Pfsense squid not redirecting 80 to 3128 in transperant mode

  • Hi all,

    Plase help me with this problem.
    I have using pfsense squid but it stops redirecting 80 to 3128 in transperant mode.
    I have tried reinstall all packages but without success.

    I have the following configuration:
    WAN (ext internet)- LAN1 (vlan, LAN2 (vlan, LAN3 (vlan

    How to manual create a rule to forward traffic from all LAN networks to proxy. It seems that pfsense not create it automaticaly.


  • what are you configuring squid to do?  are you selecting all 3 of the LAN interfaces for the transparent mode?

  • Yes all 3 of the LAN interfaces are selected in proxy interface and the transparent mode is checked.

    After this problem the config was the same and worked.
    I also tried to use proxy enabled only on LAN but the result is the same. Not redirecting.
    If i manually select settings (proxy IP, and port) in browser it works with proxy and lightsquid without problems.

    I cannot stop the machine for reinstallation of pfsense because there are ~200 user that using it all the time. Now it works without proxy and file type restrictions :-(

  • Anyone ???

  • Make sure your webGUI is set to a port other an 80 - try HTTPS/443.

  • webGUI is set to a port 8080.  :-(

    here is my squid.conf

    Do not edit manually !

    http_port transparent
    icp_port 0

    pid_filename /var/run/
    cache_effective_user proxy
    cache_effective_group proxy
    error_directory /usr/local/etc/squid/errors/Bulgarian
    icon_directory /usr/local/etc/squid/icons
    access_log /var/squid/log/access.log
    cache_log /var/squid/log/cache.log
    cache_store_log none
    logfile_rotate 30
    shutdown_lifetime 3 seconds
    uri_whitespace strip

    cache_mem 256 MB
    maximum_object_size_in_memory 32 KB
    memory_replacement_policy heap GDSF
    cache_replacement_policy heap LFUDA
    cache_dir aufs /var/squid/cache 100000 32 256
    minimum_object_size 0 KB
    maximum_object_size 512000 KB
    offline_mode off
    cache_swap_low 80
    cache_swap_high 90

    No redirector configured

    Setup some default acls

    acl all src
    acl localhost src
    acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 8080 3128 1025-65535
    acl sslports port 443 563 8080
    acl manager proto cache_object
    acl purge method PURGE
    acl connect method CONNECT
    acl dynamic urlpath_regex cgi-bin ?
    acl unrestricted_hosts src "/var/squid/acl/unrestricted_hosts.acl"
    acl banned_hosts src "/var/squid/acl/banned_hosts.acl"
    acl blacklist dstdom_regex -i "/var/squid/acl/blacklist.acl"
    cache deny dynamic
    http_access allow manager localhost

    http_access deny manager
    http_access allow purge localhost
    http_access deny purge
    http_access deny !safeports
    http_access deny CONNECT !sslports

    Always allow localhost connections

    http_access allow localhost

    quick_abort_min 0 KB
    quick_abort_max 0 KB
    request_body_max_size 0 KB
    reply_body_max_size 0 allow all
    delay_pools 1
    delay_class 1 2
    delay_parameters 1 -1/-1 -1/-1
    delay_initial_bucket_level 100
    delay_access 1 allow all

    These hosts are banned

    http_access deny banned_hosts

    These hosts do not have any restrictions

    http_access allow unrestricted_hosts

    Block access to blacklist domains

    http_access deny blacklist

    Default block all to be sure

    http_access deny all

  • The redirect rules are not in squid.conf, they are located here…

  • The problem is solved :-)
    I reinstalled pfsense and restored backup config.

    Everything not works perfect.

    Thanks for support