From owner-freebsd-questions Thu Feb 1 13:15:51 2001 Delivered-To: freebsd-questions@freebsd.org Received: from syncopation-01.iinet.net.au (syncopation-01.iinet.net.au [203.59.24.37]) by hub.freebsd.org (Postfix) with SMTP id 96D2937B65D for ; Thu, 1 Feb 2001 13:15:28 -0800 (PST) Received: (qmail 17954 invoked by uid 666); 1 Feb 2001 21:22:50 -0000 Received: from reggae-03-33.nv.iinet.net.au (HELO elischer.org) (203.59.78.33) by mail.m.iinet.net.au with SMTP; 1 Feb 2001 21:22:50 -0000 Message-ID: <3A79D1D8.3FC5BF70@elischer.org> Date: Thu, 01 Feb 2001 13:15:04 -0800 From: Julian Elischer X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 5.0-CURRENT i386) X-Accept-Language: en, hu MIME-Version: 1.0 To: mi@aldan.algebra.com Cc: questions@freebsd.org, net@freebsd.org Subject: Re: transparent proxying through a separate machine References: <200102012103.f11L3nP50702@misha.privatelabs.com> Content-Type: text/plain; charset=iso-8859-15 Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG mi@aldan.algebra.com wrote: > > Hello! > > We have a single firewall machine and a _separate_ machine running > squid proxy (both servers are on the same network wire). > > How do I catch all of the outgoing http requests and send them through > squid? > > I tried > > ipfw add fwd squid,3128 tcp from any to any http > > but it does not seem to work -- squid never gets contacted. All of the > recipes out there describe the setups with squid and the firewall being > on the same machine. What else do I need to do? Thanks! Oh yeah, you need to make you rules only catch the packets from the clients, otherwise you will catch your own cache requests from squid. so you must allow the requests from 'squid' to avoid being forwarded back to squid.. > > -mi > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message -- __--_|\ Julian Elischer / \ julian@elischer.org ( OZ ) World tour 2000-2001 ---> X_.---._/ v To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message