Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squid non-functional in transparent mode in 2.3 and 2.3.1

    Scheduled Pinned Locked Moved Cache/Proxy
    33 Posts 18 Posters 18.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      aminli
      last edited by

      In fresh new installation:

      Squid non-functional in transparent mode in 2.3 and 2.3.1

      I did this solution: https://redmine.pfsense.org/issues/5869

      chgrp squid /dev/pf

      but it is not solved.

      1 Reply Last reply Reply Quote 0
      • B
        brianc69
        last edited by

        Is this an upgrade? If so there was also a directory that needs to be purged. Look in the 2.3 development archives. There is a whole thread on squid.

        1 Reply Last reply Reply Quote 0
        • PerforadoP
          Perforado Rebel Alliance
          last edited by

          for me in 8 "upgrades" (save config, install 2.3, enable trim, restore config) squid worked.

          /usr/local/etc/squid/squid.conf shows "cache_effective_group proxy"

          and

          crw-rw–--  1 root  proxy  0x5f Apr 25 07:04 /dev/pf

          what's the behavior exactly? squid via proxy setting in your browser works and transparent mode "times out"?

          1 Reply Last reply Reply Quote 0
          • D
            dougf4nnie
            last edited by

            I'm having the same problem here.

            When i enable transparent mode, he doesn't get the checkbox enabled.

            I just discover another problem, i can't delete and not create any NAT rule.
            It is also not possible to create or remove firewall rules.
            –-----
            Update:

            I use the User Manager option via LDAP (Active Directory), as initial settings were made with the admin user, there was no problem.

            I did a test using the Admin user (default) and the transparent proxy settings work and other functions that I couldn't do.

            1 Reply Last reply Reply Quote 0
            • A
              aminli
              last edited by

              this is not upgrade or update, it is just new installation pfsense 2.3 also I checked with 2.3.1 devepment.

              Note: during installing squid pkg, I see this message, I put part of all message:

              | ===> Creating users and/or groups.
              Creating group 'squid' with gid '100'.
              Creating user 'squid' with uid '100'.
              install: not found
              pkg: PRE-INSTALL script failed
              [12/15] Extracting squid-3.5.16: …....... done
              [13/15] Installing squidclamav-6.13…
              |

              I did this command :#  chgrp squid /dev/pf
              it was like this : crw-rw–--  1 root  proxy  /dev/pf

              but after rebooting pfsense , that was back like : root proxy /dev/pf

              1 Reply Last reply Reply Quote 0
              • A
                aminli
                last edited by

                if I enable or disable transparent option, squid via proxy setting in my browser works.

                By enabled transparent option, without proxy setting in my browser, it is not working.

                1 Reply Last reply Reply Quote 0
                • A
                  aminli
                  last edited by

                  during installing squid pkg , I see this message:

                  Creating group 'squid' with gid '100'.
                  Creating user 'squid' with uid '100'.

                  but in squid.conf file:
                  cache_effective_user squid
                  cache_effective_group proxy

                  user and group isn't same. !

                  1 Reply Last reply Reply Quote 0
                  • A
                    aminli
                    last edited by

                    I put this bug ticket:

                    https://redmine.pfsense.org/issues/6276

                    1 Reply Last reply Reply Quote 0
                    • A
                      aminli
                      last edited by

                      note:
                      I create two rules in floating for bandwidth limiter

                      I used two vlan: vlan5 vlan180

                      em0 for LAN and em1 for WAN

                      I assigned one PC for client site: 10.10.190.40

                      I attached my pfsense config file

                      please look it and let me know my mistake

                      config-firewall2.amin.com-20160428155840.txt

                      1 Reply Last reply Reply Quote 0
                      • A
                        aminli
                        last edited by

                        note:

                        I configured NAT manual just for this subnet : 172.30.0.0/24
                        but I don't use this, just for configuration

                        I used this subnet 10.10.190.32/27
                        wan IP address is 10.10.184.28/27

                        1 Reply Last reply Reply Quote 0
                        • A
                          aminli
                          last edited by

                          Note:
                          problem is configure limiter with transparent proxy.

                          I found this sulution , but I didn't check yet:
                          https://forum.pfsense.org/index.php?topic=106640.0

                          1 Reply Last reply Reply Quote 0
                          • A
                            aminli
                            last edited by

                            I found this problem: limiter with transparent proxy isn't working.
                            I think this is belong to IPFW pipe and IPFW fwd command in freeBSD.

                            so I made two server, one is transparent proxy and another is just limiter.
                            both of them working nice.

                            If anybody want to make like my solution, I will help them.

                            1 Reply Last reply Reply Quote 0
                            • M
                              myandylai
                              last edited by

                              I also encounter transparent proxy mode not working when I upgrade to pfsense 2.3. So I install a fresh copy and discover that it's the same issue, transparent proxy doesn't work. But configure browser to use proxy on 192.168.1.1:3128 was working.

                              After digging a bit and trying some crazy and mostly useless setting I discover that the "Bypass Proxy for These Destination IPs" within the "General" tab of the proxy server setting seem to be the cause. Because previously I had put some hostname (domain to be exactly steampowered.com, etc) that I wanted to directly pass thru the proxy. By removing the line, transparent proxy now working like charm.

                              Hope this can help anyone.

                              1 Reply Last reply Reply Quote 0
                              • A
                                aminli
                                last edited by

                                it is mean, by removing Visible Hostname, is it working?!!!

                                1 Reply Last reply Reply Quote 0
                                • M
                                  myandylai
                                  last edited by

                                  I haven't try with using "Alias" yet. But previously I put domain name in the line and it's kind of feeling like an universal "*" which accept everything as bypass from transparent proxy.

                                  Temporally I remove the entire line.

                                  squid01.JPG
                                  squid01.JPG_thumb

                                  1 Reply Last reply Reply Quote 0
                                  • A
                                    aminli
                                    last edited by

                                    By pass proxy , it is mean don't use proxy,
                                    but we want to use proxy with transparent mode.

                                    1 Reply Last reply Reply Quote 0
                                    • A
                                      alpha
                                      last edited by

                                      I first think if it's my own problem - the transparent proxy function suddenly failed after the 2.3 upgrade.

                                      The solution mentioned here did not help the problem, but it's still good to find this thread.

                                      Though the problems remains there, I can save some time not to further dig into my setting…

                                      1 Reply Last reply Reply Quote 0
                                      • W
                                        W4RH34D
                                        last edited by

                                        I can only get the transparent proxy to work on the interface designated as lan.

                                        It will not work on opt designated interfaces.  The result is pages not loading.

                                        Did you really check your cables?

                                        1 Reply Last reply Reply Quote 0
                                        • X
                                          xpdos
                                          last edited by

                                          Soooooooo. I am guessing this glitch never was resolved. Is anyone from pfsense working on this? Wish I never updated, transparent proxy was the whole reason I use a firewall.

                                          1 Reply Last reply Reply Quote 0
                                          • C
                                            cmb
                                            last edited by

                                            @xpdos:

                                            Soooooooo. I am guessing this glitch never was resolved. Is anyone from pfsense working on this?

                                            No, because it works fine.

                                            Post specifics of your config, what your firewall states look like when transparent proxy is enabled (filter on 127.0.0.1 under Diag>States), and squid logs.

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.