Hi everyone, Can anyone help please? The transparent squid firewall rule is not being created correctly.
Thank you, Chris -----Original Message----- From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Chris Murray Sent: 11 November 2014 11:56 To: list@lists.pfsense.org Subject: [pfSense] Restart of pfsense loses Squid's transparent proxyredirect rule Hello all, I've experienced this issue before but never got round to asking for help... Now on a fresh install of 2.1.5 64-bit, installed the squid package, set up transparent proxy, restarted, yet there is no firewall rule? : pfctl -sa | grep 3128 Nothing ... Restart the service, still nothing. Change the port number in the Proxy config to 8080, and now there's a rule: : pfctl -sa | grep 8080 rdr on em0 inet proto tcp from any to ! (em0) port = http -> 127.0.0.1 port 8080 pass in quick on em0 proto tcp from any to ! (em0) port = 8080 flags S/SA keep state Change the port back to 3128 and now there's a rule for that but not one for 8080, just as you'd expect: : pfctl -sa | grep 3128 rdr on em0 inet proto tcp from any to ! (em0) port = http -> 127.0.0.1 port 3128 pass in quick on em0 proto tcp from any to ! (em0) port = 3128 flags S/SA keep state Restart the squid service and the 3128 rule remains. Restart the server and it's gone again. This machine is currently routing between the main network and a subnet until it is 'promoted' to become the WAN router, so there's plenty opportunity to troubleshoot. What might be causing this? I guess some dependency during the startup process, but then why would a restart of the squid service not affect things? I did find the following bug, however it is marked 'resolved'. https://redmine.pfsense.org/issues/224 Thanks in advance, Chris _______________________________________________ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ----- No virus found in this message. Checked by AVG - www.avg.com Version: 2015.0.5557 / Virus Database: 4213/8552 - Release Date: 11/11/14 _______________________________________________ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
