Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SquidGuard as Reverse Proxy Firewall

    Scheduled Pinned Locked Moved Cache/Proxy
    4 Posts 2 Posters 1.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      Brailyn
      last edited by

      Hello,

      I've recently got HAProxy to act as a reverse proxy server. It is to redirect external requests to my internal network based on URL Regexs all pointed at my single IP address.

      Since everything is behind ports 443 and 80 from the outside world, I have no control over who can access what web servers… other than "global" firewall settings.

      Can SquidGuard be configured to work in reverse? If not, can floating firewall rules accomplish this task?

      Example// I'd like only one public IP to be able to access URL mysite.root.ca:443, but all public IPs can access myothersite.root.ca:443.

      Any help with this would be appreciated.

      1 Reply Last reply Reply Quote 0
      • P
        PiBa
        last edited by

        Think i answered this question regarding firewall/haproxy options.
        https://forum.pfsense.org/index.php?topic=103726.msg586140#msg586140
        Its possible, do you need more info about that?

        For squidguard, i dont know if it can work with the reverse-squid part..

        1 Reply Last reply Reply Quote 0
        • B
          Brailyn
          last edited by

          PiBa,

          You definitely did… and I sort of forgot it could involve HAproxy, but rather with floating rules-- which I didn't want to ask how to do in the HAproxy thread. My bad.

          I guess I will ask one question to make this thread somewhat useful before abandoning it... SquidGuard is a lost cause for HAproxy control?

          1 Reply Last reply Reply Quote 0
          • P
            PiBa
            last edited by

            SquidGuard for sure wont 'interact' with HAProxy without some major work on lua scripting or development to haproxy to be able to call squidguard as a 'plugin' like squid does..

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.