Pfsense/ squid and an irritating problem



  • I have a problem and I am hoping someone has some ideas…

    I am using pfsense installed on a dell box with 2 nics to simulate a clients network setup and I need some idea so I can use this prove that the appliance will work in the field

    The appliance is a linux box (10.1.4.20)that goes through a gateway(10.1.4.17), I have simulated this by using a 4 port wireless switch and then all internet traffic passes through 10.5.4.160:3128, by going from the lan port on the dell box to the wan port on the wireless switch and assigned it an ip address via dhcp(10.5.4.10). I put a proxy statement on the linux box and I blocked all trafix on the pfsense box except for 443.

    The appliance is updating like it should.

    My question is how would I setup the firewall rules to block all tracking except for port 3128 and how would I make sure that the out going was only 443 passing through 3128?

    As I said I am using pfense as a test bench to replicate our customers networks. I am hoping that someone has an idea how to make this work.

    Thank you!



  • I guess you want only block/redirect http(s) traffic through squid ?…

    There are several messages and also nice videos howto setup transparent proxies
    For instance in combination with Captive Portal which needs this function to block
    traffic until logged in per own served user authentication page.



  • actually I don't want it to be transparent.

    I am using pfsense to simulate a clients network, and all web traffic is https via 3128. I am trying to replicate this in the office before the appliance goes back to the client location.

    using a 4 port router I can simulate the gateway and point traffic to the pfsense box, I need to understand how to force all https traffic through 3128 and make it work…

    any suggestions would be great.

    thanks


Log in to reply