Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Squid (Stable) Transparent modda https sitelere girememek (çözüldü)

    Turkish
    1
    1
    760
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      ByKaMiKaZe last edited by

      direk konuya girmek gerekirse pfsense 2.1 kurulu ve bir müddet port açmayla uğraştıktan sonra sorunumun port değilde squid olduğunu farkettim.

      başlıktada belirttiğim üzere Transparent modda iken https sitelere giremiyorum ama browser dan proxy ayarını yapınca https sitelere girebiliyorum.

      squid.conf içeriği aşşağıdaki gibidir burada değiştirmem gereken nedir bitürlü çözemedim

      /usr/pbi/squid-i386/etc/squid

      Do not edit manually !

      http_port 192.168.10.10:3128
      http_port 127.0.0.1:3128 transparent
      icp_port 0

      pid_filename /var/run/squid.pid
      cache_effective_user proxy
      cache_effective_group proxy
      error_directory /usr/pbi/squid-i386/etc/squid/errors/Turkish
      icon_directory /usr/pbi/squid-i386/etc/squid/icons
      visible_hostname localhost
      cache_mgr admin@localhost
      access_log /dev/null
      cache_log /var/squid/logs/cache.log
      cache_store_log none
      logfile_rotate 0
      shutdown_lifetime 3 seconds

      Allow local network(s) on interface(s)

      acl localnet src  192.168.10.0/255.255.255.0
      uri_whitespace strip

      cache_mem 300 MB
      maximum_object_size_in_memory 32 KB
      memory_replacement_policy heap GDSF
      cache_replacement_policy heap LFUDA
      cache_dir ufs /var/squid/cache 100000 16 256
      minimum_object_size 0 KB
      maximum_object_size 512000 KB
      offline_mode off
      cache_swap_low 90
      cache_swap_high 95

      No redirector configured

      Setup some default acls

      acl all src 0.0.0.0/0.0.0.0
      acl localhost src 127.0.0.1/255.255.255.255
      acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901  3128 1025-65535
      acl sslports port 443 563 
      acl manager proto cache_object
      acl purge method PURGE
      acl connect method CONNECT
      acl dynamic urlpath_regex cgi-bin ?
      cache deny dynamic
      http_access allow manager localhost

      http_access deny manager
      http_access allow purge localhost
      http_access deny purge
      http_access deny !safeports
      http_access deny CONNECT !sslports

      Always allow localhost connections

      http_access allow localhost

      request_body_max_size 0 KB
      reply_body_max_size 0 deny all
      delay_pools 1
      delay_class 1 2
      delay_parameters 1 -1/-1 -1/-1
      delay_initial_bucket_level 100
      delay_access 1 allow all

      Setup allowed acls

      Allow local network(s) on interface(s)

      http_access allow localnet

      Default block all to be sure

      http_access deny all

      herkez https siteleri kapatmanın yolunu ararken ben açmaya çalışıyorum sanırım bende bir gariplik var :)

      PFSENSE 2.0.1 kurarak sorunu çözdüm benim gibi arkadaşlar var ise http://files.nyi.pfsense.org/mirror/downloads/old/ eski versiyonlara ulaşabilirler. Artık olması gerektiği gibi sorunsuz şekilde transparent modda https li sitelere erişebiliyorum. artık test etme aşamasına geçebilirim :)

      1 Reply Last reply Reply Quote 0
      • First post
        Last post

      Products

      • Platform Overview
      • TNSR
      • pfSense
      • Appliances

      Services

      • Training
      • Professional Services

      Support

      • Subscription Plans
      • Contact Support
      • Product Lifecycle
      • Documentation

      News

      • Media Coverage
      • Press
      • Events

      Resources

      • Blog
      • FAQ
      • Find a Partner
      • Resource Library
      • Security Information

      Company

      • About Us
      • Careers
      • Partners
      • Contact Us
      • Legal
      Our Mission

      We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

      Subscribe to our Newsletter

      Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

      © 2021 Rubicon Communications, LLC | Privacy Policy