Squid3+squidGuard
-
first thank you for your reply and i need just to clarify something :
1-Install pfSense with just a single WAN interface and configure it as if it was a LAN client ….can't i use multiwan gateways?
2-Install & configure squid3
3-Install and configure squidGuard
4-On your main firewall, block ports 80 and 443 ….do you mean the default rule on pfsense that applied on lan (anti-lockout rule) ?
5-Configure WPAD to allow clients to auto-discover the proxy....as i read from the article ...i don't know how can i Create wpad.dat.... in pfsense ?
For clients that don't support WPAD (such as Android), manually configure their proxy settings to point to the IP address used by pfSense WAN -
OK, yellow on grey is very hard to read.
Why are you talking about multi-WAN when you said you didn't want it to be the default gateway??
-
sorry for that …
i'm just asking ...for sake of knowing...
and let me explain my idea clearlyi made a virtual lab (pc connected normally to my gateway but only i need to configure in any browser 192.168.1.1 port 3128 as the below image )
so i can disable the HTTP & HTTPS Traffic from pfsensei hope i did clarify everything
-
I understood what you meant and my suggestion would do what you were asking for: a standalone web filter.
-
yes that what i need for pfsense to do….is that will be possible ?
-
I already answered that question. It was my second reply to you.
https://forum.pfsense.org/index.php?topic=107950.msg601540#msg601540
-
i have pfsense 2.2.6 but as mentioned below ….any luck by that ?
4-On your main firewall, block ports 80 and 443 ....do you mean the default rule on pfsense that applied on lan (anti-lockout rule) ?
5-Configure WPAD to allow clients to auto-discover the proxy....as i read from the article ...i don't know how can i Create wpad.dat.... in pfsense ? -
4-On your main firewall, block ports 80 and 443 ….do you mean the default rule on pfsense that applied on lan (anti-lockout rule) ?
I mean create a rule that blocks ports 80 and 443, and put it above the Default allow LAN to any rule.
5-Configure WPAD to allow clients to auto-discover the proxy….as i read from the article ...i don't know how can i Create wpad.dat.... in pfsense ?
It's just a text file. Create it using your favourite text editor. While you can use pfSense to host the file once you have created it, WPAD won't work if you have pfSense running in HTTPS mode. HTTP only.
-
i did create a text file with the below content :
function FindProxyForURL(url,host)
{
return "PROXY 192.168.1.1:3128";
}
but as per the article i can't loaded in the specified path "/usr/local/www/" as it's not supported in pfsense 2.2.6 so it went to /tmp/wpad.dat.so would u please explain to me if that will work <<
-
but as per the article i can't loaded in the specified path "/usr/local/www/" as it's not supported in pfsense 2.2.6
??? What do you mean? I'm running 2.2.6 and I have my wpad.dat, wpad.da and proxy.pac files in /usr/local/www. It works like a charm.
-
i did create a text file with the below content :
function FindProxyForURL(url,host)
{
return "PROXY 192.168.1.1:3128";
}
but as per the article i can't loaded in the specified path "/usr/local/www/" as it's not supported in pfsense 2.2.6 so it went to /tmp/wpad.dat.so would u please explain to me if that will work <<
Hi, if it helps follow how i set up my wpad
https://forum.pfsense.org/index.php?topic=93060.0
