3. SOLVED: pfSense 2.1.3 update broke Dansguardian redirect

SOLVED: pfSense 2.1.3 update broke Dansguardian redirect

  • B

    Good Morning

    Updated to 2.1.3 and Dansguardian broke.  Could no longer get access to the WebGUI, or any other website.  VOIP still worked.  Eventually traced it to the Squid-Dansguardian redirect setup.  Under 2.1.2 and 2.1.1 (the extent of my use), DG listened on the LAN and squid used the loopback for Proxy interface.  Transparent proxy was checked, but never really worked (to my understanding) and so a NAT:Port Forward rule was created:

    If        Proto        Src. addr    Src. ports    Dest. addr    Dest. ports    NAT IP          NAT Ports
    LAN    TCP/UDP    *                *                  *                  80 (HTTP)      192.168.1.1  8080

    Turns out this rule breaks the whole setup under 2.1.3.  After a few hours of pain (I'm admittedly more of a 'script kiddy' than anything else), I finally figured out that squid needs to have the pfSense router address (192.168.1.1, or whatever it is in your setup) added to the 'Bypass proxy for these destination IPs' under the 'General' tab.  Now DG is back to blocking the porn, the redirect is working swimmingly, and I can get on the pfSense box to continue with tweaks and updates.

    I hope this helps someone else.  If not, oh well.  I'm bookmarking this page for my own future reference.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy