From owner-freebsd-ipfw@FreeBSD.ORG  Wed Sep  8 22:09:23 2010
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id C4EBE10656C3
	for <freebsd-ipfw@freebsd.org>; Wed,  8 Sep 2010 22:09:23 +0000 (UTC)
	(envelope-from rigstars@gmail.com)
Received: from mail-ww0-f50.google.com (mail-ww0-f50.google.com [74.125.82.50])
	by mx1.freebsd.org (Postfix) with ESMTP id 5D41E8FC08
	for <freebsd-ipfw@freebsd.org>; Wed,  8 Sep 2010 22:09:22 +0000 (UTC)
Received: by wwb18 with SMTP id 18so606314wwb.31
	for <freebsd-ipfw@freebsd.org>; Wed, 08 Sep 2010 15:09:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:mime-version:received:received:date:message-id
	:subject:from:to:content-type;
	bh=+hWZz67e5hzdbk/JnnaUvOKgabEh/OdU5jh/ca/R1eU=;
	b=XSJ0Pr1l0N3haarK0s5Gm6Cxs+AG1tjqqvZFybvJ9hFP+STPWnkarBsPYocaIavdQ1
	ombjgAa7CskOQ1zyYoAcflCyF8cykjxznWiHgAWoFtau5qpGDVuxfPyBo2SdP7deKbga
	mxomJtcNOAWE3h80NWFlXgNOD1fE7BtIHCCzY=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=mime-version:date:message-id:subject:from:to:content-type;
	b=MxxakIdQeQeDTSoxNlo7Gg0fLduKuhg4oDsDpu7LTmOWXMcvmSNeKVk/UOetoxO1/F
	F/UoqdzfgRebm9rXmtAURt/g/cEbyNe1jbSvl8VF/+9rPzaLzJw3jjviAI9FH2x6QUls
	UcnhnCTOgFFbBTwpY/T9EAs3ykuDQi4K0Lz5U=
MIME-Version: 1.0
Received: by 10.227.157.213 with SMTP id c21mr97377wbx.194.1283982392535; Wed,
	08 Sep 2010 14:46:32 -0700 (PDT)
Received: by 10.227.140.211 with HTTP; Wed, 8 Sep 2010 14:46:32 -0700 (PDT)
Date: Wed, 8 Sep 2010 17:46:32 -0400
Message-ID: <AANLkTi=9r4OK0brNKFzGC42joqa1U+_PTaXQU8y+E-+x@mail.gmail.com>
From: Tony <rigstars@gmail.com>
To: freebsd-ipfw@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Subject: All in one machine running w/ Dansguardian+Squid+IPFW
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Sep 2010 22:09:23 -0000

I have one computer that has Dansguardian (127.0.0.1:8888) and Squid
(127.0.0.1) and IPFW installed. From the same computer, I'm trying to
redirect port 80 to Dansguardian's port 8888 using the rulesets below.
Is this possible? I read that ipfw does not allow forwarding from the same
machine. Is this true? I'm have tried both these ruleset separately and are
not getting any hits when I do ipw show. Something wrong with my rules?

Ruleset #1

ipfw add fwd 127.0.0.1:8888 tcp from 192.168.0.154 to any 80 in recv en1
ipfw add allow tcp from me to any 80 out xmit en1
ipfw add allow tcp from any 80 to me in recv en1


Ruleset#2

ipfw add allow tcp from 192.168.0.154 to any 80 out xmit en1
ipfw add fwd 127.0.0.1,8888 tcp from 192.168.0.154 to any dst-port 80
ipfw add allow tcp from any 80 to 192.168.0.154 in recv en1 established