Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsense 2.2 + Squid3 Transparent HTTP proxy Not working again

    Scheduled Pinned Locked Moved Cache/Proxy
    28 Posts 17 Posters 21.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      sujyo1
      last edited by

      Is this start working in 2.2.2 ?

      1 Reply Last reply Reply Quote 0
      • A
        agismaniax
        last edited by

        no fix about this error? i also have the same problem. :(

        1 Reply Last reply Reply Quote 0
        • N
          NABAMB
          last edited by

          Even on Pfsense 2.2.3 Squid transparent proxy is not working. Still waiting for solution.

          Regards,

          Nabeel

          1 Reply Last reply Reply Quote 0
          • M
            Marvho
            last edited by

            Mine is working fine, I just finished the setup and AD Filter is doing well for multiple Interfaces (squidguard).

            1 Reply Last reply Reply Quote 0
            • N
              NABAMB
              last edited by

              Somewhere in forum posts, I saw people who are using traffic shaping limiter and transparent squid proxy facing this issue. Could you confirm that?

              Regards,

              Nabeel

              1 Reply Last reply Reply Quote 0
              • J
                jalmasi
                last edited by

                It's broken allright.

                To make long story short - I've found out UI incorrectly configures http_port directive(s), and squid.conf has to be fixed manually.

                In regular forward proxy case (no transparent), at least one port directive needs to exist:
                http_port [ADDR:]3128

                In transparent proxy case, at least two port directives are needed:
                http_port 127.0.0.1:3128 intercept
                http_port ADDR:3128

                where ADDR is LAN interface address.

                Of course, that's not enough - something needs to intercept and redirect traffic to squid.
                Luckily, that's clickable, and generated rdr works just fine.
                Just make sure you click on correct interface(s) on Services->Proxy Server. (Use loopback as proxy interface if using transparent proxy)

                HTH

                1 Reply Last reply Reply Quote 0
                • B
                  bpb21
                  last edited by

                  @jalmasi:

                  It's broken allright.

                  In transparent proxy case, at least two port directives are needed:
                  http_port 127.0.0.1:3128 intercept
                  http_port ADDR:3128

                  where ADDR is LAN interface address.

                  Of course, that's not enough - something needs to intercept and redirect traffic to squid.
                  Luckily, that's clickable, and generated rdr works just fine.
                  Just make sure you click on correct interface(s) on Services->Proxy Server. (Use loopback as proxy interface if using transparent proxy)

                  HTH

                  I've just installed pfSense 2.2.4 with squid3, squidguard, and lightsquid.  This all worked fine under pfSense 2.1 but not so much under 2.2.4 so THANK YOU for your help.  Just a couple of questions: "that's clickable, and generated rdr works just fine."  Sorry but, what's clickable?

                  Are you saying you should select "loopback" for Transparent Proxy Interface(s) instead of LAN?

                  I still can't get lightsquid to work, even with these changes.  But, I'll take all the help I can get with this!

                  1 Reply Last reply Reply Quote 0
                  • W
                    wesmp3
                    last edited by

                    I have the same issue. :( pfsense 2.2.4 64bits transparent proxy + limiter

                    1 Reply Last reply Reply Quote 0
                    • irajamesI
                      irajames
                      last edited by

                      I'm having the same problem whenever I activate transparent proxy pages won't open, this is my first time installing and using pfsense and I thought I configured something wrongly and luckily I came across this page in a search after a day of wrestling with this problem, I'm wondering is there going to be a work around or an update to squid because that is one of the main reasons for installing pfsense.

                      EDIT: I forgot to mention this is on i386 platform

                      1 Reply Last reply Reply Quote 0
                      • KOMK
                        KOM
                        last edited by

                        The solution is to stop using transparent mode.  Worst thing in the world.  It won't handle any HTTPS sites without MitM warnings, and you really don't want to screw around with having to install certificates on every client that will use the proxy.  Put squid in explicit mode (uncheck Transparent mode) and then implement WPAD to enable auto-detection of the proxy.

                        1 Reply Last reply Reply Quote 0
                        • R
                          rafaelrenan
                          last edited by

                          @KOM:

                          The solution is to stop using transparent mode.  Worst thing in the world.  It won't handle any HTTPS sites without MitM warnings, and you really don't want to screw around with having to install certificates on every client that will use the proxy.  Put squid in explicit mode (uncheck Transparent mode) and then implement WPAD to enable auto-detection of the proxy.

                          But in non transparent proxy mode, the Lightsquid doesn't work :(

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.