How to setup a Proxy Server Using pfSense


In this article I will explain, how to setup a transparent proxy server using pfSense and I will explain how to configure it for best results and how to generate custom reports for the proxy server.

Introduction

'pfSense' is a freeware which can be used to turn your personal computer into a firewall or a router. It is very easy to use pfSense and installation is very simple. You can use this pfSense for both personal purpose or for corporate purpose. pfSense acts as a proxy server. Proxy server can be used to filter traffic and it is act as an intermediate to our server to client. Proxy server can be very helpful for an organization to analyse the traffic it is getting and to load balance the traffic.

Getting started with pfSense

You can get complete installation guide for downloading pfSense here samkear.com/pfsense/setting-up-a-pfsense-router . After downloading the package then go to start menu and you can find squid package. Install it first in pfSense software. This can be done by clicking + symble on the squid package. This installation takes up to some minutes to complete.

How to configure pfSense

After you completed the installation of squid package you will get new options under "service" menu, which is "proxy server". To see the configuration click on that option then you will be shown configuration page. First you need to set the proxy interface. You can choose the proxy interface as LAN and enable the option allow user on this interface, to allow users to access this interface. Then select "enable transparent proxy server" option and then click "save" to save the configurations. This will enable you to start proxy with your customized settings.

After doing this you are done with the configuration of pfSense. Whenever any client access your web service by using port no 80, they will be redirected to this predefined proxy and they don't even know that they are accessing the web service through your proxy.

1 Package installation 2 Accessing the proxy server menu

Manage your traffic using pfSense

You can find traffic management tab in pfSense to manage several options about your traffic. You can change bandwidth setting about how much bandwidth each user can use and you even can vary those options for each interface. You can restrict user upload or download file size limit by using this traffic management option. You can specify what type of files you would like to accept through this proxy, like you can specify that user can upload only image file or only binary file or something else. You can even specify a set of acceptable file types.

3 proxy configuration 4 Traffic Management Settings

How to improve proxy performance

This proxy software provides lot of options for you to customize how you would want your proxy to run. You can setup the proxy according to the type of your network. If you are running low memory then you can set proper cache sizes for your interface by using squid configuration settings page. Below are some tweaks you can use while you are setting proxy for your network.

Cache size

We have two types of caches; those are memory cache and hard disk cache. Hard disk cache is the amount of hard disk space it takes to run the proxy and memory cache can be set to maximum if your proxy running on high RAM. If your proxy running on low RAM then set your memory cache to low.

Object size

You can also configure the size of objects. The default size for each object is set to 4k. You can set it to up to 50k. Don't set more than this size. Because there may be more objects generated, so there may be limited memory constraints. There are so many variable options available in this to change. If you want you can visit pfSense site you know about this. Below is a screenshot of cache management page that you can check out.

5 Cache Management Settings

How to clean cache manually

pfSense clean objects created occasionally but if you want to clear by yourself, then you can able to do this by using some command. I will explain them below. Before running these commands you should stop currently running proxies. If you want to clear all the cache memory then you can run below command. It will clear all the files which are already exist on the cache memory. The time takes to clear the cache is dependent on the size of cache you defined previously.
Squid-k shutdown
To restart your squid server you should type squid-z command.

Generating Proxy Reports

You can generate custom reports from this squid pfSense proxy software. To enable this feature you need to add another package called "lightsquid". You can install this package by going to pfSense manager. This package tracks all the sites which are accessed by all users and it will list top list of sites from this sites. You can even findout the IP address of individual user who accesses a particular site and how many times a visitor visit a site. You can set the interval time also. That is you can set what is the time interval between two report generations. To see the custom generated reports you can simply click on report tab.

Conclusion

I hope this resource helped you to generate your own custom pfSense proxy for your network and you can easily handle the traffic you get and you can even analyze the traffic by using "lightsquid" package.

Read How to speed up a slow internet connection



Comments



  • Do not include your name, "with regards" etc in the comment. Write detailed comment, relevant to the topic.
  • No HTML formatting and links to other web sites are allowed.
  • This is a strictly moderated site. Absolutely no spam allowed.
  • Name:
    Email: