Limiter blocks internet access (Squid transparent proxy)
-
finley SOLUTION here
https://forum.pfsense.org/index.php?topic=106640.0
-
SOLVED*
I managed to find a simple fix. All I needed to do was create a pass all firewall rule on the (LAN) interface for port 3128 (my proxy port).
IPv4 TCP * * * 3128 * none Rule to allow transparent proxy to work
It worked and the speed limiter still works also.
Hello!
I made some adjusts to this rule, and worked! thx!
Just point the rule to 127.0.0.1, and will work!
Don't forget, the rule must be at top, and the rule with limiter must be below
Some screenshots below to help.
I hope this can help someone. Srry for my bad english.
:)
[EDIT]
Hello Again!
I tested this workaround for a few days and some apps like download managers can bypass limiters. :(
Looking for another temp solution.
Cya!
-
I suggest, as workaround, that you limit the client bandwidth through squid "Traffic Mgmt" tab, "Per-host throttling" option, on "Proxy server: General settings". For me, it is running ok. Sorry by my bad english too :-)
-
For years, I've limited Squid (transparent) bandwidth using Squid "delay pools" in "Custom Options" on the "General" tab of Squid's settings. I researched and set this up years ago, and don't remember the details, so you'll need to check Squid's documentation for info on the various options. Here is what I've been using in the "Custom Options" box…
positive_dns_ttl 90 seconds
delay_class 1 3
delay_parameters 1 1572864/1966080 1572864/1966080 524288/655360
quick_abort_min 1024 KB
quick_abort_max 2048 KB
quick_abort_pct 90If I remember correctly, among other things, this limits the download speed of the browser, but allows some amount of bursting.
More info at http://wiki.squid-cache.org/Features/DelayPools
It looks like this when added to the "Custom Options" box on the "General" tab of Squid's settings in PFSense's GUI...
positive_dns_ttl 90 seconds;delay_class 1 3;delay_parameters 1 1572864/1966080 1572864/1966080 524288/655360;quick_abort_min 1024 KB;quick_abort_max 2048 KB;quick_abort_pct 90 -
Hello,
is the problem, that the Limiters are not working with the transparent proxy solved in pfSense 2.3?
And I mean without any workarounds.Thanks!
-
-
Check this issue:
https://redmine.pfsense.org/issues/4325
Just change the transfer rate from megabits to kilobits in you limiters (download/upload) and everything will work fine again.
The problem is with squid 2.7.9+ and ipfw limiters.
Example 1.5 Mbps (1536 Kbps) Download and 1 Mbps (1024 Kbps) limiters:
Hope this help and sorry about my english.
-
Hi Alfredo,
This solution not worked on 2.3.1 :(
In this video: https://www.youtube.com/watch?v=wcSyGDXkJ9A
How i create queue on interface LAN in 2.3.1?
Thanks for the help!!
-
Any solution?
-
2.3.2-RELEASE Limiter+Squid still not working
-
hi guys, some showed me this link and am also have problems, it is mostly with slow site links, facebook youtube opens but slow sites it does not open, im using 2.3.2 latest but still no luck, i have to just give up squid since the limiter already save the bandwidth
-
Working (for me on 2.3.2) by simply adding a LAN rule at the top, Destination, Any, From (other) 3128 to (other) 3128 Custom.
Credit to: Adrea Guglielmini http://guglio.xyz/pfsense-2-3-limiters-and-squid-bugfix/
-
Working (for me on 2.3.2) by simply adding a LAN rule at the top, Destination, Any, From (other) 3128 to (other) 3128 Custom.
Credit to: Adrea Guglielmini http://guglio.xyz/pfsense-2-3-limiters-and-squid-bugfix/
It really works. Thank you for your message.