SquidGuard as Reverse Proxy Firewall



  • Hello,

    I've recently got HAProxy to act as a reverse proxy server. It is to redirect external requests to my internal network based on URL Regexs all pointed at my single IP address.

    Since everything is behind ports 443 and 80 from the outside world, I have no control over who can access what web servers… other than "global" firewall settings.

    Can SquidGuard be configured to work in reverse? If not, can floating firewall rules accomplish this task?

    Example// I'd like only one public IP to be able to access URL mysite.root.ca:443, but all public IPs can access myothersite.root.ca:443.

    Any help with this would be appreciated.



  • Think i answered this question regarding firewall/haproxy options.
    https://forum.pfsense.org/index.php?topic=103726.msg586140#msg586140
    Its possible, do you need more info about that?

    For squidguard, i dont know if it can work with the reverse-squid part..



  • PiBa,

    You definitely did… and I sort of forgot it could involve HAproxy, but rather with floating rules-- which I didn't want to ask how to do in the HAproxy thread. My bad.

    I guess I will ask one question to make this thread somewhat useful before abandoning it... SquidGuard is a lost cause for HAproxy control?



  • SquidGuard for sure wont 'interact' with HAProxy without some major work on lua scripting or development to haproxy to be able to call squidguard as a 'plugin' like squid does..


Log in to reply