Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Squid redirct rule

    Firewalling
    6
    13
    6179
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      crazyoax last edited by

      How do I remove the default Squid redirect rule?

      1 Reply Last reply Reply Quote 0
      • S
        sullrich last edited by

        It is only put into place if:

        1. Squid is installed
        2. Squid is running

        1 Reply Last reply Reply Quote 0
        • C
          crazyoax last edited by

          I have Squid running on 3128 but I also want to be able to access the Internet directly. It looks as if this rule: "rdr on fxp1 inet proto tcp from any to !(lan_IP) port www -> 127.0.0.1 port 3128" is redirecting all my requests for port 80 to 127.0.0.1 port 3128 .  Can I change this? or I am totally lost?

          Thanks for your help.

          1 Reply Last reply Reply Quote 0
          • J
            jeroen234 last edited by

            disable transperend proxy in the squid setup

            1 Reply Last reply Reply Quote 0
            • T
              techatdd last edited by

              @crazyoax:

              How do I remove the default Squid redirect rule?

              Another question, how can i add the redirection rule, when squid is working, but the transparent proxy mode makes no changes?

              Sorry for crosspost.

              1 Reply Last reply Reply Quote 0
              • H
                hoba last edited by

                @techatdd:

                @crazyoax:

                How do I remove the default Squid redirect rule?

                Another question, how can i add the redirection rule, when squid is working, but the transparent proxy mode makes no changes?

                Sorry for crosspost.

                The transparent proxy mode makes no change? So do you want to report a bug? However you can create a portforward at firewall>nat, portforward tab. choose interface lan and redirect port 80 to 127.0.0.1 to the squid port or maybe to <lan ip="" of="" pfsense="">. Haven't tried that yet but it should not be needed when transparent mode is enabled. Also make sure your webgui is not running at port 80 if you do that or you might lock yourself out.</lan>

                1 Reply Last reply Reply Quote 0
                • L
                  Leoandru last edited by

                  @techatdd:

                  @crazyoax:

                  How do I remove the default Squid redirect rule?

                  but the transparent proxy mode makes no changes?

                  Sorry for crosspost.

                  This was fixed in one of the snapshots after beta2. Ensure your running the latest snapshot RELENG_1_SNAPSHOT_03-19-2006 before submitting a bug. BTW squid binds to the interface that is selected if transparent mode is disabled so your custom redirect rules would need to apply to that interface ip.

                  1 Reply Last reply Reply Quote 0
                  • T
                    techatdd last edited by

                    @Leoandru:

                    This was fixed in one of the snapshots after beta2. Ensure your running the latest snapshot RELENG_1_SNAPSHOT_03-19-2006 before submitting a bug. BTW squid binds to the interface that is selected if transparent mode is disabled so your custom redirect rules would need to apply to that interface ip.

                    Oh, then it is broken again. Bug reported. Also the Bandwidth Limit Per Host and Download Throttle on Interface does not work.

                    Also the Portforwarding seems to dont work.
                    Is it right this way:

                    If    Proto  Ext. port range  NAT IP                  Int. port range
                    LAN TCP       80 (HTTP)       10.10.10.1 (ext.: any)         3128

                    1 Reply Last reply Reply Quote 0
                    • T
                      techatdd last edited by

                      @techatdd:

                      @Leoandru:

                      This was fixed in one of the snapshots after beta2. Ensure your running the latest snapshot RELENG_1_SNAPSHOT_03-19-2006 before submitting a bug. BTW squid binds to the interface that is selected if transparent mode is disabled so your custom redirect rules would need to apply to that interface ip.

                      Oh, then it is broken again. Bug reported. Also the Bandwidth Limit Per Host and Download Throttle on Interface does not work.

                      Also the Portforwarding seems to dont work.
                      Is it right this way:

                      If     Proto  Ext. port range  NAT IP                  Int. port range
                      LAN TCP       80 (HTTP)       10.10.10.1 (ext.: any)         3128

                      Can anybody help? My admin port is on 445 Anti webgui logout is off and 10.10.10.1 is my lan ip adress. But it does not work.

                      1 Reply Last reply Reply Quote 0
                      • L
                        Leoandru last edited by

                        Ok, I'll take a look at it as soon as I get to a pfSense box. I'm sure the trasparent mode disabling was fixed as I tested it myself, but I'll check again. I'll also try a custom redirect to squid to see what the problem could be.

                        1 Reply Last reply Reply Quote 0
                        • T
                          techatdd last edited by

                          @Leoandru:

                          Ok, I'll take a look at it as soon as I get to a pfSense box. I'm sure the trasparent mode disabling was fixed as I tested it myself, but I'll check again. I'll also try a custom redirect to squid to see what the problem could be.

                          Sorry, i got the per user limit to work and so i can see, that transparent mode works. I was confused because there are no squid error on unknowned servers… But I can see it works with with bandwitdh limit acls.

                          1 Reply Last reply Reply Quote 0
                          • T
                            techatdd last edited by

                            Ok the squid works fine, Tranparent Mode and the portforwarding. But wenn I configure an other pfsense box, wich is the defaulf gateway in my lan, to forward every port 80 traffic (with the same portforwarding rule) to the squid pfsense box with an other PPPOE connection to the net it does not work. Something wrong in my mind?

                            1 Reply Last reply Reply Quote 0
                            • T
                              techatdd last edited by

                              Ok the squid works fine, Tranparent Mode and the portforwarding. But wenn I configure an other pfsense box, wich is the defaulf gateway in my lan, to forward every port 80 traffic (with the same portforwarding rule) to the squid pfsense box with an other PPPOE connection to the net it does not work. Something wrong in my mind?

                              1 Reply Last reply Reply Quote 0
                              • First post
                                Last post