[SOLVED] squid, dansguardian and xbox 360

  • I setup squid and dansguardian yesterday and they are both working great, except for my xbox…

    I have the xbox put in the exception rules for dansguardian, and I also have the xbox's IP address in for both "Bypass proxy for these source IPs" and "Bypass proxy for these destination IPs" but it doesn't seem to help.

    I found this thread that fixes it, but it is for iptables and not pf.

    The jist of the thread is:

    This is my squid.conf:

    Redirect Access to port 80 to squid port 3128

    iptables -t nat -A PREROUTING -i $INTIF -p TCP --dport 80 -j REDIRECT --to-port 8080

    iptables -t nat -A PREROUTING -i $INTIF ! -s IP_XBOX -p TCP --dport 80 -j REDIRECT --to-port 8080

    should do it

    Basically how can I bypass squid/dansguardian totally for my xbox?

  • For anyone that runs into this, I fixed my error. First and foremost make sure squid is working 100% before you go and add dansguardiand or squidGuard into the mix.

    This thread has some good info on how to test and verify that your squid proxy works correctly.

    Also a couple notes…

    • In squidGuard, if you make a change; any change, make sure you press the "apply" button on the "proxy filter" –> "general settings" page, then restart your squid service. Restarting the squid service will also make the squidGuard service restart.

    • In squid having both "Disable X-Forward" and "Disable VIA" make it appear that you are not using a proxy. I would suggest not checking them until you are certain your squid installation is working the way you want.

    • Squid is enabled on my home network, I found that Steam will not work with a proxy enabled. Not sure if this fix/hack is kosher, but it works. I set my "LAN" sub net (xx.xx.xx.xx/24) in the "Bypass proxy for these source IPs". In testing it appears that squid still blocks web sites from being viewed, but does not stop Steam or our X360 from having connection errors.

    • You do not need to set NAT rules if you are on pfSense 2.0x. Just setting the "Transparent proxy" box will make it work.

Log in to reply