From owner-freebsd-questions@FreeBSD.ORG Fri Jun 13 00:04:44 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 95A1A37B401 for ; Fri, 13 Jun 2003 00:04:44 -0700 (PDT) Received: from mx1.au.itouchnet.net (nat2.au.itouchnet.net [144.135.23.100]) by mx1.FreeBSD.org (Postfix) with ESMTP id EBE2043F75 for ; Fri, 13 Jun 2003 00:04:42 -0700 (PDT) (envelope-from ajthomson@optushome.com.au) Received: from nobody by mx1.au.itouchnet.net with scanned_ok (Exim 3.36 #1) id 19Qic4-000Mwo-00 for freebsd-questions@freebsd.org; Fri, 13 Jun 2003 17:04:40 +1000 X-TLS: TLSv1:DES-CBC3-SHA:168 athomson.prv.au.itouchnet.net -> mx1.au.itouchnet.net Received: from athomson.prv.au.itouchnet.net ([192.168.13.55]) by mx1.au.itouchnet.net with esmtp (TLSv1:DES-CBC3-SHA:168) (Exim 3.36 #1) id 19Qic3-000Mwh-00 for freebsd-questions@freebsd.org; Fri, 13 Jun 2003 17:04:39 +1000 Received: from localhost ([127.0.0.1] helo=athomson.prv.au.itouchnet.net) by athomson.prv.au.itouchnet.net with esmtp (Exim 4.20) id 19Qic3-0005oW-K9 for freebsd-questions@freebsd.org; Fri, 13 Jun 2003 17:04:39 +1000 Received: (from ajt@localhost)h5D74cik022351 for freebsd-questions@freebsd.org; Fri, 13 Jun 2003 17:04:38 +1000 (EST) X-Authentication-Warning: athomson.prv.au.itouchnet.net: ajt set sender to ajthomson@optushome.com.au using -f Date: Fri, 13 Jun 2003 17:04:38 +1000 From: Andrew Thomson To: freebsd-questions@freebsd.org Message-ID: <20030613070438.GO15745@athomson.prv.au.itouchnet.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.1i X-Checked: Scanned for any viruses and unauthorized attachments at mx1.au.itouchnet.net X-iScan-ID: 88210-1055487880-18996@mx1.au.itouchnet.net version $Name: REL_2_0_2 $ Subject: more transparent proxy and squid questions. X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Jun 2003 07:04:44 -0000 I'm not looking for help at setting this up as such, but rather a better understanding of what's happening to the packets in this situation. I have a freebsd firewall/gateway box. I then fwd the port 80 requests to the squid box on port 3128 squid then i imagine process the request.. does squid then make the same http request with it's ip as the source? perhaps an illustration might be helpful. wall/gwy = 192.168.1.1 squid = 192.168.1.2 user = 192.168.1.3 user makes an http request. ipfw rule on wall diverts to squid: ipfw add 50 fwd 192.168.1.2,3128 tcp from any to any 80 does squid then make the request with it's ip? thus we'd need something like, ipfw add 45 allow tcp from 192.168.1.2 to any 80 squid updates the cache/passes the data back to the user?? thanks, ajt.