Problem with Squid3-dev, dansguardian and https Traffic



  • hello Community,

    |  Gateway  |  (Router IP: 192.168.2.1)
          '–---+-----'
                |
            WAN | IP 192.168.2.10
                |
          .-----+-----.
          |  pfSense
          '-----+-----'
                |
            LAN | IP 192.168.3.1
                |
            LAN | 192.168.3.0/27
                |
          .-----+------.
          | LAN-Switch |
          '-----+------'
                |
        ...-----+------... (Clients/Servers)

    I did install my Squid3-dev with the tutorial here: http://sichent.wordpress.com/2014/02/22/filtering-https-traffic-with-squid-on-pfsense-2-1/#comment-477

    What i want to run is squid + dansguradian in transperant mode filtering http and https Traffic. My http (80) Traffic is still working, and i dont know what i should do with my https.

    Forward 1:
    Interface: LAN
    Protocol: TCP
    Source: LAN subnet
    Destination: any
    Destination Port: HTTP to HTTP
    Redirect IP: 127.0.0.1
    Redirect Target Port: 8080

    Portforward 2:
    Interface: LAN
    Protocol: TCP
    Source: LAN subnet
    Destination: any
    Destination Port: HTTPs to HTTPs
    Redirect IP: 127.0.0.1
    Redirect Target Port: 8080

    Squid Gernal Settings:
    Port 3128
    enable: Transperant http proxy
    Transperant Proxy interface: loopback

    enable: Https/ssl interception
    ssl intercept interfaces: loopback
    Port 3128
    CA: selfsight from pfsense

    ACLs:
    Allowd Subnets 192.168.3.0/27

    About suggestions I would be happy



  • I have the same question!  Did you make any progress on getting that setup working?



  • You can't transparently redirect HTTPS. You have to explicitly set the proxy in the browser settings or use an auto config URL.