Anil, This won't affect HTTPS traffic as it will still be proxied over port 80 (just remember, if Squid is listening on port 80, it is not necessarily for HTTP traffic only, it is just the port that the proxy is listening on. Squid can also proxy other types of traffic over the same port e.g. HTTPS, FTP, SOCKS) . You just need to make sure the web interface is not on port 80 so that the proxy service can bind to that port (only one service can be listening on a specific port at any one time).
1. You can do this, the only reason you would 'need' to is if you need another service to listen on port 443. Some people do this as a 'security' measure but I'm not a believer in security by obscurity. 2. This will only work with some kind of proxy running on your network at the proxy.sucks.com:80 address. If there is no proxy available (and it is set in your web browser) you will just get timeout messages for all your HTTP requests. Regards, Daniel Davis From: Anil Garg [mailto:garg_art2...@yahoo.com] Sent: Thursday, 7 October 2010 12:57 AM To: support@pfsense.com Subject: Re: [pfSense Support] Proxy Question Thanks Dan. Appreciate it. I suppose the trick is in web interface to https... But what happens when I go to online bank and that uses https traffic....?? 1. Should we change the web interface to some absurd port number? Only web admin of pfsense needs that..... 2. It sounds like the Squid or no Squid, this solution proposed by you should work... Anil Garg +1 408-221-7725 ________________________________ From: Daniel Davis <daniel.da...@lasseters.com.au> To: "support@pfsense.com" <support@pfsense.com> Sent: Tue, October 5, 2010 3:54:39 PM Subject: RE: [pfSense Support] Proxy Question Yes, just put a DNS entry in the DNS forwarder for proxy.sucks.com<http://proxy.sucks.com> pointing to your gateway IP address. You will also need to change the proxy port to port 80 (make sure that the pfsense web interface is set to HTTPS in advanced settings first). Regards, Daniel Davis From: Anil Garg [mailto:garg_art2...@yahoo.com] Sent: Wednesday, 6 October 2010 4:28 AM To: support@pfsense.com Subject: [pfSense Support] Proxy Question At my work, I have to enter: proxy.sucks.com:80 under the Tools>Options>network>connections>settings When I get home, I have to invariably retrace my path. I have a vanilla pfsense 1.2.3 set up with no proxy or anything.. in the following way: LAN |----------pfsense-------DSLrouter-------ISP is there a way for domain name proxy.sucks.com:80 to point to squid on pfsense? If so one can venture and install squid as a package for fun. Anil Garg +1 408-221-7725 -- This message has been scanned for viruses and dangerous content by MailScanner has detected a possible fraud attempt from "spamalot.lasseters.com" claiming to be mail.lasseters.com.au<http://spamalot.lasseters.com/>, and no infections were found. -- This message has been scanned for viruses and dangerous content by mail.lasseters.com.au, and no infections were found.
