I recently implemented a pfSense + Squid setup for a school. You'll need to make sure that the box you're running squid on is on a different interface than the subnet(s) you want filtered. The rules that redirect traffic destined on port 80 apply globally to an interface so if your squid box lies on that same interface, it will not be able to 'get out' either.
Go into NAT, then add a new 'Port Forward'. Use these values: Interface: the interface traffic will be coming in. If you want to filter your LAN clients, select LAN here External Address: any Protocol: TCP External Port Range: 80 (HTTP should be in the drop down box) NAT IP: The IP of your squid box Local Port: The port you have squid running on Save your entries and then apply the changes. Any existing states will not be affected (I don't *think*) so you may have to clear your state tables before this becomes effective for all clients. Tim Nelson Systems/Network Engineer Rockbochs Inc. (218)727-4332 x105 ----- "Mike Lever" <[EMAIL PROTECTED]> wrote: > Hi all, > > I have just had a squid box configured and am about to implement it on > on my network. > > I would like to ask you how you suggest I place it and route traffic > accordingly. Is anybody currently using squid boxes with pfsense. I > can't use the onboard package as I have multiple WAN ports. > > Any help would greatly be appreciated ! > > Mike Lever > > Tenacity Films (Pty) Ltd > t/a Velocity Films > (t) +2711-807-0100 > (f) +2711-807-1208 > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
