> On Apr 11, 2016, at 9:40 AM, --Ahmad-- <> wrote: > > Hi dev , > > when i use socks5 client on my pc to connect to squid proxy on centos , i > can tunnel RDP traffic using squid . > > recently when i changed to pfsense , > I’m unable to use RDP using proxy . > > MY CACHE PEER proxy is 10.12.0.32 , if i use it directly i can use RDP. > > but RDP from pfsense always forbidden and i already allowed rdp port in the > ports in pfsense squid config .! > > > i will paste my squid config below and the error i face when i try . > > =============== > [2.2.2-RELEASE][admin <mailto:ad...@pfsense.mpwh.ps>@ > <mailto:ad...@pfsense.mpwh.ps>pfSense <mailto:ad...@pfsense.mpwh.ps>]/root: > squid -k parse > 2016/04/11 09:25:53| Startup: Initializing Authentication Schemes ... > 2016/04/11 09:25:53| Startup: Initialized Authentication Scheme 'basic' > 2016/04/11 09:25:53| Startup: Initialized Authentication Scheme 'digest' > 2016/04/11 09:25:53| Startup: Initialized Authentication Scheme 'negotiate' > 2016/04/11 09:25:53| Startup: Initialized Authentication Scheme 'ntlm' > 2016/04/11 09:25:53| Startup: Initialized Authentication. > 2016/04/11 09:25:53| Processing Configuration File: > /usr/local/etc/squid/squid.conf (depth 0) > 2016/04/11 09:25:53| Processing: http_port 10.12.140.254:8080 > 2016/04/11 09:25:53| Processing: http_port 127.0.0.1:8080 > 2016/04/11 09:25:53| Processing: icp_port 0 > 2016/04/11 09:25:53| Processing: dns_v4_first off > 2016/04/11 09:25:53| Processing: pid_filename /var/run/squid/squid.pid > 2016/04/11 09:25:53| Processing: cache_effective_user proxy > 2016/04/11 09:25:53| Processing: cache_effective_group proxy > 2016/04/11 09:25:53| Processing: error_default_language en > 2016/04/11 09:25:53| Processing: icon_directory > /usr/pbi/squid-amd64/local/etc/squid/icons > 2016/04/11 09:25:53| Processing: visible_hostname mpwh > 2016/04/11 09:25:53| Processing: cache_mgr admin@localhost > 2016/04/11 09:25:53| Processing: access_log /var/squid/logs/access.log > 2016/04/11 09:25:53| Processing: cache_log /var/squid/logs/cache.log > 2016/04/11 09:25:53| Processing: cache_store_log none > 2016/04/11 09:25:53| Processing: netdb_filename /var/squid/logs/netdb.state > 2016/04/11 09:25:53| Processing: pinger_enable on > 2016/04/11 09:25:53| Processing: pinger_program > /usr/pbi/squid-amd64/local/libexec/squid/pinger > 2016/04/11 09:25:53| Processing: logfile_rotate 0 > 2016/04/11 09:25:53| Processing: debug_options rotate=0 > 2016/04/11 09:25:53| Processing: shutdown_lifetime 3 seconds > 2016/04/11 09:25:53| Processing: acl localnet src 10.12.140.0/24 127.0.0.0/8 > 2016/04/11 09:25:53| Processing: forwarded_for on > 2016/04/11 09:25:53| Processing: uri_whitespace strip > 2016/04/11 09:25:53| Processing: acl dynamic urlpath_regex cgi-bin \? > 2016/04/11 09:25:53| Processing: cache deny dynamic > 2016/04/11 09:25:53| Processing: cache_mem 64 MB > 2016/04/11 09:25:53| Processing: maximum_object_size_in_memory 256 KB > 2016/04/11 09:25:53| Processing: memory_replacement_policy heap GDSF > 2016/04/11 09:25:53| Processing: cache_replacement_policy heap LFUDA > 2016/04/11 09:25:53| Processing: minimum_object_size 0 KB > 2016/04/11 09:25:53| Processing: maximum_object_size 4 MB > 2016/04/11 09:25:53| Processing: cache_dir ufs /var/squid/cache 100 16 256 > 2016/04/11 09:25:53| Processing: offline_mode off > 2016/04/11 09:25:53| Processing: cache_swap_low 90 > 2016/04/11 09:25:53| Processing: cache_swap_high 95 > 2016/04/11 09:25:53| Processing: cache allow all > 2016/04/11 09:25:53| Processing: refresh_pattern ^ftp: 1440 20% 10080 > 2016/04/11 09:25:53| Processing: refresh_pattern ^gopher: 1440 0% 1440 > 2016/04/11 09:25:53| Processing: refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 > 2016/04/11 09:25:53| Processing: refresh_pattern . 0 20% 4320 > 2016/04/11 09:25:53| Processing: acl allsrc src all > 2016/04/11 09:25:53| Processing: acl safeports port 3389 21 70 80 210 280 443 > 488 563 591 631 777 901 8080 3129 1025-65535 > 2016/04/11 09:25:53| Processing: acl sslports port 443 563 > 2016/04/11 09:25:53| Processing: acl safeports port 3389 12345 > 2016/04/11 09:25:53| Processing: acl purge method PURGE > 2016/04/11 09:25:53| Processing: acl connect method CONNECT > 2016/04/11 09:25:53| Processing: acl HTTP proto HTTP > 2016/04/11 09:25:53| Processing: acl HTTPS proto HTTPS > 2016/04/11 09:25:53| Processing: http_access allow manager localhost > 2016/04/11 09:25:53| Processing: http_access deny manager > 2016/04/11 09:25:53| Processing: http_access allow purge localhost > 2016/04/11 09:25:53| Processing: http_access deny purge > 2016/04/11 09:25:53| Processing: http_access deny !safeports > 2016/04/11 09:25:53| Processing: http_access deny CONNECT !sslports > 2016/04/11 09:25:53| Processing: request_body_max_size 0 KB > 2016/04/11 09:25:53| Processing: delay_pools 1 > 2016/04/11 09:25:53| Processing: delay_class 1 2 > 2016/04/11 09:25:53| Processing: delay_parameters 1 -1/-1 -1/-1 > 2016/04/11 09:25:53| Processing: delay_initial_bucket_level 100 > 2016/04/11 09:25:53| Processing: delay_access 1 allow allsrc > 2016/04/11 09:25:53| Processing: acl rdp dat XXXX.XX.70.0/24 > 2016/04/11 09:25:53| Processing: http_access allow rdp > 2016/04/11 09:25:53| Processing: dns_nameservers 8.8.8.8 10.12.0.33 > 2016/04/11 09:25:53| Processing: never_direct allow all > 2016/04/11 09:25:53| Processing: cache_peer 10.12.0.32 parent 80 0 no-query > no-digest default > 2016/04/11 09:25:53| Processing: http_access allow localnet > 2016/04/11 09:25:53| Processing: http_access deny allsrc > 2016/04/11 09:25:53| Initializing https proxy context > [2.2.2-RELEASE][admin <mailto:ad...@pfsense.mpwh.ps>@ > <mailto:ad...@pfsense.mpwh.ps>pfSense. <mailto:ad...@pfsense.mpwh.ps>/root: > > > > > > > and here is the error when i try to connect RDP : > 1460356516.600 0 10.12.140.114 TCP_DENIED/403 3450 CONNECT > XX/XX.XX.26:3389 - HIER_NONE/- text/html
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
