Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsense and squid - problem with internal address with ports

    Scheduled Pinned Locked Moved pfSense Packages
    6 Posts 4 Posters 5.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M Offline
      mafaldo
      last edited by

      Hi all!
      I've installed pfsense 1.2.2 with squid 2.6.21_10 package and i have some problem with my configuration.

      The browser under proxy go in internet without problem, but when i try to access at some internal address (ex: http://192.168.1.12:81/) i receive an "Access Denied" page .

      What configuration i must touch?

      Thanks and sorry for my english.
      Ciao,
      andrea

      1 Reply Last reply Reply Quote 0
      • D Offline
        danswartz
        last edited by

        what are you trying to do by going to that address/port?

        1 Reply Last reply Reply Quote 0
        • M Offline
          mafaldo
          last edited by

          I have same website internal use in local machine and the webserver on this machine going on the port 81.

          If the browser use the proxy and i try local address with port(i don't know if work with external address) they return this error:

          ERROR
          The requested URL could not be retrieved

          –------------------------------------------------------------------------------

          While trying to retrieve the URL: http://192.168.1.8:81/

          The following error was encountered:

          •Access Denied.
          Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect.

          I have the same problem with address www.mylocalwebsite.com:81 (the dns forward seem ok)
          If i try without proxy they work correctly.

          Thanks for answer!!
          andrea

          1 Reply Last reply Reply Quote 0
          • Z Offline
            Zanotti
            last edited by

            Per raggiungere quell'URL devi editare il file usr/local/pkg/squid.inc e aggiungere la porta 81 in coda alle safeports.
            Salvi e riavvia squid, dovrebbe funzionare.

            Setup some default acls

            acl all src 0.0.0.0/0.0.0.0
            acl localhost src 127.0.0.1/255.255.255.255
            acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 $webgui_port $port 1025-65535
            acl sslports port 443 563 $webgui_port
            acl manager proto cache_object
            acl purge method PURGE
            acl connect method CONNECT
            acl dynamic urlpath_regex cgi-bin ?

            1 Reply Last reply Reply Quote 0
            • C Offline
              chudy
              last edited by

              add this to your custom configuration.

              acl safeports port 81;

              if won't work..
              then hack your squid.inc and add port 81 to safeports that would look like this.

              acl safeports port 21 70 80 81 210 280 443 488 563 591 631 777 901  3128 1025-65535
              1 Reply Last reply Reply Quote 0
              • M Offline
                mafaldo
                last edited by

                Grazie 1000, funziona benissimo, mi avete tolto entrambi un bel grattacapo!

                i've used -acl safeports port 81;- in webadmin.

                Thanks at both!!

                A buon rendere! olè!

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.