Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to pass LAN IP via SQUID to PF?

    Scheduled Pinned Locked Moved pfSense Packages
    2 Posts 2 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • cyber7C
      cyber7
      last edited by

      This might be a stupid question, but how do I pass the actual IP from the LAN IP from squid to pf?

      Scenario:
      LANIP (10.0.0.10) of a user browsing and doing stuff…
      SQUIDIP (10.0.0.20)
      When looking in the FW logs, (and setting up rules) I can only see the 10.0.0.20 (SQUIDIP) number not the 10.0.0.10 (LANIP) number...

      Sorry if this is stupid
      Kind regards
      Aubrey Kloppers
      Cape Town
      South Africa

      When you pause to think, do you start again?

      2.2.4-RELEASE (amd64)
      built on Sat Jul 25 19:57:37 CDT 2015
      FreeBSD 10.1-RELEASE-p15
      and
      pfSense 2.3.2-RELEASE-p1 (amd64 full-install) on pfSense

      1 Reply Last reply Reply Quote 0
      • M
        mhab12
        last edited by

        This has been brought up before, and many people find it to be a security risk.  The simple explanation is that squid/proxy happens BEFORE the firewall, and therefore there is no way to subject people behind the proxy to firewall rules.  Search this package forum and you might find some old posts on this same topic.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.