OPNsense Forum
English Forums => Web Proxy Filtering and Caching => Topic started by: Northguy on December 09, 2018, 02:18:56 pm
-
I tried using a transparent proxy to realize a blocklist through Remote ACL (Shallalist), because the Bind/Unbound option does not seem to work (see this topic (https://forum.opnsense.org/index.php?topic=10400.msg48338#msg48338)). The transparent proxy works when browsing webpages, but I experience streaming issues with my Teufel Raumfeld streaming radio.
Each time I disable the port forwards to the proxy, streaming starts working again, so it has something to do with the proxy. After trying a lot of things and pulling my hair for a few days, I think I found a solution by changing the forwarded_for configuration directive in squid.conf from "forwarded_for on" to "forwarded_for transparent".
After starting the service, I can now stream without issues, but I noticed that OPNsense did change this option back to "forwarded_for on" in squid.conf after starting. So now I am wondering: did the service actually load "forwarded_for transparent" and then overwrite again with "forwarded_for on" from the GUI?
Who can answer this question and how can I make "forwarded_for transparent" stick if this is the solution for my problem?
-
OK.... found the setting in the GUI (at last)... hidden under the advanced options of Services: Web Proxy: Administration:General proxy settings. So issue solved for now.
Pending question: shouldn't it be more logical to have the "forwarded_for transparent" option set together with toggling the 'transparent' checkboxes under Forward Proxy:General Forward Setting?