Firewalling and Squid

Sifter · Apr 17, 2006, 4:02 PM

So it appears that I have a unique situation with squid and one of my firewall rules.

The first rule (at the top) on my LAN interface is a BLOCK rule and looks like this:

- - newsleecher * * (newsleecher is the name of an alias I setup for IP 67.19.207.210)

When I have squid enabled and use the transparent proxy, this rule gets ignored, and all traffic to that IP is allowed to pass. When squid is not installed, the rule is recognized, and traffic is blocked like it should be.

I am using: RELENG_1_SNAPSHOT_04-15-2006

Any idea's?

Sifter · Apr 17, 2006, 4:03 PM

Anyone have any idea's on this? I would seem that with transparent mode you would still want all traffic to be processed by your LAN rules.

Leoandru · Apr 17, 2006, 5:40 PM

Thanks for the reminder, I have been meaning to do this for a while, http://cvstrac.pfsense.com/chngview?cn=11517

There is also something else before this should work, You will need to create a pass rule for access to webgui and ssh after the block rule. Then disable anitlockout in System -> Advance, then it should work. It should also work for traffic shaper rules for squid.