Squid on FreeBSD. Why is transparency not set?

R

Rad1us2015-06-09 17:52:20

FreeBSD

Rad1us, 2015-06-09 17:52:20

This configuration works:
firewall.conf
add 4000 divert natd ip from any to any via em0
add 65500 allow ip from any to any
squid.conf
acl localnet src 172.16.0.0/24
acl block dstdomain .drom.ru
http_access deny all block
http_access allow localnet
http_access deny all http_port 3128
coredump_dir / var
/ squid / cache does not work.

It is interesting that if you disable squid during the second configuration, the computers in the LAN still go to the Internet. So the firewall does not redirect traffic? Where did I go wrong and what can I do about it?

Reply

Answer the question

In order to leave comments, you need to log in

4 answer(s)

I

Igor, 2015-06-09
@fredyk

And when installing the port, did you select the appropriate function "support for transparent proxy via ipfw? Look at the logs, SQUID should swear in this case =)

A

athacker, 2015-06-10
@athacker

Well, the same advice - turn off NAT in the firewall config for now and deal with the squid.

A

Alexander, 2015-06-10
@Tilk

Where does everyone get the string "http_port 3128 transparent" from? What is the squid version? "http_port 127.0.0.1:3128 intercept" must be written. transparent was on version 2x.

S

Sergey N, 2015-06-11
@Albibek

transparent mode is not enabled when installing squid when building from a package. You can rebuild from ports by enabling the option, but I advise you to first understand the answer and understand how intercept differs from transparent.