Bug #4919
closedsquid transparent proxy interface problem
0%
Description
Hello!
I don't know where to report this =)
I found a problem in squid3 package. In web configuration script (/usr/local/pkg/squid.inc) there is wrong part of configuration transparent proxy. Whatever interface you select - in resul config will always be 127.0.0.1
there is a part of default script code:if (($settings['transparent_proxy'] 'on')) {
if ($settings['ssl_proxy'] "on" && count($ssl_ifaces)>0) {
$conf .= "http_port 127.0.0.1}:{$port} intercept {$ssl_interception}\n";
$conf .= "https_port 127.0.0.1:{$ssl_port} intercept {$ssl_interception}\n";
} else {
$conf .= "http_port 127.0.0.1:{$port} intercept\n";
}
}
I edited it a little:if (($settings['transparent_proxy'] 'on')) {
if ($settings['ssl_proxy'] "on" && count($ssl_ifaces)>0) {
$conf .= "http_port {$t_iface_ip0}:{$port} intercept {$ssl_interception}\n";
$conf .= "https_port {$t_iface_ip0}:{$ssl_port} intercept {$ssl_interception}\n";
} else {
$conf .= "http_port {$t_iface_ip0}:{$port} intercept\n";
}
}
Updated by Kill Bill over 9 years ago
This is not a problem, this is by design. NAT is used to redirect the traffic to localhost. Suggested change is just wrong.
Updated by Kill Bill over 9 years ago
Forgot the code reference: https://github.com/pfsense/pfsense-packages/blob/master/config/squid3/34/squid.inc#L2228 and below.
Not a bug.