<div dir="ltr"><div><div><div>Hi guys.</div><div><br></div><div>This is my last attempt before going to authenticated mode.</div><div><br></div><div>I searched all over the internet for a way to set up a "transparent squid" but until then the most I can get is an exhausted timeout when I go to an http.</div><div><br></div><div>My environment is as follows.</div><div><br></div><div>- Box squid 3.5.20</div><div>- pfSense as the default network gateway.</div><div>- Desktop Windows or linux.</div><div>- Only one network /24</div><div><br></div><div>I was able to make it work through this documentation: <a href="https://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxRedirect">https://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxRedirect</a></div><div><br></div><div>However this environment requires that the client has configured the gateway ip address of the squid itself.</div><div><br></div><div>It works. But that's not what I want.</div><div><br></div><div>NOTE: NAT configuration will only work when used on the squid box. This is required to perform intercept accurately and securely. To intercept from a gateway machine and direct traffic at a separate squid box use policy routing.</div><div><br></div><div>What I want is to make a rule in pfsense through policy routing, as it speaks in the documentation. I've tried several ways, but every time I try to access the http page it loads until the timeout expires.</div><div><br></div><div>In doc it does not explain directly how to do this rule in pfsense.</div><div><br></div><div>I tried through nat port forwarding and through rules in firewall setting in the squid server rule as gateway. But both do not work.</div><div><br></div><div>I tried to take as base these two links,</div><div><a href="https://wiki.squid-cache.org/ConfigExamples/Intercept/IptablesPolicyRoute">https://wiki.squid-cache.org/ConfigExamples/Intercept/IptablesPolicyRoute</a></div><div><a href="https://wiki.squid-cache.org/ConfigExamples/Intercept/PfPolicyRoute">https://wiki.squid-cache.org/ConfigExamples/Intercept/PfPolicyRoute</a></div><div><br></div><div>No firewall block</div><div>It's some detail that's missing either in pfsense or squid.</div><div><br></div><div>Please give me a light.</div></div><div><br></div><div><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div style="color:rgb(51,51,51);font-family:arial,helvetica,sans-serif"><font face="arial, helvetica, sans-serif" color="#000000" style="font-size:small">Att,</font><div style="font-size:small;color:rgb(34,34,34);font-family:arial,sans-serif"><font face="arial, helvetica, sans-serif" color="#000000"><br></font></div><div style="font-size:small;color:rgb(34,34,34);font-family:arial,sans-serif"><font face="arial, helvetica, sans-serif" color="#000000">Antonio Emiliano</font></div></div><div><font face="arial, helvetica, sans-serif" color="#000000" size="1">LinkedIn:</font><font face="arial, helvetica, sans-serif" color="#000000" size="1" style="font-size:small"> </font><font color="#000000" face="arial, helvetica, sans-serif" size="1"><a href="https://www.linkedin.com/in/antonioemiliano" target="_blank">https://www.linkedin.com/in/antonioemiliano</a></font></div><div style="font-size:small"><font face="arial, helvetica, sans-serif" color="#000000" size="1"><br></font></div><div style="font-size:small"><font face="arial, helvetica, sans-serif" color="#000000" size="1">"Corra, coelho.</font></div><div style="font-size:small"><font face="arial, helvetica, sans-serif" color="#000000" size="1"> Cave um buraco, esqueça o sol,</font></div><div style="color:rgb(0,0,0);font-family:"Times New Roman";font-size:medium"><font face="arial, helvetica, sans-serif" size="1"> E quando o trabalho finalmente acabar</font></div><div style="color:rgb(0,0,0);font-family:"Times New Roman";font-size:medium"><font face="arial, helvetica, sans-serif" size="1"> Não descanse, é hora de cavar outro."</font></div></div></div></div></div></div></div></div></div></div></div>
</div></div>