From owner-freebsd-questions@FreeBSD.ORG Thu Jun 12 14:34:22 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F2E0737B401 for ; Thu, 12 Jun 2003 14:34:21 -0700 (PDT) Received: from mail.crc.co.za (mail.crc.co.za [196.36.165.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3B5D943FAF for ; Thu, 12 Jun 2003 14:34:15 -0700 (PDT) (envelope-from doron@home.crc.co.za) Received: (from root@localhost) by mail.crc.co.za (8.12.9/8.12.9) id h5CLYBHA010704; Thu, 12 Jun 2003 23:34:11 +0200 (SAST) (envelope-from doron@home.crc.co.za) Received: from home.crc.co.za (home.crc.co.za [196.36.165.34]) by mail.crc.co.za (8.12.9/8.12.8) with ESMTP id h5CLY1Tw010680; Thu, 12 Jun 2003 23:34:05 +0200 (SAST) (envelope-from doron@home.crc.co.za) Received: (from root@localhost) by home.crc.co.za (8.12.9/8.12.9) id h5CLXvXN045571; Thu, 12 Jun 2003 23:33:57 +0200 (SAST) (envelope-from doron@home.crc.co.za) Received: from dman ([192.168.1.8]) by home.crc.co.za (8.12.9/8.12.9) with ESMTP id h5CLXpkB045547; Thu, 12 Jun 2003 23:33:51 +0200 (SAST) (envelope-from doron@home.crc.co.za) From: "Doron Shmaryahu" To: "'Bill Moran'" , "'Kliment Andreev'" Date: Thu, 12 Jun 2003 23:33:50 +0200 Message-ID: <000001c3312a$51354960$0801a8c0@dman> MIME-Version: 1.0 X-scanner: scanned by Inflex 1.0.10 - (http://pldaniels.com/inflex/) Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4510 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 In-Reply-To: <3EE8C904.9000504@potentialtech.com> Importance: Normal X-scanner: scanned by Inflex 1.0.12.3 - (http://pldaniels.com/inflex/) cc: freebsd-questions@freebsd.org Subject: RE: ipfw + squid X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Jun 2003 21:34:22 -0000 Hi, This rule works for 00050 7660668 803774726 fwd 127.0.0.1,3128 tcp from any to any 80 what I would suggest is go to www.squid-cache.org and under the FAQ the = have transparent caching with Freebsd. Follow it step by step it works 100%. Kind Regards Doron Shmaryahu -----Original Message----- From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd-questions@freebsd.org] On Behalf Of Bill Moran Sent: 12 June 2003 08:40 PM To: Kliment Andreev Cc: freebsd-questions@freebsd.org Subject: Re: ipfw + squid Kliment Andreev wrote: > I have ipfw + squid (ext NIC: fxp0, int NIC: dc0). Squid is listening = on > port 3128. >=20 > Using ipfilter I will do >=20 > rdr dc0 0/0 port 80 -> 127.0.0.1 port 3128 tcp >=20 > How can I do this in ipfw >=20 > 00050 36764 12234591 divert 8668 ip from any to any via fxp0 > ---->>>>>> 00060 0 0 divert 80 tcp from any to any 3128 > 00100 4732 13839892 allow ip from any to any via lo0 > 00200 0 0 deny ip from any to 127.0.0.0/8 > 00300 0 0 deny ip from 127.0.0.0/8 to any > 65000 53018 18345167 allow ip from any to any > 65535 1 328 allow ip from any to any >=20 >=20 > Line 60 doesn't seem to work for me. Nope. You don't do it with an IPFW rule, you need to pass instructions to natd. The canonical way to do this is in /etc/rc.conf. Add a line like: natd_flags=3D"-redirect_port tcp 127.0.0.1:80 3128" If you already have a natd_flags=3D line in rc.conf, just add that to it. Also read the man page on natd for more details. --=20 Bill Moran Potential Technologies http://www.potentialtech.com _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to = "freebsd-questions-unsubscribe@freebsd.org"