Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Fw rules and squid problem

    Scheduled Pinned Locked Moved Firewalling
    4 Posts 2 Posters 2.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mrsense
      last edited by

      I have a (topmost) rule on LAN side that blocks any protocol from any source to particular IP destination (listed within an alias) on any port:

      Proto  Source  Port  Destination  Port  Gateway
      *  *              *      Attackers      *      *

      This rule is ignored however when squid is in transparent mode - when all traffic on port 80 is redirected to squid before reaching the "Attackers".  Why?  Shouldn't traffic from 127.0.0.1 to Attackers fall under rule above?  I'm running pfsense 1.2RC2.

      thanks.

      1 Reply Last reply Reply Quote 0
      • C
        cmb
        last edited by

        firewall rules don't apply to traffic redirected to squid, it comes from the local machine.

        1 Reply Last reply Reply Quote 0
        • M
          mrsense
          last edited by

          Thanks for your reply.  I modified squid inc file to not to forward traffic destined to Attackers alias so it will be filtered by the firewall.

          Can you suggest where I can go to learn how traffic flows through pfsense and how packages like squid, snort, etc fit in?

          thanks!

          1 Reply Last reply Reply Quote 0
          • C
            cmb
            last edited by

            I'm not aware of anything that describes what you're after.

            In a nutshell - firewall rules affect what can go where, except in cases where the traffic is redirected to a local daemon, because the traffic is then sourced from the firewall itself and your rules do not apply in that case.

            I'd like to see an additional tab in the firewall rules page for traffic from localhost to other destinations, which would remove this limitation. Maybe something we'll see in a future release.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.