From owner-freebsd-pf@FreeBSD.ORG Fri Sep 21 17:09:15 2007 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 21A2716A469 for ; Fri, 21 Sep 2007 17:09:15 +0000 (UTC) (envelope-from bounces@nabble.com) Received: from kuber.nabble.com (kuber.nabble.com [216.139.236.158]) by mx1.freebsd.org (Postfix) with ESMTP id 0443B13C4A7 for ; Fri, 21 Sep 2007 17:09:14 +0000 (UTC) (envelope-from bounces@nabble.com) Received: from isper.nabble.com ([192.168.236.156]) by kuber.nabble.com with esmtp (Exim 4.63) (envelope-from ) id 1IYm0A-0002ko-58 for freebsd-pf@freebsd.org; Fri, 21 Sep 2007 10:09:14 -0700 Message-ID: <12825908.post@talk.nabble.com> Date: Fri, 21 Sep 2007 10:09:14 -0700 (PDT) From: Umar To: freebsd-pf@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Nabble-From: unix.co@gmail.com Subject: local proxy X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Sep 2007 17:09:15 -0000 Dear Members!! I want to restrict my users that they don't bypass my squid proxy in linux iptables I achieved with these rulese. $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -d ! 192.168.1.250 -p TCP --dport 3128 -j DROP $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -d ! 192.168.1.250 -p TCP --dport 8080 -j DROP $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -d ! 192.168.1.250 -p TCP --dport 80 -j DROP $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -d ! 192.168.1.250 -p TCP --dport 6588 -j DROP now please help me how I can do the same thing with PF Regards, Umar Draz -- View this message in context: http://www.nabble.com/local-proxy-tf4497398.html#a12825908 Sent from the freebsd-pf mailing list archive at Nabble.com.