Date: Fri, 21 Sep 2007 17:19:12 -0300 From: "Gilberto Villani Brito" <linux@giboia.org> To: Umar <unix.co@gmail.com> Cc: freebsd-pf@freebsd.org Subject: Re: local proxy Message-ID: <6e6841490709211319n5585b3c0kf92b55b7882d45cf@mail.gmail.com> In-Reply-To: <12825908.post@talk.nabble.com> References: <12825908.post@talk.nabble.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 21/09/2007, Umar <unix.co@gmail.com> wrote: > > Dear Members!! > > I want to restrict my users that they don't bypass my squid proxy in linux > iptables I achieved with these rulese. > > $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -d ! 192.168.1.250 -p TCP > --dport 3128 -j DROP > $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -d ! 192.168.1.250 -p TCP > --dport 8080 -j DROP > $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -d ! 192.168.1.250 -p TCP > --dport 80 -j DROP > $IPTABLES -t nat -A PREROUTING -s 192.168.1.0/24 -d ! 192.168.1.250 -p TCP > --dport 6588 -j DROP > > now please help me how I can do the same thing with PF > > Regards, > > Umar Draz > > > -- > View this message in context: http://www.nabble.com/local-proxy-tf4497398.html#a12825908 > Sent from the freebsd-pf mailing list archive at Nabble.com. > > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" > Try this: block in quick proto tcp from 192.168.1.0/24 to ! 192.168.1.250 port 3128 block in quick proto tcp from 192.168.1.0/24 to ! 192.168.1.250 port 8080 block in quick proto tcp from 192.168.1.0/24 to ! 192.168.1.250 port 80 block in quick proto tcp from 192.168.1.0/24 to ! 192.168.1.250 port 6588 -- Gilberto Villani Brito System Administrator Londrina - PR Brazil gilbertovb(a)gmail.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6e6841490709211319n5585b3c0kf92b55b7882d45cf>