Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Proxy bypass issues

    Scheduled Pinned Locked Moved pfSense Packages
    2 Posts 1 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      acriollo
      last edited by

      Hi frieds, i did install a pfsense with a couple of nic cards and set of networks on the LAN side, i m running also , squid and squidguard working excelent.

      all has been working excellent on filtering and squid including some ips that we add to bypass the proxy. yesterday i did try to add a couple of Ip address more the the bypass proxy feature, but this Ips does not work as expected, the traffic is going  to the proxy directly instead the firewall.

      I was checking the /tmp/rules.debug and seems like the alias is fine and the rule for bypass the proxy is fine as well

      NoFiltrados = "{ 192.168.1.30 192.168.1.32 192.168.1.70 192.168.1.233 192.168.1.245 192.168.1.129 192.168.1.225 192.168.1.180 192.168.1.104 192.168.1.130 192.168.1.138 192.168.1.14 192.168.1.230 192.168.1.234 192.168.1.2 192.168.1.246
      192.168.1.229 }"

      no rdr on dc0 proto tcp from { $NoFiltrados } to any port 80

      but at the time to check the rules on the pf , the system is showing that i missing the two firts ip address , i need to tell that few days ago , i wrote the ip address directly on the  proxy server , now im triying with a  Alias.

      no rdr on dc0 inet proto tcp from 192.168.1.70 to any port = http
      no rdr on dc0 inet proto tcp from 192.168.1.233 to any port = http
      no rdr on dc0 inet proto tcp from 192.168.1.245 to any port = http
      no rdr on dc0 inet proto tcp from 192.168.1.129 to any port = http
      no rdr on dc0 inet proto tcp from 192.168.1.225 to any port = http
      no rdr on dc0 inet proto tcp from 192.168.1.180 to any port = http
      no rdr on dc0 inet proto tcp from 192.168.1.104 to any port = http
      no rdr on dc0 inet proto tcp from 192.168.1.130 to any port = http
      no rdr on dc0 inet proto tcp from 192.168.1.138 to any port = http
      no rdr on dc0 inet proto tcp from 192.168.1.14 to any port = http
      no rdr on dc0 inet proto tcp from 192.168.1.230 to any port = http
      no rdr on dc0 inet proto tcp from 192.168.1.234 to any port = http
      no rdr on dc0 inet proto tcp from 192.168.1.2 to any port = http
      no rdr on dc0 inet proto tcp from 192.168.1.246 to any port = http
      no rdr on dc0 inet proto tcp from 192.168.1.229 to any port = http

      this miss rules configuration causes this addres go to the proxy/filter system.

      I did restart the proxy, the firewall rules , and nothing happens , do i need to reboot the server ?

      The funny thing is the firts ones I setup on the begining works perfectly, and now … is not working this feature.

      Any ideas or tip, advice ?, any information will be appreciated.

      Im running

      1.2.3-RELEASE  built on Sun Dec 6 23:21:36 EST 2009
      squid Network No info, check the forum 2.7.9_4.1 High performance web proxy cache.
      squidGuard Network Management No info, check the forum 1.4_3 pkg v.1.9 High perfomance web proxy URL filter. Requires proxy Squid package.

      1 Reply Last reply Reply Quote 0
      • A
        acriollo
        last edited by

        Resolved ..

        there was a bad rule inserted and the filter breaks on this , no other rules were applied after the error.

        sorry

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.