Squid Proxy Transparent + OpenVPN + tcp_outgoing_address possible?

Started by crissi, January 23, 2022, 04:10:05 PM

Previous topic - Next topic
Print
Go Down Pages 1 2 3
User actions
March 12, 2022, 09:08:02 PM #30
thx, i red the documentation about the templates several times, but to be honest for me are the steps absolute not clear yet..:)

Could you please explain detailed what you did?


Yes, such an important Feature like this, should be already available in the Gui, and not to screw around in the FW Files .. >:(







Cheers,
Crissi
March 13, 2022, 12:23:25 PM #31 Last Edit: March 13, 2022, 12:32:43 PM by crissi
Tested now further, and did the following @thefunkygibbonwith with your answer in the other post, dont know, if this is correct:


Code Select

cd /usr/local/opnsense/service/templates/OPNsense/Proxy/


Created new File
Code Select

nano customtcpoutgoing.conf


Added to the File tcp_outgoing_address 10.40.x.x

Then edit File +TARGETS File in the same Directory and added there 

Code Select

customtcpoutgoing.conf:/usr/local/etc/squid/squid.conf


saved and restarted Squid

Then afterwards checking squid.conf

Code Select

# tail /usr/local/etc/squid/squid.conf
tcp_outgoing_address 10.40.x.x


So the tcp_outgoing_address 10.40.x.x is set, but all other settings are overwritten...

Do i need to coppy all settings from squid.conf under /usr/local/opnsense/service/templates/OPNsense/Proxy/ to my created customtcpoutgoing.conf + tcp_outgoing_address 10.40.x.x ???

Thx!


Cheers,
Crissi
March 14, 2022, 09:39:16 AM #32
honestly mate, I don't know any more.  i think we're both at a place where all we need to happen is to know the proper way of "adding" a line of config to the squid config using templates so that it doesn't overwrite all the other config and that it doesn't get lost in an upgrade.

its going to need someone that knows how to do this.  I don't see anything of the like mentioned in the opnsense documentation and I can't make head nor tail of the documentation for that template system.
March 15, 2022, 07:31:38 AM #33
yes, correct.. the topic here has 1500 Views already, but no one else way in here , and give us the last piece of the puzzle to move forward, this really sucks...


Cheers,
Crissi
March 15, 2022, 02:49:48 PM #34
just had some time to play again.  looks like the cron job set up to run the script isn't actually running it. can't see anything in my logs either.  ugh... on the verges of giving up
March 18, 2022, 09:55:04 AM #35
Hi,
same here, cron job isnt running, and nothing in the logs, executing the script manually works fine

Hope someone give us a hint?
Cheers,
Crissi
March 21, 2022, 03:39:25 PM #36
temp working solution for me executing the script every minute

Code Select

nano /etc/crontab -e



Code Select

*/1 * * * * root /root/vpnscript.sh
Cheers,
Crissi
February 27, 2023, 03:26:28 PM #37
For future references, there's an alternative approach here: https://forum.opnsense.org/index.php?topic=32642.0
Disclaimer: All advice presented is "AS IS", no warranties.
I'm not part of the opnsense team, just trying to help.
May 04, 2024, 11:15:56 AM #38
Thanks, dont want to install squid on a other pc, to get this working...

I saw that someone else asked to implement this on Github https://github.com/opnsense/core/issues/5868 but the Issue timed out automatically, as now one seemed to pick the task, unfortunately...
Cheers,
Crissi
May 05, 2024, 10:20:07 AM #39
Hi,

I'm struggeling with the tcp_outgoing_address parameter, i cant get it to work. I have a working wireguard (road worrior setup) connection and a working squid proxy but when I add the tcp_outgoing_address parameter all the connections through the proxy time out.
Do I need any new routes or fw-rules to get this working?
Intel i7-8550U - Intel I211 - RAM 16GB - NVMe 120Gb
Intel i7-5550U - Intel I211 - RAM 8GB - NVMe 50Gb
Print
Go Up Pages 1 2 3
User actions