Proxy server not working
-
For reference : I use version "1.0-SNAPSHOT-09-14-06".
I'am having troubles getting my internal squid to work.
I add a rule to permit 8080 traffic but I cannot access the internet using our
www-proxy server.
The proxy server is a squid proxy server on 192.168.1.6 running FreeBSD 6.1.
It is on a different machine as pfsense.
This used to work with monowall …
Could this be a bug or is there something I should check first ? Also where can I report
this bug if it is a bug?EDIT : A proxy server outside the network works but internal doesn't.
Thanks
-
You fail to describe how this proxy server receives traffic from the firewall, etc.
Is it an active directory policy? Is it a port forward? Is it transparent?
-
Sorry I am not being clear.
The proxy server is not a transparent proxy, it is not a port forward.
It is just a proxy sitting at 192.168.1.6 for any user in the network 192.168.1.0
to use if they wich, it caches their http requests for reduced trafic.
Only the proxy server doesn't work anymore with pfsense instead of
monowall as firewall. I did add a rule on the lan that port 8080 is premitted.
I don't have to add a rule to the wan right ?EDIT : forgot to mention erlier but when I remove the block all trafic at the end
on my lan rules list it works. So it seems like my 8080 firewall rule doesnt do anything.I hope this describes more, please let me know if I missed anything.
Regards
-
for a not transparend proxy on youre lan you don't need rules the users just enter the ip of the proxy in there browser config
if you dont want them to enter ip or force them to use the proxy (thats called transperend)
then you need to make a portforward for port 80 to port 8080 to youre proxyserver ip on the pfsense server (the proxyserverip must be excluded from this rule else you make a loop and get no where) and set youre proxyserver to transperd mode
if youre blokking access to the internet with out the proxy then make sure that youre are not blocking the trafic from the proxyserver on port 80 to the internet on the pfsense server -
It sounds like you are blocking on lan by default, allowing some services before it.
Please show us a screenshot of the rules summary screen (the one where you can add and delete rules).
-
Here is the define of the proxy :
"here was a url" …Here are the blocking rules :
"here was a url" ...Hope that helps
-
Really wish I could give you an answer on this one. Everything looks correct.
Make sure the rule is actually being added in /tmp/rules.debug.
Search for 8080.
-
You usually don't need the port 8080 rule unless there is another proxy outside the LAN subnet. As Scott already said, your rules look valid. If it's a firewallruleissue you should find out at status>systemlogs, firewall. If you see blocks for traffic from the proxy IP check the destination ports that are in use. You also can click the small block icon to see what rule caused the block.
-
I log all trafic that doesnt get handled by any of these rules but it
never logs 8080 ar any of that trafic, But still when i sett pass to that rule
it works … -
Add a pass rule for protocol any, source proxy ip, port any, destination any, port any, gateway default and add a log to that at the very top of your rules. Use the proxy. Please show use the pass logs in your firewall logs that are produced by this rule.
-
hmmm I found the problem … It seemed to be dns.
Sorry guys and thanks for the help :-[Thanks