Proxmox + pfSense -> Transparent Bridge

Hardware:

Old Dell Precision 390:

CPU: 2 x Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz

RAM: 4GB

Disk: 150GB

3 Ethernet Ports

Installing pfSense:

1.  Install pfSense from iso. Suggested Specs: 32GB disk, 2GB RAM, 1CPU
2. Add network interfaces (2 minimum, I'm using all 3 I have available)
   
   
   
   
   
3. Run the installer, no need to set VLAN but do assign interfaces.
4. pfSense up and running!

Configuring pfSense:

Follow the steps mentioned in this forum post, I've added extra details in bold:

1. Disable Outbound NAT.
2. Go to the 'System -> Advanced -> System Tunables'  and set net.link.bridge.pfil_bridge from 'default' to '1'. Also set net.link.bridge.pfil_member to 0
3. Bridge WAN and LAN by going to 'Interfaces → Assign → Bridges'
4. Create OPT2 (there should be already an OPT1 since we are using 3 nics) interface and assign the bridge to it by 'Interfaces → Assignments. 
5. Add an IP address to the bridge interface; this IP is the one you will use to access the firewall long term (you'll need these if you are only using 2 NICs, for example 192.168.2.1)
6. Give OPT1 and adress within your LAN subnet (something like 192.168.1.2)
7.  Add allow all rules to ALL firewall interfaces to avoid being locked out. Interfaces OPT1, OPT2 WAN, and LAN (You can restrict access later, let's get it working first)
8. Set WAN and LAN interface type to 'none'. (Under 'Interfaces' in GUI)
9. Disable DHCP server (for the LAN, you will probably need to disable DHCP first) 
10. The firewall should now be able to be accessed from all ifaces via the IP on the bridge from step 5 and 6. For 5 you will need to manually chance the IPv4 address to something like 192.168.2.10). 
11. Carefully modify your firewall rules to be more restrictive. DNS, DHCP, etc. Note: You will be adding the rules to the OPT2 interface (the one assigned to the bridge) 

At this point I think I was done, but since I'm running pfSense within a VM in Proxmox, there are some extra steps. Otherwise performance could be severely impacted (I w

Virtualized pfSense:

Check this info from Netgate, the important part is about disabling  hardware checksum offload

1. System > Advanced and select Networking tab. Under Networking Interfaces section check the Disable hardware checksum offload
2. Click save
3. Reboot

Now you are done! 

Ascii Diagram:

+------------+

|            |

| INTERNET   |

|            |

+-----+------+

      | eth0

+--------------------------+

|     vtnet0               |

|Proxmox + pfSense (DELL)  |

|     Vtnet1      Vtnet2   |

+--------------------------+

      |eth1          |eth2

      |          +---+

+------+------+  |

|   WAN PORT  |  |

|   Home      |  |

|   Router    |  |

|   LAN PORT  |  |

+-----+-------+  |

     |           |

     |           |

 +---+-----+     |

 |         |     |

 |  SWITCH |     |

 |         |     |

 +-+-----+-+     |

   |     |       |

   |     |       |

   |     +-------+

+--+--+

| LAN |

|     |

+-----+

http://asciiflow.com/

Note: Squid as a transparent proxy might not work in this setup