From owner-freebsd-questions@FreeBSD.ORG Thu Jun 12 11:31:34 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5E07B37B401 for ; Thu, 12 Jun 2003 11:31:34 -0700 (PDT) Received: from aibo.runbox.com (cujo.runbox.com [193.71.199.138]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6AD7D43FDF for ; Thu, 12 Jun 2003 11:31:33 -0700 (PDT) (envelope-from klimenta@futurebit.com) Received: from [10.9.9.9] (helo=fetch-bak.runbox.com) by lufsen.runbox.com with esmtp (Exim 4.14) id 19QWrD-0006Mf-Sf for freebsd-questions@FreeBSD.ORG; Thu, 12 Jun 2003 20:31:31 +0200 Received: from [12.33.76.83] (helo=klimenta) (Authenticated Sender=klimenta@runbox.com) by fetch.runbox.com with asmtp (Exim 4.14) id 19QWqG-0007RN-Ir for freebsd-questions@FreeBSD.ORG; Thu, 12 Jun 2003 20:30:32 +0200 Message-ID: <000501c33111$4a89dd60$ca0110ac@vinyl.tkvbp.com> From: "Kliment Andreev" To: Date: Thu, 12 Jun 2003 14:34:38 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-5" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 X-Sender: 202020 Subject: ipfw + squid X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Jun 2003 18:31:34 -0000 I have ipfw + squid (ext NIC: fxp0, int NIC: dc0). Squid is listening on port 3128. Using ipfilter I will do rdr dc0 0/0 port 80 -> 127.0.0.1 port 3128 tcp How can I do this in ipfw 00050 36764 12234591 divert 8668 ip from any to any via fxp0 ---->>>>>> 00060 0 0 divert 80 tcp from any to any 3128 00100 4732 13839892 allow ip from any to any via lo0 00200 0 0 deny ip from any to 127.0.0.0/8 00300 0 0 deny ip from 127.0.0.0/8 to any 65000 53018 18345167 allow ip from any to any 65535 1 328 allow ip from any to any Line 60 doesn't seem to work for me. Thanks!