From owner-freebsd-questions Thu May 10 12:51:17 2001 Delivered-To: freebsd-questions@freebsd.org Received: from eltex.ru (eltex-gw2.nw.ru [195.19.203.86]) by hub.freebsd.org (Postfix) with ESMTP id 389B137B422 for ; Thu, 10 May 2001 12:51:14 -0700 (PDT) (envelope-from amil@eltex.ru) Received: from gadget.eltex.ru (root@gadget.eltex.ru [195.19.198.14]) by eltex.ru (8.9.3/8.9.3) with SMTP id XAA09950 for ; Thu, 10 May 2001 23:43:41 +0400 (MSD) Received: by gadget.eltex.ru (ssmtp TIS-0.5alpha, 19 Oct 1998); Thu, 10 May 2001 23:48:41 +0400 Received: from undisclosed-intranet-sender id xma013015; Thu, 10 May 01 23:48:14 +0400 From: Alexandr Alov Organization: Eltex TC To: freebsd-questions@freebsd.org Subject: squid & ipf Date: Thu, 10 May 2001 23:38:36 +0400 X-Mailer: KMail [version 1.0.28] Content-Type: text/plain MIME-Version: 1.0 Message-Id: <01051023505001.00278@max.myhome.ru> Content-Transfer-Encoding: 8bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hello ! Now i am install ipf . I have two network cards in one server ed0 --- 193.163.3.1/24 ----- InterNET ed1 --- 192.168.1.1/24 ----- LAN server have squid for cache LAN i am write next : pass in proto tcp from any to 193.163.3.1 port = 3128 flags A/A pass out proto tcp from 193.163.3.1 port = 3128 to any flags A/A pass in proto udp from any to 193.163.3.1 port = 3130 pass out proto udp from 193.163.3.1 port = 3130 to any But this is don't work :(( If clients setup proxy server ---- not connect to InterNET How i can write rules in ipf that sqid will invisible on InteNET and granted for LAN ? Thanks. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message