Squid NAT Rule



  • I think this subjekt is here more "on topic", so I post it again…

    I want to redirect all http port 80 traffic to a second pfsense box with a second pppoe connection.

    The squid works fine, Tranparent Mode and the also a manual Nat rule. But when I configure it on the first pfsense box, wich is the default gateway in my lan, to forward every port 80 traffic (with the same NAT rule working on a single pfsense) to the squid pfsense box with an other PPPOE connection to the internet it does not work. Something wrong in my plan?



  • Nobody can help me?
    Please post at least that it was sensless what I did  ;)



  • It's not senseless. Can you post some more details like what rules you created to capture the traffic and redirect it, more details how things are connected and so on?



  • Thank you. After your reply I tested again. I read docs and everything should work, but it does not.

    My default Gateway is a pfsense at 192.168.1.2 with a PPPOE connection and I have a second pfsense with an other pppoe connection and a working squid at 192.168.1.4.
    the Firewall rules are lazy for testing.
    When I change my default gateway to 192.168.1.4 the squid works fine in transparent mode with a nat rule:
    LAN  TCP  80  192.168.1.4 (ext.: any)  3128

    But when i change my gatewy to 192.168.1.2 and add the same nat rule: 
    LAN  TCP  80  192.168.1.4 (ext.: any)  3128
    to this box, I simply get no HTTP answers.

    I checked it with the log of a local proxy (Proximitron):

    *** Log Reset ***

    +++GET 18959+++
    GET / HTTP/1.1
    Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/msword, application/vnd.ms-excel, application/vnd.ms-powerpoint, /
    Accept-Language: de
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)
    Host: www.google.de
    Cookie: PREF=ID=0123456789abcdef:LD=de:TM=1092136657:LM=1095448847:S=d9XRmQ0kEuilLFA2; GPC=FW=2:GHV=0:SIG=AFoGOkC9LZ4eWbjs:TS=0:TV=1; POPUPCHECK=1106597842718; msa_resolution=1280x960x32; fcP=C=0&T=1101085863703&V=1101085873656; GTZ=-120
    Connection: keep-alive
    ** 18959 Socket

    Any suggestions?



  • Any hints, hoba?


Log in to reply