My thought (I'm not sure if it's right):
- LAN interface traffic comes into port 80
- Destination port is redirected to 8080 (dans guardian)
- dansguardian outputs traffic to port 3128 (Squid)
- Squid outputs traffic out in WAN interface to port 80
Asked
Active
Viewed 2,988 times
0
Peter Mortensen
- 2,318
- 5
- 23
- 24
Rodrigo Recio
- 101
- 1
- 2
1 Answers
0
Squid 3 build in pfSense is perfectly possible to use with any ICAP filtering server (see the list at http://www.squid-cache.org/Misc/icap.html). The good thing about ICAP it is a traffic interception and redirection done by Squid itself, you would not need to mess with firewall redirection rules. If I am not mistaken the transparent HTTP/HTTPS filtering may be supported with just several clicks in the web interface of pfSense.
As an example see http://sichent.wordpress.com/2014/02/22/filtering-https-traffic-with-squid-on-pfsense-2-1/.
Rafael
- 534
- 2
- 3