Netgate SG-1000 microFirewall

Author Topic: going INSANE - Pfsense in bridge mode and Squidguard not workign :(  (Read 356 times)

0 Members and 1 Guest are viewing this topic.

Offline elcid

  • Newbie
  • *
  • Posts: 22
  • Karma: +0/-0
    • View Profile
So I finally some what managed to get PFsense in bridge mode:

the way that I have it connected it is as follow:

Internet  >> firewall  >> eth0 on PF server which then connects to the LAN via the PF server eth1 port.

its currently set in bridge mode.  For the time being, while I am going bonkers I have disabled the firewall - which I don't really need as I have a primary firewall in front of PFsense.

I have installed Squid and Squid guard. I have enabled the services and have downloaded the squidguard blacklist.  its suppose to be setup in transparent mode.


my issue is that its not working! no matter what I do, it just wont work.  Traffic is flowing fine through the bridge but the proxy server is not filtering out anything.

One additional comment.

The LAN gateway IP is the primary firewall
PFsense server gateway ip is the primary firewall


Since ALL traffic is going through the bridge, I thought that it should not be an issue filtering! but its not really working.

Any comments or assistance is HIGHLY appreciated

Offline doktornotor

  • Hero Member
  • *****
  • Posts: 8553
  • Karma: +956/-278
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: going INSANE - Pfsense in bridge mode and Squidguard not workign :(
« Reply #1 on: January 22, 2017, 02:10:46 am »
That will NOT work. Read https://redmine.pfsense.org/issues/1620#note-5 - patches and testing welcome.
Do NOT PM for help!

Offline ahansen

  • Newbie
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
Re: going INSANE - Pfsense in bridge mode and Squidguard not workign :(
« Reply #2 on: November 28, 2017, 02:09:17 am »
I got this working by simply binding squid to the two interfaces that made up the bridge (in my case). Eg rather than Bridge0, I used LAN and OPT1 (ath0). I have an atheros wireless card in the netgate box so this is really the only way to get it all working. Doesn't miss a beat.