl dynamic urlpath_regex cgi-bin \?
    

    Thank you very much !

    I'm going to try this next week, and let a feedback here as soon as done  ;D !

    Sincerely,



  • Thank you very much mhab12 !

    It worked like a charm  ;D !

    By the way, i really like to know how to do it with custom options  ???

    Sincerely


Log in to reply