[squid-users] Squid Transparent Proxy with Policy Routing in pfSense

Rafael Akchurin rafael.akchurin at diladele.com
Tue Mar 13 11:17:49 UTC 2018 

Hello Antonio,

Sorry no pfsense tutorials for now, but these two are *proved* to be working just fine.

https://docs.diladele.com/tutorials/policy_based_routing_squid/index.html
https://docs.diladele.com/tutorials/mikrotik_transparent_squid/index.html

Hope it helps.

Best regards,
Rafael Akchurin
Diladele B.V.



From: squid-users [mailto:squid-users-bounces at lists.squid-cache.org] On Behalf Of Antonio Emiliano
Sent: Tuesday, March 13, 2018 12:14 PM
To: squid-users at lists.squid-cache.org
Subject: [squid-users] Squid Transparent Proxy with Policy Routing in pfSense

Hi guys.

This is my last attempt before going to authenticated mode.

I searched all over the internet for a way to set up a "transparent squid" but until then the most I can get is an exhausted timeout when I go to an http.

My environment is as follows.

- Box squid 3.5.20
- pfSense as the default network gateway.
- Desktop Windows or linux.
- Only one network /24

I was able to make it work through this documentation: https://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxRedirect

However this environment requires that the client has configured the gateway ip address of the squid itself.

It works. But that's not what I want.

NOTE: NAT configuration will only work when used on the squid box. This is required to perform intercept accurately and securely. To intercept from a gateway machine and direct traffic at a separate squid box use policy routing.

What I want is to make a rule in pfsense through policy routing, as it speaks in the documentation. I've tried several ways, but every time I try to access the http page it loads until the timeout expires.

In doc it does not explain directly how to do this rule in pfsense.

I tried through nat port forwarding and through rules in firewall setting in the squid server rule as gateway. But both do not work.

I tried to take as base these two links,
https://wiki.squid-cache.org/ConfigExamples/Intercept/IptablesPolicyRoute
https://wiki.squid-cache.org/ConfigExamples/Intercept/PfPolicyRoute

No firewall block
It's some detail that's missing either in pfsense or squid.

Please give me a light.

Att,

Antonio Emiliano
LinkedIn: https://www.linkedin.com/in/antonioemiliano

"Corra, coelho.
 Cave um buraco, esqueça o sol,
 E quando o trabalho finalmente acabar
 Não descanse, é hora de cavar outro."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20180313/74f30eca/attachment-0001.html>

More information about the squid-users mailing list