From owner-freebsd-questions@FreeBSD.ORG Wed Jul 16 09:15:06 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4242137B401 for ; Wed, 16 Jul 2003 09:15:06 -0700 (PDT) Received: from out004.verizon.net (out004pub.verizon.net [206.46.170.142]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5811743F75 for ; Wed, 16 Jul 2003 09:15:05 -0700 (PDT) (envelope-from mike@pcmedx.com) Received: from duron.pcmedx.com ([4.46.1.67]) by out004.verizon.net (InterMail vM.5.01.05.33 201-253-122-126-133-20030313) with ESMTP id <20030716161504.XMUW14849.out004.verizon.net@duron.pcmedx.com>; Wed, 16 Jul 2003 11:15:04 -0500 Received: from mike (mike.pcmedx.com [192.168.240.244]) by duron.pcmedx.com (Postfix) with SMTP id EB0EAAA23; Wed, 16 Jul 2003 09:15:03 -0700 (PDT) Message-ID: <001401c34bb5$78634000$f4f0a8c0@pcmedx.com> From: "Mike Maltese" To: References: <4402.10.0.0.2.1058357611.squirrel@localhost.smmc.qld.edu.au> Date: Wed, 16 Jul 2003 09:15:27 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 X-Authentication-Info: Submitted using SMTP AUTH at out004.verizon.net from [4.46.1.67] at Wed, 16 Jul 2003 11:15:04 -0500 cc: freebsd-questions@FreeBSD.org Subject: Re: FBSD gateway/firewall with squid <-will it let request in?? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2003 16:15:06 -0000 Crack open the squid Makefile and uncomment CONFIGURE_ARGS+= --enable-ipf-transparent I'm currently running this setup, however, it's been a while. IIRC, you need to manually move the ipf header files from your source tree (/usr/src/sys/contrib/ipfilter/netinet) to /usr/include/netinet for it to build successfully. Also, take a look at the following link. It's almost a year old but you may find it useful. http://ezine.daemonnews.org/200209/squid.html ----- Original Message ----- From: To: "Free bsd " Sent: Wednesday, July 16, 2003 5:13 AM Subject: FBSD gateway/firewall with squid <-will it let request in?? > Hi all, > shooting blind here cause I trouble shoot this (although I am remote from > the systems in question) > > 203.111.111.216/29 <-NAT-> 10.0.0.1 10.0.0.2 > Internet<------>FBSD (ipfilter/ipnat squid) <------> www/mail server > > All "live ips" are alias to external interface of FBSD they NAT to internals. > I have never had squid proxy on a gateway like this. Would squid by > default (I have changed very little in squid.conf) interfere with > externally incoming traffic being Natted to the inside server? Will it > block? > I know this is FBSD not SQUID but maybe it is an ipf hassle otherwise. > Thanks if you can help > Keith > > > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"