The OPNsense proxy does not respond to changes made to the squid.conf file.
For example, I change the port number in the squid.conf file from 3031 to 8809 and the change is noticed!
In the configuration panel, this change (Services: Web Proxy: Administration ) is not updated, but it is noticed by (proxy in Firefox - connecting to the Internet). So changing the port and it worked and everything is OK.
But when I enter "forwarded_for off" in the squid.con file, the proxi in OPNsense does not respond to this change. Why?
I wanted to test this setting:
request_header_access From deny all
request_header_access User-Agent deny all
request_header_replace User-Agent SecretBrowser / 5.0 (iPhone; U; Commodore64; en)
And it doesn't work, and the same change to the squi file on Ubuntu works!
Please give me a hint.
If you want to overwrite the auto generated config (and the option is not in the GUI ) then you need to use the template system as your modification won't persist -any update will revert the config back to the original state- https://docs.opnsense.org/development/backend/templates.html (https://docs.opnsense.org/development/backend/templates.html)
however if you want to add some config, opnsense provides two directories for custom persistent modifications
- /usr/local/etc/squid/pre-auth/
- /usr/local/etc/squid/post-auth/
for example you can make a header.conf file inside pre-auth and drop the rules you want in it and then restart squid (service squid restart)
Thank you very much for the (hint).
As for templates, I don't quite understand how to save and use them. Do you need to know Python?
As for the second part of your hint, it makes more sense to me. When I test it, I'll call again.
Regards.