Discussion:
transparent proxy not working as expected.
greg whynott
2011-08-17 20:32:41 UTC
Permalink
Hi,

I just installed a fresh copy of 2.0-RC3 for a client to segergate the vm
sandbox enviroment. We are not using NAT, rather just routing. My
intention was to configure some basic fw rules afterwards.

During the setup, I turned off NAT via the "disable firewall" option
(system-advanced-firewall/nat tab).

I enabled transparent proxy but it does not appear to be working. the
access log and cache dir are not growing.

do i need the firewall turned on for the redirect to work? if so can i
have the firewall on and nat off?

thanks for your time,
greg




*2.0-RC3 * (i386)
built on Tue Jun 21 16:50:25 EDT 2011
Jim Pingle
2011-08-17 21:49:40 UTC
Permalink
Post by greg whynott
Hi,
I just installed a fresh copy of 2.0-RC3 for a client to segergate the
vm sandbox enviroment. We are not using NAT, rather just routing.
My intention was to configure some basic fw rules afterwards.
During the setup, I turned off NAT via the "disable firewall" option
(system-advanced-firewall/nat tab).
I enabled transparent proxy but it does not appear to be working. the
access log and cache dir are not growing.
do i need the firewall turned on for the redirect to work? if so can i
have the firewall on and nat off?
You must use pf/NAT for transparent proxy to work. It's really just a
port forward behind the scenes that directs the outgoing web traffic
into the proxy.

You can disable outbound NAT (what you wanted) without disabling the
firewall. Just switch to manual outbound NAT, save, and then delete any
rules that show up. If you're on manual outbound NAT and no rules match
the traffic, no NAT happens.

Jim

---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscribe-***@public.gmane.org
For additional commands, e-mail: support-help-***@public.gmane.org

Commercial support available - https://portal.pfsense.org
greg whynott
2011-08-18 14:07:30 UTC
Permalink
Thank you very much for your responce Jim. Things are working well now.

have a great day,
greg
Post by Jim Pingle
Post by greg whynott
Hi,
I just installed a fresh copy of 2.0-RC3 for a client to segergate the
vm sandbox enviroment. We are not using NAT, rather just routing.
My intention was to configure some basic fw rules afterwards.
During the setup, I turned off NAT via the "disable firewall" option
(system-advanced-firewall/nat tab).
I enabled transparent proxy but it does not appear to be working. the
access log and cache dir are not growing.
do i need the firewall turned on for the redirect to work? if so can i
have the firewall on and nat off?
You must use pf/NAT for transparent proxy to work. It's really just a
port forward behind the scenes that directs the outgoing web traffic
into the proxy.
You can disable outbound NAT (what you wanted) without disabling the
firewall. Just switch to manual outbound NAT, save, and then delete any
rules that show up. If you're on manual outbound NAT and no rules match
the traffic, no NAT happens.
Jim
---------------------------------------------------------------------
Commercial support available - https://portal.pfsense.org
Continue reading on narkive:
Loading...