From owner-freebsd-ipfw  Mon Mar  4 22:18:24 2002
Delivered-To: freebsd-ipfw@freebsd.org
Received: from smtpout.mac.com (smtpout.mac.com [204.179.120.85])
	by hub.freebsd.org (Postfix) with ESMTP id 9FE1037B400
	for <freebsd-ipfw@FreeBSD.ORG>; Mon,  4 Mar 2002 22:18:20 -0800 (PST)
Received: from smtp-relay02.mac.com (server-source-si02 [10.13.10.6])
	by smtpout.mac.com (8.12.1/8.10.2/1.0) with ESMTP id g256IKFD013882
	for <freebsd-ipfw@FreeBSD.ORG>; Mon, 4 Mar 2002 22:18:20 -0800 (PST)
Received: from asmtp02.mac.com ([10.13.10.66]) by
          smtp-relay02.mac.com (Netscape Messaging Server 4.15 relay02 Jun
          21 2001 23:53:48) with ESMTP id GSHLIK00.IIB for
          <freebsd-ipfw@FreeBSD.ORG>; Mon, 4 Mar 2002 22:18:20 -0800 
Received: from osx.jdk ([24.83.206.181]) by asmtp02.mac.com
          (Netscape Messaging Server 4.15 asmtp02 Jun 21 2001 23:53:48)
          with ESMTP id GSHLIJ00.E4O; Mon, 4 Mar 2002 22:18:19 -0800 
Date: Mon, 4 Mar 2002 22:18:18 -0800
Subject: Re: Transparent proxy for connections originating on localhost
Content-Type: text/plain; charset=US-ASCII; format=flowed
Mime-Version: 1.0 (Apple Message framework v481)
Cc: freebsd-ipfw@FreeBSD.ORG
To: cjclark@alum.mit.edu
From: Jeff Koftinoff <jeffkoftinoff@mac.com>
In-Reply-To: <20020304221203.Q87533@blossom.cjclark.org>
Message-Id: <C902FE50-3000-11D6-A2D9-003065709198@mac.com>
Content-Transfer-Encoding: 7bit
X-Mailer: Apple Mail (2.481)
Sender: owner-freebsd-ipfw@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-ipfw.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-ipfw>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-ipfw>
X-Loop: FreeBSD.ORG


On Monday, March 4, 2002, at 10:12  PM, Crist J. Clark wrote:

> On Mon, Mar 04, 2002 at 09:50:37PM -0800, Jeff Koftinoff wrote:
>>
>>
>> Thank you very much for your reply.  So is 'fwd'' the right way to go
>> for transparent proxying with the web browser and the proxy on the same
>> machine?
>
> I'm not sure why one would want to proxy connections to a webserver on
> the same machine.
>

Content filtering for all http connections regardless of which browser 
is installed.

>> With the same rule that I previously specified, when I try to
>> access a remote web site, the 'fwd' rule blocks my connection and does
>> not forward to 127.0.0.1:9999. The browser (links) just hangs on 
>> 'Making
>> connection'. and 'ipfw show' shows the counter increase.
>
> Hmmm... I thought you said it was working. I'm not clear on what is
> and is not working.

When I originate the connection on an external computer, the fwd works. 
When I originate the connection on the same computer that has the fwd 
rule, the fwd rule causes the connect to hang.

Jeff


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message