Date: Fri, 30 Mar 2007 17:20:02 +0800 From: "he ccjj" <heccjj1@gmail.com> To: freebsd-questions@freebsd.org Subject: freebsd + squid + pf problem Message-ID: <6f9d8a50703300220p15705167h72e6491e3c1790da@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
I use freebsd + squid + pf to setup a transprarent proxy box.
my /etc/pf.conf:
ext_if="{fxp0}"
int_if="{em0}"
int_net="{192.168.100.254/16}"
icmp_types="echoreq"
set block-policy return
set optimization aggressive
set skip on lo0
scrub in
nat on $ext_if from $int_net to any -> $ext_if
rdr pass on $int_if inet proto tcp from $int_net to any port http ->
127.0.0.1 port 8080
antispoof quick for $ext_if inet
pass in on $ext_if keep state
pass out on $ext_if keep state
pass in on $int_if keep state
pass out on $int_if keep state
main parts of my /usr/local/etc/squid/squid.conf:
http_port localhost:8080 transparent
visible_hostname proxy
acl all src 0.0.0.0/0.0.0.0
......
http_access allow all
http_reply_access allow all
icp_access allow all
miss_access allow all
always_direct allow all
now I restart pf and squid, I can visit web site from clients.But I
can't use some p2p program, like
pplive(http://www.pplive.com/en/index.html). Why?
my squid version is 2.6, I tested under freebsd 6.1 and 6.2 (all after
portsnap fetch update and portupgrade -arR).
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6f9d8a50703300220p15705167h72e6491e3c1790da>