هدف از این فیلم ارائه گام به گام در مورد نحوه پیکربندی و نصب یک پروکسی شفاف با استفاده از pFSense و بسته Squid است. این فیلم شامل نمودار شبکه ای است که نشان می دهد چیدمان محیط ، پیش بینی مشتری قبل از نصب پروکسی ، نحوه پیکربندی یک CA اصلی برای پشتیبانی از پروکسی سرور ، نحوه نصب بسته ماهی مرکب ، نحوه پیکربندی ذخیره سازی ماهی مرکب ، چگونگی تنظیم پیکربندی ماهی مرکب ، تست پس از مشتری پس از پیکربندی پایه پروکسی ، چه فایروال برای محکم کردن قوانین ، چگونه برای اضافه کردن قوانین بلوک و نمایش پیام های خطا هنگام مسدود شدن سایت ، چه پیکربندی می کند.
توجه: من به دلیل مشکلات ثبات مشخص شده در وب سایت pFSense ، پیکربندی آنتی ویروس HVAP را درج نکردم.
لینک دانلود
How to bypass whatsapp web (unblock), but block facebook.com on squid guard pfsense? Thank you
not able to block gmail though….any suggestion?
I liked the video, but having some issues.
After configuring proxy Play Station Vue, Netflix, Arlo Videos Cameras stopped working.
So two questions:
1. Is it practical to use proxy without FW rule forcing all be on LAN?
2. How to address problems with Play Station Vue, Netflix, Arlo Videos Cameras
Overall wonder about usefulness vs problems it creates.
Can this configuration co-exist with nginx on port 80?
can you make a tutorial for it. for example deny all website but allow specific website ex. gmail and yahoo
Install Squid & configure
Install Squidguard & configure
Configure WPAD
Force users to use proxy by blocking tcp80,443
In Squidguard, set default ACL to Deny
In Squidguard, create Whitelist ACL group and then add your allowed domains to it.
I must say that your method is by far the best and simplest one to filter even SSL traffic..brilliant…I have a request for you please…Can you make a video on how to configure squid on multiple interfaces with dhcp enabled on optional interfaces…meaning, excluding the LAN….
can you help me to configure, windows caching?
Would you be up to doing a WPAD setup video. Trying to get one setup for my network and just not having luck. This one helped me config my machines. Ty
How To Configure youtube cache
could yo tell us , what is the manager lan IP and what is gateway ?
thanks mas bro
nice
Would using a VPN which uses its own CA cause any issues with this setup?
nice video
Thanks for an amazing video.
I’ve just installed pFSense for the first time a few days ago thanks to your videos, and mostly have it working the way I want it to. One thing I’d like assistance with is troubleshooting blocking issues.
On pFSense I have the following packages installed:
– pfBlockerNG (set to block incoming from Asia, Russia etc)
– Squid (including https, and antivirus)
– ntopng
The issues I’m having with this config are:
– If I have antivirus running, it blocks crahsplan
– some https pages/ iPhone apps like google voice/ ebay do not load on initial attempt; pressing reload once or twice seems to makes them work
– some https pages like eBay no longer display images of auctions on safari; work well on firefox
To trouble shoot current procedure:
– I’ve looked at firewall logs, filtered for IP address of server
– I assume that logs would show all firewall logs including pfBlockerNG, but in case it didn’t I disabled it too and reran test
– I couldn’t find logs for Squid or AV from interface, so I disabled it and reran tests; I thought it would disable antivirus but it didn’t
My questions:
1. How do you troubleshoot? I followed procedure above but I think I’m missing some simple steps
2. For Crashplan. how can I add a rule to bypass virus protection for that IP address
3. For eBay, google voice etc is it a good idea to add them domain to whitelist or is there another solution like just enabling certain apps?
4. Are there reports I can add to dashboard that would show things going out that are being blocked by firewall, AV, or squid?
5. Are there any other recommended packages to install that you would recommend either to troubleshoot or better accomplish what I'm doing
Thanks in advance for your time
Hi ! Thanks a lot for your video.
Maybe I did miss something, but how does your client knows it have to go through the transparent proxy ? in my environment I have to manually configure a proxy into my chrome browser.
thanks again.
Love the video – thanks. I would like to see your internal IP addresses – are you double NATing or are the gateway and the client on the same LAN segment?
Well, dont want to be downer, but its just not working for me, I even went for factory reset for pfsense and setup just basics then followed the video. Every browser, every system on the network complains about insecure connection.
Had to disable ssh filtering. Setting up a certificate and setting splicing all, setting CA to one created,… it did not do its magic
I tried setting up squid as a transparent proxy in a similar topography but I got errors when going to certain sites despite not blocking any addresses or setting any acl's.
do i have to select my country on CA config!? or I can select any
because it's not listed.
your method is fantastic
would you please do videos about suricata and pfblocker?
thank you so much for your hard work
Awesome video!