Date: Sun, 28 Mar 2004 07:04:54 -0600 From: Edwin Culp <eculp@viviendaatualcance.com.mx> To: whizkid@ValueDJ.com Cc: freebsd-ipfw@freebsd.org Subject: Re: FreeBSD Tansparent Proxy with ipfw & natd Message-ID: <20040328070454.3og08ss4gkgwksco@mail.viviendaatualcance.com.mx> In-Reply-To: <1088.216.100.130.17.1080447627.squirrel@www.ValueDJ.com> References: <1088.216.100.130.17.1080447627.squirrel@www.ValueDJ.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Quoting whizkid@ValueDJ.com: > I have seen lots of pages on google on how to setup Squid as a Transparent > Proxy server on FreeBSD. However most of these refer to 4.9 stable, using > IPTables. I am currently using natd and ipfw. Here are my Firewall rules < SHORTEN A BIT > > how would I set it so all incoming packets from xl0 would get redirected > to port 8080 for the proxy server. I want to setup DansGuardian for > content filtering and I don't want the people who will be using my network > to find a way around disabling the Proxy in the browser. I would try something like the following that should be around 6001 before nating. add 6001 fwd 127.0.0.1,8080 tcp from 192.168.1.0/24 to any 80 I have a rule before the allows port 80 access for "me" to not use squid for our local intranet traffic and I have a forward rule after the above but before nating to send the squid request out through an interface that is not the default route to a second ISP that is just for squid traffic, then I nat. YMMV, good luck, ed > > Anyone have any ideas? > > Thanks for your help > > _______________________________________________ > freebsd-ipfw@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040328070454.3og08ss4gkgwksco>