Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SOLVED: pfSense 2.1.3 update broke Dansguardian redirect

    Scheduled Pinned Locked Moved pfSense Packages
    1 Posts 1 Posters 793 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      brake16
      last edited by

      Good Morning

      Updated to 2.1.3 and Dansguardian broke.  Could no longer get access to the WebGUI, or any other website.  VOIP still worked.  Eventually traced it to the Squid-Dansguardian redirect setup.  Under 2.1.2 and 2.1.1 (the extent of my use), DG listened on the LAN and squid used the loopback for Proxy interface.  Transparent proxy was checked, but never really worked (to my understanding) and so a NAT:Port Forward rule was created:

      If        Proto        Src. addr    Src. ports    Dest. addr    Dest. ports    NAT IP          NAT Ports
      LAN    TCP/UDP    *                *                  *                  80 (HTTP)      192.168.1.1  8080

      Turns out this rule breaks the whole setup under 2.1.3.  After a few hours of pain (I'm admittedly more of a 'script kiddy' than anything else), I finally figured out that squid needs to have the pfSense router address (192.168.1.1, or whatever it is in your setup) added to the 'Bypass proxy for these destination IPs' under the 'General' tab.  Now DG is back to blocking the porn, the redirect is working swimmingly, and I can get on the pfSense box to continue with tweaks and updates.

      I hope this helps someone else.  If not, oh well.  I'm bookmarking this page for my own future reference.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.