Date: Wed, 28 Feb 2007 09:38:21 +0100 From: Andrea Venturoli <ml.diespammer@netfence.it> To: Robert Watson <rwatson@freebsd.org> Cc: freebsd-net@freebsd.org Subject: Re: LOR with divert sockets Message-ID: <45E53F7D.4030703@netfence.it> In-Reply-To: <20070227222316.R60173@fledge.watson.org> References: <45E21468.4060200@netfence.it> <20070227222316.R60173@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Robert Watson wrote: > What versions of ip_fw2.c and ip_divert.c were in use? From i386/6.2-RELEASE-p1, i.e.: src/sys/netinet/ip_fw2.c,v 1.106.2.21 2006/10/10 18:39:38 bz src/sys/netinet/ip_divert.c,v 1.113.2.2 2006/05/16 07:27:48 ps > Also, could you let me know if you use any > uid/gid rules in your IPFW rule set? Yep. 04000 allow tcp from me to any uid squid out via xl0 setup keep-state I use this to allow squid to retrieve everything according to its own security settings. > Thanks, Thanks to you. bye av.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45E53F7D.4030703>