Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Transparent proxy on latest BETA

    Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
    3 Posts 2 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pwnell
      last edited by

      If I upgrade from 1.2.3 where transparent proxy works just fine to the latest v2 BETA, it does not work in transparent mode anymore.  If I perform a clean install of v2, then it does work.  Please help me understand what I can do to fix it.  Here are some details.  Transparent is turned on in the webgui.  vr1 is my WAN, vr0 is LAN and re0 is WiFi.  That 96.xxx is my WAN IP.

      
      # pfctl -sn |grep http
      rdr on vr1 inet proto tcp from any to 96.55.182.244 port = http -> 192.168.0.72
      rdr on vr0 inet proto tcp from any to 96.55.182.244 port = http tag PFREFLECT -> 127.0.0.1 port 19002
      rdr on re0 inet proto tcp from any to 96.55.182.244 port = http tag PFREFLECT -> 127.0.0.1 port 19002
      rdr on vr1 inet proto tcp from any to 96.55.182.244 port = https -> 192.168.0.39
      rdr on vr0 inet proto tcp from any to 96.55.182.244 port = https tag PFREFLECT -> 127.0.0.1 port 19006
      rdr on re0 inet proto tcp from any to 96.55.182.244 port = https tag PFREFLECT -> 127.0.0.1 port 19006
      
      # netstat -nab | grep 3128
      tcp4       0      0 192.168.1.10.3128      *.*                    LISTEN
      tcp4       0      0 192.168.0.10.3128      *.*                    LISTEN
      
      # netstat -nab | grep 80
      tcp4       0      0 127.0.0.1.80           *.*                    LISTEN
      tcp4       0      0 *.80                   *.*                    LISTEN
      
      # squidclient -p 80 cache_object://localhost/info
      HTTP/1.0 200 OK
      Server: squid/2.7.STABLE8
      Date: Thu, 08 Apr 2010 06:06:09 GMT
      Content-Type: text/plain
      Expires: Thu, 08 Apr 2010 06:06:09 GMT
      X-Cache: MISS from localhost
      X-Cache-Lookup: MISS from localhost:3128
      Via: 1.0 localhost:3128 (squid/2.7.STABLE8)
      Connection: close
      
      Squid Object Cache: Version 2.7.STABLE8
      Start Time:	Thu, 08 Apr 2010 03:45:19 GMT
      Current Time:	Thu, 08 Apr 2010 06:06:09 GMT
      Connection information for squid:
      	Number of clients accessing cache:	2
      	Number of HTTP requests received:	2
      	Number of ICP messages received:	0
      	Number of ICP messages sent:	0
      	Number of queued ICP replies:	0
      	Number of HTCP messages received:	0
      	Number of HTCP messages sent:	0
      	Request failure ratio:	 0.00
      	Average HTTP requests per minute since start:	0.0
      	Average ICP messages per minute since start:	0.0
      	Select loop called: 11779 times, 717.334 ms avg
      Cache information for squid:
      	Request Hit Ratios:	5min: 0.0%, 60min: 0.0%
      	Byte Hit Ratios:	5min: -0.0%, 60min: 100.0%
      	Request Memory Hit Ratios:	5min: 0.0%, 60min: 0.0%
      	Request Disk Hit Ratios:	5min: 0.0%, 60min: 0.0%
      	Storage Swap size:	3124208 KB
      	Storage Mem size:	252 KB
      	Mean Object Size:	92.57 KB
      	Requests given to unlinkd:	0
      Median Service Times (seconds)  5 min    60 min:
      	HTTP Requests (All):   0.00000  0.00000
      	Cache Misses:          0.00000  0.00000
      	Cache Hits:            0.00000  0.00000
      	Near Hits:             0.00000  0.00000
      	Not-Modified Replies:  0.00000  0.00000
      	DNS Lookups:           0.00000  0.00000
      	ICP Queries:           0.00000  0.00000
      Resource usage for squid:
      	UP Time:	8449.479 seconds
      	CPU Time:	1.020 seconds
      	CPU Usage:	0.01%
      	CPU Usage, 5 minute avg:	0.01%
      	CPU Usage, 60 minute avg:	0.01%
      	Process Data Segment Size via sbrk(): 0 KB
      	Maximum Resident Size: 10744 KB
      	Page faults with physical i/o: 7
      Memory accounted for:
      	Total accounted:         2570 KB
      	memPoolAlloc calls: 156823
      	memPoolFree calls: 88515
      File descriptor usage for squid:
      	Maximum number of file descriptors:   11095
      	Largest file desc currently in use:     24
      	Number of file desc currently in use:   15
      	Files queued for open:                   0
      	Available number of file descriptors: 11080
      	Reserved number of file descriptors:   100
      	Store Disk files open:                   0
      	IO loop method:                     kqueue
      Internal Data Structures:
      	 33777 StoreEntries
      	    27 StoreEntries with MemObjects
      	    26 Hot Object Cache Items
      	 33750 on-disk objects
      # squidclient mgr:info
      ^C
      (Times out)
      
      cache.log
      2010/04/07 20:45:37| Accepting proxy HTTP connections at 192.168.0.10, port 3128, FD 14.
      2010/04/07 20:45:37| Accepting proxy HTTP connections at 192.168.1.10, port 3128, FD 15.
      2010/04/07 20:45:37| Accepting transparently proxied HTTP connections at 127.0.0.1, port 80, FD 16.
      2010/04/07 20:45:37| Accepting HTCP messages on port 4827, FD 21.
      2010/04/07 20:45:37| Accepting SNMP messages on port 3401, FD 22.
      2010/04/07 20:45:37| WCCP Disabled.
      2010/04/07 20:45:37| Loaded Icons.
      2010/04/07 20:45:37| Ready to serve requests.
      
      Web configurator is on 443.
      
      

      Any ideas?

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Did you reinstall the squid package after upgrading?

        You may have to remove it, and then add it back again. The squid package on pfSense 2.0 is in a different location. I'm not sure if the automatic reinstall will handle that part.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • P
          pwnell
          last edited by

          Did try that - makes no difference.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.