Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SQUID BIG PROBLEM

    Scheduled Pinned Locked Moved pfSense Packages
    9 Posts 3 Posters 3.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O
      onkeldave83
      last edited by

      hello experts,

      i have squid 1.2.3-release with havp + squid

      my structur:

      (lan) intranet –- havp ---- squid ---- internet (wan)

      havp = transparent proxy 192.168.1.10:8080
      squid = parent proxy 127.0.0.1:3128

      its the only way to access ftp sites in my opinion, because havp dont understand ftp protokoll :(
      therefore is my cache first and then havp!

      BUT ...the big problem is:

      when i restart the pfsense machine
      my squid parent proxy config is resetted :( :( :(

      in the gui of squid are only eth0 eth1 eth2
      BUT NOT "lo" (127.0.0.1)

      WHAT IS THE BEST WAY TO FIX IT?????

      a) a script in autostart with copy my backup config to the original and makes in terminal a "squid -k reconfigure"
      b) any ideas????

      or can pfsense team fix it for all?

      THANKS A LOT

      1 Reply Last reply Reply Quote 0
      • O
        onkeldave83
        last edited by

        no one have the same problem?

        where i have to post, that the squid team fix this problem…

        i mean everyone needs a localhost interface in squid or not? ;)

        1 Reply Last reply Reply Quote 0
        • D
          dvserg
          last edited by

          squid = parent proxy 127.0.0.1:3128

          Why squid must have parent?
          As you scheme squid is a parent for havp. You must define havp's 'parent proxy' option to squid IP:PORT.

          SquidGuardDoc EN  RU Tutorial
          Localization ru_PFSense

          1 Reply Last reply Reply Quote 0
          • O
            onkeldave83
            last edited by

            havp is set to transparent proxy with parent proxy to squid

            squid is to set to normal proxy (parent proxy for havp)

            AND then you can access ftp protokoll with havp over squid

            understand?

            therefore you need a lo interface in squid gui configuration ;)
            127.0.0.1:1234 -> lo:1234

            1 Reply Last reply Reply Quote 0
            • Cry HavokC
              Cry Havok
              last edited by

              Why?  Can't you just use the interface IP?

              1 Reply Last reply Reply Quote 0
              • D
                dvserg
                last edited by

                Also squid custom options exists..

                SquidGuardDoc EN  RU Tutorial
                Localization ru_PFSense

                1 Reply Last reply Reply Quote 0
                • O
                  onkeldave83
                  last edited by

                  @ havok

                  Why?  Can't you just use the interface IP?
                  

                  how? in pfsense 1.2.3-release it doesent exist an "gui" ethernet interface with name: loopback
                  this i need for my configuration!

                  and so i have to manipulate the configs on system without pfsense gui! :(

                  @dvserg

                  Also squid custom options exists..

                  custom options are good right, but it helped me not out ;)
                  the configfile ofs squid are after reboot resetted and so i have to manipulate it :( tausend times^^

                  A loopback interface to add would be perfect!

                  1 Reply Last reply Reply Quote 0
                  • Cry HavokC
                    Cry Havok
                    last edited by

                    But why must you use loopback - what's wrong with using one of the physical interfaces (and firewalling it off)?

                    As for custom options, if you specify them through the GUI they'll remain.  If you hand edit the configuration files (that are re-written on reboot) then you can expect to lose your edits.

                    1 Reply Last reply Reply Quote 0
                    • O
                      onkeldave83
                      last edited by

                      yes i know :D

                      thats the problem with reboot ;)

                      my proxyconfig is so because i want antivirus function and squid. BUT antivirus (havp) dont understand ftp protocol and so i have to configure squid as normal proxy and havp with parent proxy to squid ip!!!  it gives no other way for alternative - only wihtout ftp support!

                      therefore i need a loopback interface for squid!

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.