From owner-freebsd-questions@FreeBSD.ORG  Thu Jul 31 20:04:16 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 4DFF51065672
	for <freebsd-questions@freebsd.org>;
	Thu, 31 Jul 2008 20:04:16 +0000 (UTC)
	(envelope-from jhall@vandaliamo.net)
Received: from trueband.net (director.trueband.net [216.163.120.8])
	by mx1.freebsd.org (Postfix) with SMTP id 9D5918FC0A
	for <freebsd-questions@freebsd.org>;
	Thu, 31 Jul 2008 20:04:15 +0000 (UTC)
	(envelope-from jhall@vandaliamo.net)
Received: (qmail 14626 invoked by uid 1006); 31 Jul 2008 19:37:29 -0000
Received: from jhall@vandaliamo.net by rs0 by uid 1003 with qmail-scanner-1.16
	(spamassassin: 3.1.4.  Clear:SA:0(-1.4/100.0):. 
	Processed in 0.124166 secs); 31 Jul 2008 19:37:29 -0000
X-Spam-Status: No, hits=-1.4 required=100.0
X-Spam-Level: 
Received: from unknown (HELO laz1) (172.16.0.69)
	by -v with SMTP; 31 Jul 2008 19:37:29 -0000
Received: from [10.75.0.1]
	by webmail.vandaliamo.net with HTTP; Thu, 31 Jul 2008 19:37:29 +0000
Date: Thu, 31 Jul 2008 19:37:29 +0000 (GMT)
From: Jay Hall <jhall@vandaliamo.net>
To: freebsd-questions@freebsd.org
Message-ID: <207569.19851217533049107.JavaMail.javamailuser@localhost>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed; delsp=no
Content-Transfer-Encoding: 7bit
User-Agent: Laszlo Mail 2
X-Originating-IP: [10.75.0.1]
Content-Disposition: inline
Subject: Bypassing Transparent Proxy
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: jhall@vandaliamo.net
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Jul 2008 20:04:16 -0000

Ladies and Gentlemen,

A situation has arisen for which I need to bypass my transparent proxy 
server (Squid) for a ceratin IP address range.

Following are the contents of my ipnat.rules file.

map em1 192.d.e.f/24 -> 0/32
map em1 from 10.a.b.c/24 to 69.147.83.33/32 -> 0/32
rdr em0 0.0.0.0/0 port 80 -> 10.x.y.z port 3128 tcp
map em1 10.a.b.c/24 -> 0/32

em1 is the external interface on my server.

My thinking with the rules, was adding the map command before the rdr 
would prevent traffic destined for 69.147.83.33 from hitting the proxy 
server.  Unfortunately, it did not work.

Is there an easy way to bypass the proxy server when accessing this one 
address?

Thanks,



Jay