# [PF+Squid] Outbound connections through squid



## ycastor (Apr 15, 2014)

Well, here all the connections need to pass through an external authenticated proxy and since there's a lot of systems that can't just fetch the http_proxy env variable *I* need a local proxy to authenticate all outbound connections within the parent proxy.  I've already configured the local Squid as transparent with PF support and indicated the external proxy as a cache_peer, it's working like a charm for inbound connections, but *I*'m struggling to redirect all local HTTP/FTP connections through Squid. 

Here's my pf.conf:

```
# Network

IFACE="hn0"  # INTERFACE

set skip on lo
scrub in all

# Transparent Proxy
rdr on $IFACE inet proto tcp from any to any port {www,ftp} -> 127.0.0.1 port 3$

# RDR Rules
pass in on $IFACE inet proto tcp from any to 127.0.0.1 port 3128 keep state
pass out on $IFACE inet proto tcp from any to 127.0.0.1 port 3128 keep state
```

The inbound connections are working like a charm, *I* can see them in access.log, but there's nothing from outbound connections like a `wget [url=http://www.google.com]http://www.google.com[/url]`.

Thanks in advance!


----------

