Proxy in Transparent - ignorning ACLs sometimes.



  • 2.2.3-RELEASE (amd64)
    squid3 0.2.8
    squidGuard 1.9.14
    transparent proxy, not using SSL MITM

    I am having trouble with ACLs and letting things through.

    Example 1: I have a Roku player used for Netflix.  Unless I enter it's IP under General >> Transparent Proxy Settings >> Bypass proxy for these source IPs the movie will not play.  If I enter the Roku's IP under ACLs >> Unrestricted IPs it seems to not make a difference and will not allow playing the movies.  However, if I enter it's IP under ACLs >> Banned host addresses then it is not able to browse the Internet at all.  It doens't seem consistent.  If I'm running squid3 in transparent mode, am I only supposed to make use of the settings under the General >> Transparent Proxy Settings section?

    Example 2: I have an iDevice that I use to stream online AM radio content.  Once again, if I enter the iDevice's IP under General >> Transparent Proxy Settings >> Bypass proxy for these source IPs the content will play fine; however if I try to discover the URLs and/or IPs of the destinations the app is streaming from and then list them under ACLs >> Whitelist the app fails to connect and nothing is streamed.

    So with these two examples it seems that if I'm using Transparent mode, I cannot use any of the features on ACLs tab.  Is that correct?  I do restart the squid3 service each time I make change to the service.

    Thanks